Service Mesh: Zomwe Wopanga Mapulogalamu Onse Ayenera Kudziwa Zokhudza Ukadaulo Wotentha Kwambiri

Zindikirani. transl.: Utumiki wa mauna ndi chodabwitsa chomwe sichinamasuliridwe mokhazikika mu Chirasha (zaka 2 zapitazo tidasankha njira ya "ma mauna a ntchito", ndipo patapita nthawi anzako ena adayamba kulimbikitsa kuphatikiza "sieve yautumiki"). Kulankhula kosalekeza za teknolojiyi kwachititsa kuti zinthu zamalonda ndi zamakono zikhale zogwirizana kwambiri. Nkhani yabwinoyi yochokera kwa m'modzi mwa olemba mawu oyambilira cholinga chake ndi kupereka kumveka kwa mainjiniya ndi ena.

Comic kuchokera Sebastian Caceres

Mau oyamba

Ngati ndinu injiniya wa mapulogalamu omwe akugwira ntchito kwinakwake m'malo a backend system, mawu oti "service mesh" mwina akhazikika kale m'maganizo mwanu zaka zingapo zapitazi. Chifukwa cha zochitika zachilendo, mawuwa akutenga malonda mowonjezereka, ndipo zokopa ndi zotsatsa zomwe zimagwirizanitsidwa nazo zikukula ngati chipale chofewa chowuluka kutsika ndipo sichikuwonetsa zizindikiro za kuchepa.

Service mesh idabadwira m'madzi osasunthika, osakondera achilengedwe amtambo. Tsoka ilo, izi zikutanthauza kuti mikangano yambiri yozungulira imachokera ku "kulankhula kwa kalori yochepa" kupita ku-kugwiritsa ntchito mawu aukadaulo-zachabechabe. Koma ngati mutadula phokoso lonse, mudzapeza kuti mauna a utumiki ali ndi ntchito yeniyeni, yofotokozedwa komanso yofunika kwambiri.

Mu positi iyi, ndiyesera kuchita izi: perekani chiwongolero chowona mtima, chozama, chokhazikika cha mainjiniya pama mesh. Sindingoyankha funso: "Ndi chiyani?", - komanso "Chifukwa chiyani?"ndipo "Chifukwa chiyani tsopano?". Pomaliza, ndiyesera kufotokoza chifukwa chake (m'malingaliro anga) ukadaulo wamtunduwu wayambitsa chipwirikiti chotere, yomwe ili nkhani yosangalatsa yokha.

Ndine ndani?

Moni nonse! Dzina langa ndi William Morgan. Ndine m'modzi mwa olenga Linkerd - pulojekiti yoyamba ya mesh ndi pulojekiti yomwe ili ndi mlandu pakuwonekera kwa nthawiyo utumiki mauna monga choncho (pepani anyamata!). (Onani transl.: Mwa njira, kumayambiriro kwa kuwonekera kwa mawuwa, zaka zoposa 2,5 zapitazo, tamasulira kale zolemba zoyambirira za wolemba yemweyo wakuti "Kodi mesh service ndi chiyani ndipo ndichifukwa chiyani ndikufunika [yogwiritsa ntchito pamtambo yokhala ndi ma microservices]?".) Inenso mutu Zosangalatsa ndikuyambitsa komwe kumapanga zinthu zozizira za mauna ngati Linkerd ndi Dive.

Mutha kuganiza kuti ndili ndi malingaliro okondera komanso omvera pankhaniyi. Komabe, ndiyesetsa kusunga kukondera pang'ono (kupatula gawo limodzi: "N'chifukwa chiyani pali nkhani zambiri zokhudza mesh?", - momwe ndikadagawana malingaliro anga omwe ndidakhala nawo). Ndichitanso zotheka kuti bukhuli likhale ndi cholinga momwe ndingathere. Kwa zitsanzo zenizeni, ndidzadalira zomwe Linkerd adakumana nazo, ndikuwonetsa kusiyana (ngati kulipo) komwe ndikudziwa pakukhazikitsa mitundu ina ya mauna.

Chabwino, nthawi yoti mupite ku zabwino.

Kodi mauna a service ndi chiyani?

Ngakhale pali hype, kapangidwe ka mesh service ndi kophweka. Awa ndi gulu la ma proxies omwe ali "pafupi ndi" mautumiki (tilankhula pang'ono za zomwe "zotsatira" zili pambuyo pake), kuphatikiza njira zowongolera. Ma proxies amatchedwa pamodzi ndege ya data, ndipo njira zowongolera zimatchedwa ndege yoyang'anira. Ndege ya data imadula mafoni pakati pa mautumiki ndikuchita "mitundu yonse ya zinthu zosiyanasiyana" nawo; Ndege yolamulira, motero, imagwirizanitsa khalidwe la proxy ndikupereka mwayi kwa inu, i.e. opareta, ku API, kulola netiweki kusinthidwa ndikuyezedwa yonse.

Kodi proxy iyi ndi yotani? Iyi ndi projekiti ya Layer 7-aware TCP (mwachitsanzo, "kuganizira" gawo 7 la mtundu wa OSI) monga HAProxy ndi NGINX. Mutha kusankha proxy yomwe mukufuna; Linkerd imagwiritsa ntchito proxy ya Rust, yongotchulidwa linkard-proxy. Timayika pamodzi kuti tigwiritse ntchito ma mesh. Ma meshes ena amakonda ma proxies ena (Envoy ndi chisankho chofala). Komabe, kusankha proxy ndi nkhani chabe kukhazikitsa.

Kodi ma proxy seva amachita chiyani? Mwachiwonekere, ma projekiti amayitanira kupita ndi kuchokera ku mautumiki (kunena mosapita m'mbali, amakhala ngati ma proxies ndi ma proxies obwerera kumbuyo, akugwira mafoni obwera ndi otuluka). Ndipo amagwiritsa ntchito mawonekedwe omwe amayang'ana pa mafoni pakati pa ntchito. Kuyang'ana kwa kuchuluka kwa magalimoto pakati pa mautumikiwa ndizomwe zimasiyanitsa projekiti ya ma mesh kuchokera, kunena, zipata za API kapena ma proxies olowera (zotsatirazi zimayang'ana mafoni omwe amabwera mgulu lakunja). (Zindikirani. transl.: Kuti mufananize olamulira a Ingress omwe alipo a Kubernetes, ambiri omwe amagwiritsa ntchito nthumwi yomwe yatchulidwa kale, onani nkhaniyi.)

Chifukwa chake, takonza ndege ya data. Ndege yowongolera ndiyosavuta: ndi gulu la zigawo zomwe zimapereka makina onse omwe ndege ya data ikufunika kuti igwire ntchito molumikizana, kuphatikiza kupeza ntchito, kupereka ziphaso za TLS, kuphatikizika kwa metric, ndi zina zotero. Ndege ya data imadziwitsa oyendetsa ndege za khalidwe lake; nawonso, ndege yolamulira imapereka API yomwe imakulolani kuti musinthe ndikuyang'anira khalidwe la ndege ya data yonse.

Pansipa pali chithunzi cha ndege yowongolera ndi ndege ya data ku Linkerd. Monga mukuonera, ndege yolamulira imaphatikizapo zigawo zingapo zosiyana, kuphatikizapo chitsanzo cha Prometheus chomwe chimasonkhanitsa ma metrics kuchokera ku ma seva ovomerezeka, komanso zigawo zina monga destination (kupeza ntchito), identity (ulamuliro wa satifiketi, CA) ndi public-api (mapeto a intaneti ndi CLI). Mosiyana ndi izi, ndege ya data ndi njira yosavuta yolumikizirana pafupi ndi pulogalamuyo. Ichi ndi chithunzi chomveka; Pakutumizidwa kwapadziko lonse lapansi, mutha kukhala ndi zofananira zitatu zagawo lililonse lowongolera ndege ndi mazana kapena masauzande a proxies mundege ya data.

(Makona a buluu pachithunzichi akuyimira malire a Kubernetes pods. Mutha kuwona kuti zotengera zomwe zili ndi linkerd-proxy zili mu pod yemweyo ndi zotengerazo. Chiwembuchi chimadziwika kuti chotengera cha sidecar.)

Kapangidwe ka ma mesh a service ali ndi zofunikira zingapo. Choyamba, popeza ntchito ya projekiti ndikuyimitsa mafoni pakati pa mautumiki, ma mesh amangomveka ngati pulogalamu yanu idapangidwira ntchito zina. Mesh mungathe gwiritsani ntchito ndi monoliths, koma izi ndizosafunikira chifukwa cha projekiti imodzi imodzi, ndipo magwiridwe ake sangakhale ofunikira.

Chotsatira china chofunikira ndikuti ma mesh a service amafunikira chachikulu chiwerengero cha ma proxies. M'malo mwake, Linkerd imamangirira cholumikizira cholumikizira pazochitika zilizonse zautumiki uliwonse (zokhazikitsa zina zimawonjezera woyimira pa node/host/makina apafupi. Ndizo zambiri). Kugwiritsa ntchito ma proxies pakokha kumakhala ndi zovuta zina zingapo:

1. Ma proxies mu ndege ya data ayenera kukhala kudya, popeza kuyimba kulikonse pali mafoni angapo kwa woyimira: imodzi kumbali ya kasitomala, imodzi kumbali ya seva.
2. Komanso ma proxies ayenera kukhala yaying'ono и opepuka. Iliyonse imawononga kukumbukira ndi zida za CPU, ndipo kugwiritsa ntchito uku kumakula molingana ndi pulogalamuyi.
3. Mudzafunika njira yotumizira ndikusintha ma proxies ambiri. Kuchita izo pamanja si njira.

Nthawi zambiri, mauna othandizira amawoneka chonchi (makamaka pakuwona kwa mbalame): mumagwiritsa ntchito ma proxies ambiri omwe "amachita zinazake" ndi magalimoto amkati, apakati, ndikugwiritsa ntchito ndege yowongolera kuti aziyang'anira ndikuwongolera.

Tsopano ndi nthawi yofunsa funso "Chifukwa chiyani?"

Kodi ma mesh ndi chiyani?

Iwo omwe adayamba kukumana ndi lingaliro la mesh yautumiki amatha kukhululukidwa chifukwa chokhala ndi nkhawa pang'ono. Mapangidwe a ma mesh amatanthawuza kuti sikungowonjezera latency mukugwiritsa ntchito, komanso kudzatero dya zothandizira ndi adzawonjezera mulu wa njira zatsopano mu zomangamanga. Choyamba mumakhazikitsa ma mesh, kenako mwadzidzidzi mumapeza kuti mukufunika kugwiritsa ntchito ma proxies mazana (ngati si masauzande). Funso nlakuti, ndani angachite izi mwakufuna kwake?

Yankho la funsoli lili ndi magawo awiri. Choyamba, ndalama zogulira zomwe zimagwirizanitsidwa ndi kutumizira ma proxies zitha kuchepetsedwa kwambiri chifukwa cha kusintha kwina komwe kumachitika mu chilengedwe (zambiri pambuyo pake).

Kachiwiri, chipangizo chonga ichi ndi njira yabwino yodziwitsira malingaliro owonjezera mudongosolo. Osati kokha chifukwa mesh yautumiki imatha kuwonjezera magwiridwe antchito ambiri, komanso chifukwa imatha kuchitika popanda kusokoneza chilengedwe. M'malo mwake, mtundu wonse wa ma mesh wautumiki umachokera pamalingaliro awa: mu multiservice system, zivute zitani chitani ntchito payekha, magalimoto pakati pawo ndiye mfundo yoyenera kuwonjezera magwiridwe antchito.

Mwachitsanzo, mu Linkerd (monga ma meshes ambiri) magwiridwe antchito amayang'ana kwambiri pama foni a HTTP, kuphatikiza HTTP/2 ndi gRPC*. Magwiridwe ake ndi olemera - akhoza kugawidwa m'magulu atatu:

1. Zokhudzana ndi kudalirika. Zopempha mobwerezabwereza, kutha kwa nthawi, njira ya canary (kugawanika kwa magalimoto / kuwongoleranso), ndi zina.
2. Zokhudzana ndi kuyang'anira. Kuphatikizika kwa ziwongola dzanja, kuchedwa ndi kuchuluka kwa zopempha zautumiki uliwonse kapena njira zapayekha; kupanga mapu a topological of services, etc.
3. Zokhudzana ndi chitetezo. Mutual TLS, control access, etc.

* Kuchokera pamawonedwe a Linkerd, gRPC siyosiyana kwenikweni ndi HTTP/2: imangogwiritsa ntchito protobuf pakulipira. Kuchokera pamalingaliro a wopanga, zinthu ziwirizi ndizosiyana.

Zambiri mwazinthuzi zimagwira ntchito pazopempha (motero "L7 proxy"). Mwachitsanzo, ngati ntchito ya Foo ikuyitanira HTTP ku ntchito ya Bar, cholumikizira cholumikizira kumbali ya Foo chimatha kuwongolera katundu wanzeru ndikuyimbira maulendo kuchokera ku Foo kupita ku Bar kutengera kuchedwa komwe kwawonedwa; ikhoza kubwereza pempho ngati kuli kofunikira (ndipo ngati ilibe mphamvu); imatha kulemba nambala yoyankha ndi nthawi yomaliza, ndi zina. Momwemonso, wolozerani wolumikizira kumbali ya Bar akhoza kukana pempho ngati sililoledwa kapena malire a pempho adutsa; akhoza kulemba kuchedwa kwa mbali yake, etc.

Ma proxies amathanso "kuchita china chake" pamlingo wolumikizira. Mwachitsanzo, thirakiti yolumikizira kumbali ya Foo imatha kuyambitsa kulumikizana kwa TLS, ndipo choyimira cholumikizira kumbali ya Bar chikhoza kuyithetsa, ndipo mbali zonse ziwiri zitha kutsimikizira ziphaso za TLS* za wina ndi mnzake. Izi sizimapereka kubisa kokha pakati pa mautumiki, komanso njira yotetezeka yodziwira mautumiki: Foo ndi Bar akhoza "kutsimikizira" kuti iwo ndi omwe amati ali.

* "Kugwirizana kwa bwenzi" kumatanthauza kuti satifiketi ya kasitomala imatsimikiziridwanso (mutual TLS). Mu "classic" TLS, mwachitsanzo pakati pa osatsegula ndi seva, satifiketi ya mbali imodzi yokha (seva) nthawi zambiri imatsimikiziridwa.

Kaya zimagwira ntchito pazopempha kapena mulingo wolumikizana, ndikofunikira kutsindika kuti ntchito zonse za mesh zautumiki zili zogwira ntchito khalidwe. Linkerd sangathe kusintha semantics ya malipiro - mwachitsanzo, kuwonjezera minda ku chidutswa cha JSON kapena kusintha kwa protobuf. Tidzakambirana za mbali yofunikayi pambuyo pake tikamalankhula za ESB ndi middleware.

Uwu ndi mndandanda wazinthu zomwe mesh ya service imapereka. Funso likubuka: bwanji osawagwiritsa ntchito mwachindunji pakugwiritsa ntchito? Ndipo bwanji mukuvutikira ndi proxy konse?

Chifukwa chiyani ma mesh service ndi lingaliro labwino

Ngakhale kuthekera kwa ma mesh osangalatsa kumakhala kosangalatsa, kufunikira kwake sikumakhala m'mawonekedwe ake. Pomaliza ife Kodi zigwiritseni ntchito mwachindunji (tidzawona pambuyo pake kuti ichi chinali chiyambi cha ma mesh). Kuti muyese ndikuphatikiza mu sentensi imodzi, mtengo wa mesh wautumiki ndi: imapereka zinthu zofunika kwambiri pakuyendetsa mapulogalamu amakono a seva m'njira yosasinthika pagulu lonse komanso osadalira code yogwiritsira ntchito.

Tiyeni tilingalire lingaliro ili.

«Zofunikira pakuyendetsa mapulogalamu amakono a seva" Ngati mukupanga pulogalamu ya seva yolumikizidwa ndi intaneti yapagulu, kuvomera zopempha kuchokera kumayiko akunja ndikuyankha pakanthawi kochepa - mwachitsanzo, pulogalamu yapaintaneti, seva ya API, ndi mapulogalamu ena ambiri amakono. - ndipo ngati mugwiritsa ntchito ngati gulu la mautumiki omwe amalumikizana wina ndi mzake, ndipo ngati mukusintha pulogalamuyo nthawi zonse, ndikuwonjezera zatsopano, ndipo ngati mukukakamizika kusunga dongosololi kuti lizigwira ntchito panthawi yosintha - mu izi. mlandu, zikomo, mukupanga mapulogalamu amakono a seva. Ndipo zonse zazikuluzikulu zomwe zatchulidwa pamwambapa zimakhala zovuta kwambiri kwa inu. Ntchitoyi iyenera kukhala yodalirika, yotetezeka, ndipo muyenera kuwona zomwe ikuchita. Awa ndi mafunso omwe ma mesh amathandizira kuyankha.

(Chabwino, ndime yapitayi ikuphatikizabe chikhulupiriro changa kuti njira iyi ndi njira yamakono yopangira mapulogalamu a seva. Ena amakonda kupanga monoliths, "reactive microservices" ndi zinthu zina zomwe sizikugwera pansi pa tanthawuzo lomwe laperekedwa pamwambapa. Anthu awa mwina ali ndi zawo. Malingaliro ndi osiyana ndi anga, inenso ndikuganiza kuti ndi "olakwika" - ngakhale mulimonse ma mesh sathandiza kwambiri kwa iwo).

«Uniform ya gulu lonse" Kagwiridwe ka ntchito koperekedwa ndi ma service mesh sikungofunikira mishoni. Amagwiritsidwa ntchito kuzinthu zonse zomwe zili mukugwiritsa ntchito, mosasamala kanthu za chilankhulo chomwe amalembedwa, momwe amagwiritsira ntchito, omwe adazilemba, momwe zidagwiritsidwira ntchito, ndi zina zilizonse zachitukuko ndikugwiritsa ntchito kwawo.

«Osadalira code yofunsira" Pomaliza, ma mesh a service samangopereka magwiridwe antchito mosasunthika pagulu lonse, amatero m'njira yosafunikira kuti pulogalamuyo isinthidwe. Maziko ofunikira a magwiridwe antchito a ma mesh a service, kuphatikiza ntchito za kasinthidwe, kukonzanso, kugwira ntchito, kukonza, ndi zina zotero, zimakhala papulatifomu ndipo sizidalira kugwiritsa ntchito. Pulogalamuyi imatha kusintha popanda kukhudza mauna a service. Kenako, ma mesh amatha kusintha popanda kutenga nawo mbali pakugwiritsa ntchito.

Mwachidule, ma mesh a service samangopereka magwiridwe antchito, komanso amatero padziko lonse lapansi, yunifolomu, komanso modziyimira pawokha. Chifukwa chake, ngakhale magwiridwe antchito a ma mesh amatha kukhazikitsidwa mu code yautumiki (mwachitsanzo, ngati laibulale yophatikizidwa muutumiki uliwonse), njira iyi sipereka kufanana ndi kudziyimira pawokha komwe kuli kofunikira kwambiri pakugwiritsa ntchito ma mesh.

Ndipo zomwe muyenera kuchita ndikuwonjezera gulu la ma proxies! Ndikulonjeza kuti tiwona mtengo wantchito wokhudzana ndi kuwonjezera ma proxies posachedwa. Koma choyamba tiyeni tiyime ndikuyang'ana lingaliro ili la kudziyimira pawokha kuchokera kumalingaliro osiyanasiyana. anthu.

Kodi service mesh imathandizira ndani?

Ngakhale kuti zingakhale zovuta, kuti luso lamakono likhale gawo lofunika kwambiri la chilengedwe, liyenera kuvomerezedwa ndi anthu. Ndiye ndani amene ali ndi chidwi ndi service mesh? Ndani amapindula ndi kugwiritsidwa ntchito kwake?

Ngati mukupanga mapulogalamu amakono a seva, mutha kuganiza za gulu lanu ngati gulu eni utumikiomwe pamodzi amapanga ndikukhazikitsa malingaliro abizinesi, ndi eni nsanja, kupanga nsanja yamkati yomwe mautumikiwa amagwira ntchito. M'mabungwe ang'onoang'ono, awa akhoza kukhala anthu omwewo, koma pamene kampani ikukula, maudindowa amayamba kukhala omveka kwambiri komanso amagawidwa m'magawo ang'onoang'ono ... (Pali zambiri zomwe ziyenera kunenedwa pano za kusintha kwa devops, zotsatira za bungwe la microservices, ndi zina zotero) n. Koma pakadali pano tiyeni titenge malongosoledwe awa monga momwe adaperekera).

Kuchokera pamalingaliro awa, omwe amapindula momveka bwino ndi mesh yautumiki ndi eni nsanja. Kupatula apo, pamapeto pake cholinga cha gulu la nsanja ndikupanga nsanja yamkati momwe eni ntchito amatha kukhazikitsa malingaliro abizinesi ndikuchita izi m'njira yowonetsetsa kuti ali odziyimira pawokha momwe angathere kuchokera pazambiri zantchito yake. Sikuti ma mesh a service amangopereka kuthekera kofunikira kuti akwaniritse cholinga ichi, amatero m'njira yomwe simayika kudalira eni ake.

Eni ake a mautumiki amapindulanso, ngakhale mwanjira ina yosalunjika. Cholinga cha mwiniwake wa ntchitoyo ndi kukhala wopindulitsa momwe angathere pokwaniritsa ndondomeko ya bizinesi, ndipo zochepa zomwe amayenera kudandaula za momwe angagwiritsire ntchito, zimakhala bwino. M'malo molimbana ndi kukhazikitsa, titi, yesaninso ndondomeko kapena TLS, akhoza kuyang'ana pa zolinga zamalonda ndikuyembekeza kuti nsanja idzasamalira zina. Uwu ndi mwayi waukulu kwa iwo.

Phindu la bungwe la kugawanika koteroko pakati pa eni ake a nsanja ndi mautumiki sangathe kupitirira malire. Ndikuganiza kuti amathandizira waukulu chothandizira pamtengo wa ma mesh a service.

Tidaphunzirapo phunziroli pomwe wokonda Linkerd woyambirira adatiuza chifukwa chomwe adasankhira mauna othandizira: chifukwa zimawalola "kuchepetsa malo ogulitsira." Nazi zina: anyamata ochokera kukampani ina yayikulu adasamukira ku Kubernetes. Popeza kuti pulogalamuyo inali ndi chidziwitso chovuta, iwo amafuna kubisa mauthenga onse m'magulu. Komabe, zinthu zinali zovuta chifukwa cha kupezeka kwa mazana a mautumiki ndi mazana a magulu a chitukuko. Chiyembekezo cholumikizana ndi aliyense ndikuwatsimikizira kuti aphatikizepo thandizo la TLS m'mapulani awo sichinawasangalatse konse. Pambuyo kukhazikitsa Linkerd, iwo anasamutsa udindo kuchokera kwa omanga (kuchokera momwe izi zinali zovuta zosafunikira) kupita ku nsanja, kwa omwe izi zinali zofunika kwambiri. Mwanjira ina, Linkerd sinawathetsere vuto laukadaulo ngati labungwe.

Mwachidule, mesh yautumiki ndi yankho lambiri, osati laukadaulo, koma chikhalidwe-ukadaulo Mavuto. (Zikomo Cindy Sridharan poyambitsa mawu awa.)

Kodi ma mesh amatha kuthetsa mavuto anga onse?

Inde. Ndikutanthauza, ayi!

Ngati muyang'ana magulu atatu azinthu zomwe zafotokozedwa pamwambapa - kudalirika, chitetezo, ndi kuwonetsetsa - zikuwonekeratu kuti ma mesh a service si njira yothetsera mavuto onsewa. Ngakhale Linkerd ikhoza kubwezeretsanso zopempha (ngati ikudziwa kuti ilibe mphamvu), sichikhoza kupanga zisankho za zomwe zingabwerere kwa wogwiritsa ntchito ngati ntchitoyo yalephera mpaka kalekale - zisankhozo ziyenera kupangidwa ndi ntchitoyo. Linkerd ikhoza kusunga ziwerengero za zopempha zopambana, koma sizingatheke kuyang'ana ntchitoyo ndikupereka ma metrics ake amkati - ntchitoyo iyenera kukhala ndi zida zoterezi. Ndipo ngakhale Linkerd imatha kukonza mTLS, mayankho achitetezo chokwanira amafunikira zambiri.

Kagawo kakang'ono kazinthu m'magawo awa operekedwa ndi ma mesh a service akugwirizana ndi mawonekedwe a nsanja. Mwa izi ndikutanthauza kuti ntchito:

1. Zopanda nzeru zamabizinesi. Momwe ma histograms oyimbira pakati pa Foo ndi Bar amapangidwira ndizodziyimira pawokha bwanji Foo akuitana Bar.
2. Zovuta kukhazikitsa bwino. Ku Linkerd, zoyesanso zimayikidwa ndi mitundu yonse ya zinthu zapamwamba monga kuyesanso bajeti (yesaninso bajeti), popeza kuti njira yosapambanitsa, yolunjika yokwaniritsa zinthu zoterozo ndithudi idzadzetsa kutulukira kwa zimene zimatchedwa “kusefukira kwa zopempha” (yesaninso mphepo yamkuntho) ndi mavuto ena omwe amafanana ndi machitidwe ogawidwa.
3. Zothandiza kwambiri zikagwiritsidwa ntchito mofanana. Njira ya TLS imakhala yomveka ngati ikugwiritsidwa ntchito kulikonse.

Popeza ntchitozi zimakhazikitsidwa pamlingo wa projekiti (osati pamlingo wogwiritsa ntchito), ma mesh amawapereka pa nsanja, osati mapulogalamu. Choncho, zilibe kanthu kuti mautumikiwa alembedwa m'chinenero chotani, amagwiritsira ntchito ndondomeko yanji, ndani adazilemba komanso chifukwa chake. Ma proxies amagwira ntchito kunja kwazinthu zonsezi, ndipo maziko ofunikira a magwiridwe antchitowa, kuphatikiza ntchito zosinthira, kukonza, kugwira ntchito, kukonza, ndi zina zambiri, zili papulatifomu yokha.

Zitsanzo za luso la ma mesh a service

Mwachidule, ma mesh a service si njira yothetsera kudalirika, kuwonedwa, kapena chitetezo. Kukula kwa maderawa kumafuna kutengapo gawo kwa eni ntchito, magulu a Ops/SRE ndi mabungwe ena amakampani. Ukonde wautumiki umangopereka "gawo" lapapulatifomu pagawo lililonse.

Chifukwa chiyani ma mesh a service atchuka pompano?

Pofika pano mwina mukuganiza kuti: chabwino, ngati ma mesh ndi abwino kwambiri, bwanji sitinayambe kutumiza mamiliyoni a proxies mu stack zaka khumi zapitazo?

Pali yankho la banal ku funso ili: zaka khumi zapitazo aliyense anamanga monoliths, ndipo palibe amene ankafunikira mauna a utumiki. Izi ndi zoona, koma m'malingaliro mwanga yankho ili likuphonya mfundo. Ngakhale zaka khumi zapitazo, lingaliro la microservices monga njira yodalirika yopangira machitidwe akuluakulu adakambidwa kwambiri ndikugwiritsidwa ntchito pamakampani monga Twitter, Facebook, Google ndi Netflix. Malingaliro ambiri - makamaka m'magawo amakampani omwe ndidakumana nawo - anali akuti ma microservices anali "njira yoyenera" yopangira machitidwe akuluakulu, ngakhale zinali zovuta kwambiri.

Zachidziwikire, ngakhale zaka khumi zapitazo panali makampani omwe amagwiritsa ntchito ma microservices, samamatira ma proxies kulikonse komwe angathe kuti apange ma mesh. Komabe, ngati mutayang'anitsitsa, adachita zofanana: ambiri mwa makampaniwa ankafuna kugwiritsa ntchito laibulale yapadera yamkati yolumikizirana pa intaneti (yomwe nthawi zina imatchedwa laibulale yamakasitomala, mafuta kasitomala library).

Netflix inali ndi Hysterix, Google inali ndi Stubby, Twitter inali ndi laibulale ya Finagle. Mwachitsanzo, Finagle inali yovomerezeka pa ntchito iliyonse yatsopano pa Twitter. Idagwira mbali zonse za kasitomala ndi seva zolumikizirana, zololedwa kupemphedwa mobwerezabwereza, njira zopempha zothandizira, kusanja katundu ndi kuyeza. Zinapereka kusanjikiza kokhazikika komanso kuwonetseredwa pagulu lonse la Twitter, mosasamala kanthu za zomwe ntchitoyo ikuchita. Zachidziwikire, zidangogwira ntchito m'zilankhulo za JVM ndipo zidatengera mtundu wamapulogalamu omwe amayenera kugwiritsidwa ntchito pakugwiritsa ntchito konse. Komabe, magwiridwe antchito ake anali ofanana ndi a mesh yautumiki. (M'malo mwake, mtundu woyamba wa Linkerd unali Finagle wokutidwa ndi mawonekedwe a proxy.)

Chifukwa chake, zaka khumi zapitazo panalibe ma microservices okha, komanso malaibulale apadera a proto-service-mesh omwe amathetsa mavuto omwewo omwe ma mesh amathetsa masiku ano. Komabe, ma mesh a utumikiwo panalibe panthawiyo. Pankayenera kuti pakhale kusintha kwina kuti awonekere.

Ndipo apa ndi pamene yankho lakuya lagona, lobisika mu kusintha kwina komwe kwachitika zaka 10 zapitazi: mtengo wotumizira ma microservices watsika kwambiri. Makampani omwe atchulidwa pamwambapa omwe adagwiritsa ntchito ma microservices zaka khumi zapitazo - Twitter, Netflix, Facebook, Google - anali makampani azinthu zazikulu komanso zochulukirapo. Sanali ndi chosowa chokha, komanso kuthekera komanga, kutumiza, ndikugwiritsa ntchito ntchito zazikulu zozikidwa ndi ma microservices. Mphamvu ndi kuyesetsa zomwe akatswiri a Twitter adayika kuti achoke ku monolithic kupita ku njira ya microservices ndizodabwitsa. (Kunena chilungamo, momwemonso kuti zidatheka.) Njira zoyendetsera izi zinali zosatheka kwa makampani ang'onoang'ono.

Mofulumira mpaka pano. Pali zoyambira masiku ano pomwe chiŵerengero cha ma microservices kwa opanga ndi 5: 1 (kapena ngakhale 10:1), ndipo koposa zonse, amalimbana nawo bwino! Ngati kuyambika kwa anthu 5 kumatha kugwiritsa ntchito ma microservices 50 mosavuta, ndiye kuti china chake chachepetsa mtengo wokhazikitsa.

1500 microservices ku Monzo; mzere uliwonse ndi lamulo laukonde loperekedwa lomwe limalola magalimoto

Kutsika kwakukulu kwamitengo yogwiritsira ntchito ma microservices ndi zotsatira za njira imodzi: kukula kutchuka kwa zotengera и oyimba nyimbo. Ili ndiye yankho lozama ku funso la zomwe zidathandizira kuti ma mesh a service awoneke. Ukadaulo womwewo udapangitsa ma meshes ndi ma microservices kukhala okongola: Kubernetes ndi Docker.

Chifukwa chiyani? Chabwino, Docker amathetsa vuto limodzi lalikulu - vuto loyika. Pakuyika pulogalamu ndi kudalira kwake (kosakhala pa netiweki) kukhala chidebe, Docker amasintha pulogalamuyo kukhala gawo losinthika lomwe limatha kuyendetsedwa ndikuyendetsedwa kulikonse. Nthawi yomweyo, imathandizira kwambiri ntchito zinenero zambiri Stack: Chifukwa chidebe ndi gawo la atomiki lophatikizika, pakugwiritsa ntchito komanso ntchito, zilibe kanthu zomwe zili mkati, kaya ndi JVM, Node, Go, Python, kapena Ruby application. Inu mungoyambitsa izo ndipo ndi zimenezo.

Kubernetes amatenga chilichonse kupita pamlingo wina. Tsopano popeza pali matani a "zinthu zoyendetsera" ndi matani a makina oti aziyendetsa, pakufunika chida chomwe chingagwirizane nazo. Mwanjira yotakata, mumapatsa Kubernetes zotengera zambiri ndi makina ambiri, ndipo zimawapanga iwo kutsutsana wina ndi mzake (zowonadi, iyi ndi njira yamphamvu komanso yosinthika nthawi zonse: zotengera zatsopano zimayenda mozungulira dongosolo, makina amayamba ndikuyimitsa. , etc. Komabe, Kubernetes amaganizira zonsezi).

Kubernetes ikangokonzedwa, mtengo wanthawi yotumizira ndikugwiritsa ntchito ntchito imodzi ndi yosiyana pang'ono ndi mtengo wotumizira ndikugwiritsa ntchito mautumiki khumi (kwenikweni, ndi ofanana ndi mautumiki a 100). Onjezani pazotengera izi ngati njira yoyikamo yomwe imalimbikitsa kukhazikitsidwa kwa zilankhulo zambiri, ndipo muli ndi mapulogalamu ambiri atsopano omwe akhazikitsidwa ngati ma microservices olembedwa m'zilankhulo zosiyanasiyana - ndendende mtundu wa malo omwe ma mesh amawayenera.

Chifukwa chake, tabwera ku yankho la funso loti chifukwa chiyani lingaliro la ma mesh lakhala lodziwika tsopano: homogeneity yomwe Kubernetes amapereka pazantchito imagwira ntchito mwachindunji pamavuto omwe ma mesh amakumana nawo. Mumayika ma proxies muzotengera, patsa Kubernetes ntchito yowamamatira kulikonse komwe angathe, ndipo voila! Zotsatira zake, mumapeza mesh yautumiki, pomwe makina onse omwe amatumizidwa amayendetsedwa ndi Kubernetes. (Osachepera pakuwona kwa diso la mbalame. Zowonadi, pali mitundu yambiri ya njirayi.)

Kuti tifotokoze mwachidule: chifukwa chomwe ma meshes amathandizira tsopano, osati zaka khumi zapitazo, ndikuti Kubernetes ndi Docker sanangowonjezeka kwambiri. chosowa mmenemo, kukhala wosalira zambiri kukhazikitsa ntchito monga seti ya zinenero zambiri microservices, komanso kuchepetsa kwambiri ndalama pakugwira ntchito kwake, ndikupereka njira zotumizira ndikuthandizira ma proxy fleets.

N'chifukwa chiyani pali nkhani zambiri zokhudza mesh?

Kupewa: M'gawoli ndimagwiritsa ntchito mitundu yonse yamalingaliro, zongopeka, zopeka komanso zambiri zamkati.

Sakani "service mesh" ndipo mupeza matani owonjezera omwe ali ndi zopatsa mphamvu zochepa, mapulojekiti odabwitsa, komanso mawonekedwe osokonekera oyenera kukhala ndi chipinda cha echo. Ukadaulo uliwonse wapamwamba kwambiri umachita izi, koma pankhani ya ma mesh vuto ndilovuta kwambiri. Chifukwa chiyani?

Chabwino, gawo lina ndi kulakwa kwanga. Ndakhala ndikugwira ntchito molimbika kuti ndilimbikitse Linkerd ndi ma mesh othandizira mwayi uliwonse womwe ndimapeza pamabulogu osawerengeka ndi zolemba ngati izi. Koma sindine wamphamvu choncho. Kuti tiyankhe funso limeneli, tiyenera kulankhula pang’ono za mmene zinthu zilili. Ndipo ndizosatheka kuyankhula za izi popanda kutchula ntchito imodzi: Istio ndi mauna otsegulira gwero opangidwa ndi Google, IBM ndi Lyft.

(Makampani atatuwa ali ndi maudindo osiyana kwambiri: Kukhudzidwa kwa Lyft kumawoneka kuti kuli m'dzina lokha; iwo ndi olemba a Envoy, koma osagwiritsa ntchito kapena kutenga nawo mbali pa chitukuko cha Istio. IBM ikukhudzidwa ndikugwiritsa ntchito chitukuko cha Istio. Google ikugwira nawo ntchito mu Istio's chitukuko , koma samachigwiritsa ntchito momwe ndingathere.)

Ntchito ya Istio ndiyodziwika pazinthu ziwiri. Choyamba, pali ntchito yayikulu yotsatsira yomwe Google, makamaka, ikuchita polimbikitsa. Ndingayerekeze kuti anthu ambiri omwe amadziwa za ma mesh service lero adaphunzirapo za Istio. Chinthu chachiwiri ndi momwe Istio adalandirira bwino. Pankhani iyi, mwachiwonekere ndine chipani chokondweretsedwa, koma kuyesera kukhalabe monga momwe ndingathere, sindingathe kuthandizabe Mark kwambiri zoipa malingaliro, osati yosiyana kwambiri (ngakhale si yapadera: systemd imabwera m'maganizo, kufanizira zidachitika kale mobwerezabwereza...) kwa polojekiti ya Open Source.

(Pochita, Istio ikuwoneka kuti ili ndi mavuto osati kokha ndi zovuta ndi UX, komanso ndi ntchito. Mwachitsanzo, pa nthawi Mawonedwe a magwiridwe antchito a LinkerdPakufufuza kwa gulu lachitatu, ofufuza adapeza zochitika zomwe Istio's tail latency inali nthawi ya 100 kuposa ya Linkerd, komanso zinthu zopanda ntchito zomwe Linkerd inapitiriza kugwira ntchito bwino pamene Istio anasiya kugwira ntchito kwathunthu.)

Kusiya malingaliro anga okhudza chifukwa chomwe izi zidachitikira, ndikukhulupirira kuti chisangalalo chochuluka chozungulira ma mesh amafotokozedwera ndi kutenga nawo gawo kwa Google. Mwakutero, kuphatikiza kwa zinthu zitatu izi:

1. Kukwezeleza movutikira kwa Google kwa Istio;
2. kutsutsa kofananirako, malingaliro otsutsa pulojekiti;
3. kukwera kwaposachedwa kwa meteoric kutchuka kwa Kubernetes, kukumbukira komwe kudakali kwatsopano.

Zonse pamodzi zinthuzi zimaphatikizana kupanga malo odabwitsa, opanda okosijeni momwe kuthekera kolingalira bwino kumachepa, ndipo mitundu yodabwitsa yokha ndiyotsalira. tulip mania.

Kuchokera pakuwona kwa Linkerd, izi ndi ... zomwe ndingafotokoze ngati madalitso osakanikirana. Ndikutanthauza, ndizabwino kuti mauna amtundu walowa m'njira zomwe sizinachitike mu 2016 pomwe Linkerd idayamba ndipo zinali zovuta kuti anthu amvetsere ntchitoyi. Tsopano palibe vuto ngati limeneli! Koma nkhani yoyipa ndiyakuti mawonekedwe a mesh mesh ndi osokoneza masiku ano kotero kuti ndizosatheka kumvetsetsa kuti ndi mapulojekiti ati omwe ali mugulu la ma mesh (osasiyapo kumvetsetsa kuti ndi iti yomwe ili yoyenera pamwambo wina wogwiritsa ntchito). Izi ndithudi ndizosokoneza kwa aliyense (ndipo pali zochitika zina zomwe Istio kapena polojekiti ina ili yoyenera kuposa Linkerd, popeza chomaliza sichili yankho lachilengedwe).

Kumbali ya Linkerd, njira yathu yakhala kunyalanyaza phokoso, kupitiriza kuyang'ana kuthetsa mavuto enieni ammudzi, ndipo makamaka kudikirira kuti hype iwonongeke. Pamapeto pake, hype idzachepa ndipo tikhoza kupitiriza kugwira ntchito modekha.

Pakali pano, tonsefe tidzafunika kuleza mtima pang’ono.

Kodi ma mesh atha kukhala othandiza kwa ine, injiniya wodzichepetsa?

Mafunso otsatirawa adzakuthandizani kuyankha funso ili:

Kodi mumangotenga nawo mbali pakukhazikitsa malingaliro abizinesi? Pankhaniyi, mauna a service sangakhale othandiza kwa inu. Izi ndiye kuti, mwina mungasangalale nazo, koma ma mesh amtunduwu sayenera kukhudza chilichonse chomwe chili mdera lanu. Pitirizani kuchita zomwe mumalipidwa kuchita.

Kodi mukuthandizira nsanja pakampani yomwe imagwiritsa ntchito Kubernetes? Inde, pamenepa mukufunikira mauna a utumiki (pokhapokha, ngati mukugwiritsa ntchito ma K8s kungoyendetsa monolith kapena batch processing - koma ndikufuna ndikufunseni chifukwa chake mukufunikira ma K8). Mutha kukhala ndi ma microservices ambiri olembedwa ndi anthu osiyanasiyana. Onse amalumikizana wina ndi mzake ndipo amamangiriridwa muzitsulo zodalira nthawi yothamanga, ndipo muyenera kupeza njira yothetsera zonsezi. Kugwiritsa ntchito Kubernetes kumakupatsani mwayi wodzisankhira ma mesh "anu." Kuti muchite izi, dziwani luso lawo ndi mawonekedwe awo ndikuyankha funso ngati ntchito iliyonse yomwe ilipo ili yoyenera kwa inu (ndikupangira kuyambitsa kafukufuku wanu ndi Linkerd).

Kodi ndinu kampani yopanga nsanja pakampani yomwe SIgwiritsa ntchito Kubernetes koma imagwiritsa ntchito ma microservices? Pankhaniyi, mesh yautumiki idzakhala yothandiza kwa inu, koma kugwiritsidwa ntchito kwake sikudzakhala kochepa. Ndithudi mungathe tsanzira ntchito ma mesh poyika gulu la ma proxies, koma mwayi wofunikira wa Kubernetes ndi njira yotumizira: kusunga pamanja ma proxies kudzafuna nthawi yochulukirapo, khama komanso ndalama.

Kodi muli ndi udindo pa nsanja mu kampani yomwe imagwira ntchito ndi monoliths? Pamenepa, mwina simufunika mauna utumiki. Ngati mukugwira ntchito ndi monoliths (kapena zosonkhanitsira za monoliths) zomwe zimafotokozedwa bwino komanso zomwe sizisintha kawirikawiri, ndiye kuti mauna amtunduwu sangakupatseni zochepa. Chifukwa chake mutha kunyalanyaza ndikuyembekeza kuti zikhala ngati loto loyipa ...

Pomaliza

Mwinanso, ma mesh operekera sikuyenera kutchedwa "ukadaulo wotsogola kwambiri padziko lapansi" - ulemu wokayikitsawu mwina ndi wa Bitcoin kapena AI. Iye mwina ali mu asanu apamwamba. Koma ngati mutadula zigawo zaphokoso, zikuwonekeratu kuti mauna a utumiki amabweretsa phindu lenileni kwa iwo omwe amamanga mapulogalamu pa Kubernetes.

Ndikufuna kuti muyese Linkerd - kuyiyika pagulu la Kubernetes (kapena Minikube pa laputopu) zimatenga pafupifupi 60 masekondi, ndipo mukhoza kudzionera nokha zimene ndikunena.

FAQ

- Ngati ndinyalanyaza mauna a utumiki, kodi zidzatha?
- Ndiyenera kukukhumudwitsani: mauna a service ali nafe kwa nthawi yayitali.

- Koma SINDIFUNA kugwiritsa ntchito ma mesh!
- Chabwino, sikofunikira! Ingowerengani mafunso anga omwe ali pamwambapa kuti mumvetsetse ngati muyenera kudziwa bwino zoyambira zake.

- Kodi iyi si ESB/middleware yakale yabwino yokhala ndi msuzi watsopano?
-Utumiki wa mesh umachita ndi malingaliro ogwirira ntchito, osati a semantic. Ichi chinali chopinga chachikulu mabasi ogwira ntchito (NDI B). Kusunga kulekanitsa kumeneku kumathandiza ma mesh a service mesh kupewa zomwe zingachitike.

- Kodi ma mesh amasiyana bwanji ndi zipata za API?
- Pali zolemba miliyoni pamutuwu. Basi Google izo.

- Envoy ndi mesh yautumiki?
- Ayi, Envoy si ma mesh, ndi seva ya proxy. Itha kugwiritsidwa ntchito kukonza mauna a ntchito (ndi zina zambiri - ndi proxy wamba). Koma palokha si mauna a utumiki.

- Network Service Mesh ndi mesh yautumiki?
- Ayi. Ngakhale dzinali, iyi si mauna othandizira (mumakonda bwanji zozizwitsa zamalonda?).

- Kodi ma mesh amathandizira ndi uthenga wanga wokhazikika pamakina a asynchronous?
- Ayi, ma mesh sangakuthandizeni.

- Ndi mauna ati omwe ndiyenera kugwiritsa ntchito?
- Linkerd, palibe nzeru.

- Nkhaniyi ndiyoyipa! / Wolemba ndiolandiridwa!
- Chonde gawani ulalo wa izo ndi anzanu onse kuti aziwona!

Zothokoza

Monga momwe mungaganizire pamutuwu, nkhaniyi idauziridwa ndi zolemba zabwino za Jay Kreps "Log: Zomwe wopanga mapulogalamu onse ayenera kudziwa zokhudza kuphatikizika kwa data munthawi yeniyeni" Ndinakumana ndi Jay zaka khumi zapitazo pamene ndinamufunsa pa Linked In ndipo wakhala akundilimbikitsa kuyambira pamenepo.

Ngakhale ndimakonda kudzitcha kuti "Linkerd developer", zenizeni ndikuti ndine wosamalira fayilo ya README.md pa ntchito. Linkerd ikugwiritsidwa ntchito lero kwambiri, kwambiri, kwambiri много anthu, ndipo pulojekitiyi sikanachitika popanda kutengapo mbali kwa gulu lodabwitsa la opereka ndi ogwiritsa ntchito.

Ndipo potsiriza, kuthokoza kwapadera kwa Mlengi wa Linkerd, Oliver Gould (primus inter pares), amene, pamodzi ndi ine zaka zambiri zapitazo, tinalowerera m’mikangano yonseyi ndi mauna a utumiki.

PS kuchokera kwa womasulira

Werenganinso pa blog yathu:

• «Kodi mesh service ndi chiyani ndipo ndichifukwa chiyani ndikufunika [yogwiritsa ntchito pamtambo yokhala ndi ma microservices]?";
• «Traefik 2.0: kusintha kwa mauna a service ndi chithandizo cha TCP ndi mawonekedwe atsopano a intaneti";
• «Maesh - mesh yosavuta yosavuta ya Kubernetes kuchokera kwa olemba Traefik";
• «Bwererani ku microservices ndi Istio. Gawo 1";
• «Conduit - ma mesh opepuka a Kubernetes".

Source: www.habr.com