Cherechedza. transl.:
Isu tinokuyeuchidza zvakare kuti chinyorwa chinoshandisa zvigadziriso (zvinoratidzwa zveKubernetes uye Istio) kubva pane repository.
Traffic Management
NeIstio, hutsva hutsva hunoonekwa musumbu kuti upe:
- Dynamic chikumbiro nzira: canary rollouts, kuongororwa kweA / B;
- Load balancing: iri nyore uye inowirirana, yakavakirwa pahashi;
- Kupora mushure mekudonha: nguva dzekupedza nguva, kuedzazve, macircuit breakers;
- Kuisa zvikanganiso: kunonoka, kudonhedza zvikumbiro, nezvimwe.
Sezvo chinyorwa chichienderera mberi, hunyanzvi uhu hucharatidzwa uchishandisa iyo yakasarudzwa application semuenzaniso uye mitsva mitsva ichaunzwa munzira. Pfungwa yekutanga yakadaro ichava DestinationRules
(i.e. mitemo ine chekuita neanotambira traffic/zvikumbiro - approx. transl.), nerubatsiro rwatinomisikidza kuongororwa kweA / B.
A/B bvunzo: DestinationMitemo mukuita
Kuedza kweA/B kunoshandiswa mumamiriro ezvinhu apo kune mavhezheni maviri echishandiso (kazhinji iwo anooneka akasiyana) uye isu hatisi 100% chokwadi kuti ndeipi ichavandudza ruzivo rwemushandisi. Naizvozvo, tinomhanyisa ese mavhezheni panguva imwe chete uye tinounganidza metrics.
Kuendesa iyo yechipiri vhezheni yekumberi, inodiwa pakuratidzira A/B bvunzo, mhanyisa unotevera kuraira:
$ kubectl apply -f resource-manifests/kube/ab-testing/sa-frontend-green-deployment.yaml
deployment.extensions/sa-frontend-green created
Iyo yekutumirwa inoratidzirwa yeiyo green vhezheni inosiyana munzvimbo mbiri:
- Mufananidzo wacho wakavakirwa pane imwe tag -
istio-green
, - Mapodhi ane chinyorwa
version: green
.
Sezvo zvese zvinotumirwa zvine label app: sa-frontend
, zvikumbiro zvinofambiswa nesevhisi chaiyo sa-external-services
zvebasa sa-frontend
, ichaendeswa kune ese zviitiko uye mutoro uchagovaniswa kuburikidza
Mafaira akakumbirwa haana kuwanikwa
Aya mafaera haana kuwanikwa nekuti ane mazita akasiyana mushanduro dzakasiyana dzekushandisa. Ngative nechokwadi cheizvi:
$ curl --silent http://$EXTERNAL_IP/ | tr '"' 'n' | grep main
/static/css/main.c7071b22.css
/static/js/main.059f8e9c.js
$ curl --silent http://$EXTERNAL_IP/ | tr '"' 'n' | grep main
/static/css/main.f87cd8c9.css
/static/js/main.f7659dbb.js
Zvinoreva kuti index.html
, kukumbira imwe shanduro ye static mafaira, inogona kutumirwa nemutoro wekuenzanisa kune pods dzine shanduro yakasiyana, apo, nokuda kwezvikonzero zvakajeka, mafaira akadaro haapo. Naizvozvo, kuitira kuti chikumbiro chishande, isu tinofanirwa kuseta chirambidzo: βiyo imwe vhezheni yeapp yakashanda index.html inofanira kuita zvikumbiro zvinotevera".
Tichasvika ikoko nekuenderana hash-based load balancing (Inoenderana Hash Loadbalancing). Mune ino kesi zvikumbiro kubva kumutengi mumwe chete zvinotumirwa kune imwechete backend muenzaniso, iyo yakafanotsanangurwa pfuma inoshandiswa - semuenzaniso, musoro weHTTP. Inoitwa uchishandisa DestinationRules.
DestinationRules
Pashure VirtualService takatumira chikumbiro kune sevhisi yaunoda, tichishandisa DestinationRules tinogona kutsanangura marongero anozoshandiswa kune traffic inoitirwa zviitiko zvesevhisi iyi:
Traffic manejimendi neIstio zviwanikwa
taura pfungwa: Mhedzisiro yezviwanikwa zveIstio pane network traffic inoratidzwa pano nenzira iri nyore kunzwisisa. Kuti zvive chaizvo, sarudzo yekuti ndeipi chiitiko chekutumira chikumbiro kunoitwa nenhume muIngress Gateway yakagadziridzwa muCRD.
NeMitemo Yekuenda, tinogona kumisa kuyera kuyera kuti tishandise hashes dzinoenderana uye tive nechokwadi chekuti sevhisi imwechete inopindura kumushandisi mumwechete. Iyo inotevera gadziriso inobvumidza iwe kuti uite izvi (
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: sa-frontend
spec:
host: sa-frontend
trafficPolicy:
loadBalancer:
consistentHash:
httpHeaderName: version # 1
1 - hashi ichagadzirwa zvichienderana nezviri mukati meHTTP musoro version
.
Isa iyo configuration nemurairo unotevera:
$ kubectl apply -f resource-manifests/istio/ab-testing/destinationrule-sa-frontend.yaml
destinationrule.networking.istio.io/sa-frontend created
Zvino mhanya murairo uri pazasi uye ita shuwa kuti unowana iwo mafaera akakodzera paunotsanangura musoro version
:
$ curl --silent -H "version: yogo" http://$EXTERNAL_IP/ | tr '"' 'n' | grep main
taura pfungwa: Kuwedzera maitiro akasiyana mumusoro uye kuyedza mhinduro zvakananga mubrowser, unogona kushandisa
Kazhinji, DestinationRules ine mamwe maitiro munzvimbo yekuremedza mitoro - tarisa kune ruzivo mukati
Tisati tadzidza VirtualService mberi, ngatidzimei "girinhi vhezheni" yekushandisa uye inoenderana netraffic gwara mutemo nekumhanyisa inotevera mirairo:
$ kubectl delete -f resource-manifests/kube/ab-testing/sa-frontend-green-deployment.yaml
deployment.extensions βsa-frontend-greenβ deleted
$ kubectl delete -f resource-manifests/istio/ab-testing/destinationrule-sa-frontend.yaml
destinationrule.networking.istio.io βsa-frontendβ deleted
Mirroring: Virtual Services in Practice
Sharing ("kudzivirira") kana Mirroring ("Mirroring") rinoshandiswa mumamiriro ezvinhu apo tinoda kuedza shanduko mukugadzirwa pasina kukanganisa vashandisi vekupedzisira: kuita izvi, tinodzokorora ("girazi") zvikumbiro kune kechipiri apo shanduko dzinodiwa dzakaitwa, uye tarisa migumisiro. Zvichitaurwa zviri nyore, apa ndipo apo waunoshanda naye anotora nyaya inonyanya kukosha uye oita chikumbiro chekudhonza muchimiro chebundu rakakura retsvina zvekuti hapana anogona kunyatso kuriongorora.
Kuti uedze chiitiko ichi muchiito, ngatigadzire yechipiri muenzaniso weSA-Logic ine bugs (buggy
) nekumhanyisa murairo unotevera:
$ kubectl apply -f resource-manifests/kube/shadowing/sa-logic-service-buggy.yaml
deployment.extensions/sa-logic-buggy created
Uye zvino ngatimhanyei murairo kuti tive nechokwadi chokuti zviitiko zvose nazvo app=sa-logic
Ivo zvakare vane mavara ane mavhezheni anoenderana:
$ kubectl get pods -l app=sa-logic --show-labels
NAME READY LABELS
sa-logic-568498cb4d-2sjwj 2/2 app=sa-logic,version=v1
sa-logic-568498cb4d-p4f8c 2/2 app=sa-logic,version=v1
sa-logic-buggy-76dff55847-2fl66 2/2 app=sa-logic,version=v2
sa-logic-buggy-76dff55847-kx8zz 2/2 app=sa-logic,version=v2
sevhisi sa-logic
zvinonangwa mapodhi ane label app=sa-logic
, saka zvikumbiro zvese zvichagoverwa pakati pezviitiko zvese:
... asi isu tinoda kuti zvikumbiro zvitumirwe kune v1 zviitiko uye kuratidzwa kune v2 zviitiko:
Tichazadzisa izvi kuburikidza neVirtualService pamwe chete neDestinationRule, apo mitemo ichasarudza ma subsets uye nzira dzeVirtualService kune imwe nzvimbo.
Kutsanangura Subsets muMitemo Yekuenda
Subsets (zvidiki) zvinotemerwa neiyo inotevera gadziriso (
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: sa-logic
spec:
host: sa-logic # 1
subsets:
- name: v1 # 2
labels:
version: v1 # 3
- name: v2
labels:
version: v2
- Host (
host
) inotsanangura kuti mutemo uyu unoshanda chete kumakesi kana nzira ichienda kushumirosa-logic
; - Mazita (
name
) ma subsets anoshandiswa paunenge uchienda kune subset zviitiko; - Label (
label
) inotsanangura makiyi-value mapeya ayo mamisheni anofanira kuenderana kuti ave chikamu chechikamu.
Isa iyo configuration nemurairo unotevera:
$ kubectl apply -f resource-manifests/istio/shadowing/sa-logic-subsets-destinationrule.yaml
destinationrule.networking.istio.io/sa-logic created
Iye zvino izvo zvidiki zvatsanangurwa, tinogona kuenderera mberi nekugadzirisa iyo VirtualService yekushandisa mitemo kune zvikumbiro kune sa-logic kuti ivo:
- Kuendeswa kune subset
v1
, - Yakaratidzwa kune chikamu chidiki
v2
.
Iyo inotevera manifesto inobvumidza iwe kuzadzisa zvirongwa zvako (
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: sa-logic
spec:
hosts:
- sa-logic
http:
- route:
- destination:
host: sa-logic
subset: v1
mirror:
host: sa-logic
subset: v2
Hapana tsananguro inodiwa pano, saka ngationei ichiita:
$ kubectl apply -f resource-manifests/istio/shadowing/sa-logic-subsets-shadowing-vs.yaml
virtualservice.networking.istio.io/sa-logic created
Ngatiwedzerei mutoro nekudaidza murairo unotevera:
$ while true; do curl -v http://$EXTERNAL_IP/sentiment
-H "Content-type: application/json"
-d '{"sentence": "I love yogobella"}';
sleep .8; done
Ngatitarisei mhedzisiro muGrafana, kwaunogona kuona kuti iyo vhezheni ine bugs (buggy
) inoguma nekukundikana kwe ~ 60% yezvikumbiro, asi hapana chimwe chezvinokanganisa izvi chinokanganisa vashandisi vekupedzisira sezvavanopindurwa nebasa rinoshanda.
Mhinduro dzakabudirira dzeshanduro dzakasiyana dzesa-logic sevhisi
Pano takatanga kuona kuti VirtualService inoshandiswa sei kune Nhume dzemasevhisi edu: rinhi sa-web-app
anoita chikumbiro kuna sa-logic
, inopfuura nepasidecar Envoy, iyo - kuburikidza neVirtualService - inogadzirirwa kuendesa chikumbiro kune v1 subset uye girazi chikumbiro kune v2 subset yebasa. sa-logic
.
Ndinoziva, iwe unogona kutofunga kuti Virtual Services iri nyore. Muchikamu chinotevera, tichawedzera pane izvozvo nekutaura kuti ivo vakanyanya chaizvo.
Canary rollouts
Canary Deployment ndiyo nzira yekuburitsa vhezheni nyowani yekushandisa kune vashoma vashoma vashandisi. Inoshandiswa kuve nechokwadi kuti hapana matambudziko mukusunungurwa uye chete mushure meizvozvo, atova nechivimbo muhutano hwayo (kusunungurwa), kugovera kune vamwe vashandisi.ΠΎvateereri vakawanda.
Kuratidza kuburitswa kwe canary, isu ticharamba tichishanda ne subset buggy
Ρ sa-logic
.
Ngatirege kutambisa nguva pazvinhu zvidiki uye nekukasira tumira makumi maviri muzana evashandisi kune vhezheni netsikidzi (izvi zvinomiririra kuburitsa kwedu canary), uye 20% yasara kune yakajairika sevhisi. Kuti uite izvi, shandisa inotevera VirtualService (
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: sa-logic
spec:
hosts:
- sa-logic
http:
- route:
- destination:
host: sa-logic
subset: v1
weight: 80 # 1
- destination:
host: sa-logic
subset: v2
weight: 20 # 1
1 uremu (weight
), iyo inotsanangura chikamu chezvikumbiro zvichaendeswa kune anogamuchira kana chikamu chidiki chemugamuchiri.
Ngatigadzirise yakapfuura VirtualService kumisikidzwa ye sa-logic
nemurairo unotevera:
$ kubectl apply -f resource-manifests/istio/canary/sa-logic-subsets-canary-vs.yaml
virtualservice.networking.istio.io/sa-logic configured
... uye isu tichakurumidza kuona kuti zvimwe zvikumbiro zvinotungamira mukukundikana:
$ while true; do
curl -i http://$EXTERNAL_IP/sentiment
-H "Content-type: application/json"
-d '{"sentence": "I love yogobella"}'
--silent -w "Time: %{time_total}s t Status: %{http_code}n"
-o /dev/null; sleep .1; done
Time: 0.153075s Status: 200
Time: 0.137581s Status: 200
Time: 0.139345s Status: 200
Time: 30.291806s Status: 500
VirtualServices inogonesa canary rollouts: Muchiitiko ichi, isu takatapudza zvinogona kuitika zvenyaya kusvika 20% yebase base. Zvinoshamisa! Iye zvino, mune zvese kana tisina chokwadi chekodhi yedu (nemamwe mazwi - nguva dzose ...), tinogona kushandisa mirroring uye canary rollouts.
Kupera uye kuedza zvakare
Asi tsikidzi hadziwanzo guma mukodhi. Muchirongwa kubva"
Nekuratidzira isu ticharamba tichishandisa iyo yakafanana dambudziko vhezheni sa-logic
(buggy
), uye isu tichatevedzera kusavimbika kwetiweki nekutadza kurongeka.
Rega sevhisi yedu ine tsikidzi ive nemukana 1/3 wekutora nguva yakarebesa kupindura, mukana 1/3 wekupedzisa neInternal Server Error, uye 1/3 mukana wekubudirira kudzorera peji.
Kudzikamisa kukanganisa kwematambudziko akadai uye kuita kuti hupenyu huve nani kune vashandisi, tinogona:
- wedzera nguva yekupedza kana sevhisi ikatora nguva yakareba kupfuura masekonzi masere kupindura,
- edzazve kana chikumbiro chakundikana.
Kuti tiite, isu tichashandisa inotevera resource tsananguro (
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: sa-logic
spec:
hosts:
- sa-logic
http:
- route:
- destination:
host: sa-logic
subset: v1
weight: 50
- destination:
host: sa-logic
subset: v2
weight: 50
timeout: 8s # 1
retries:
attempts: 3 # 2
perTryTimeout: 3s # 3
- Nguva yekupera kwechikumbiro yakaiswa kumasekonzi masere;
- Zvikumbiro zvinoedzwazve 3 nguva;
- Uye kuedza kwega kwega kunoonekwa sekusina kubudirira kana nguva yekupindura ichipfuura masekonzi matatu.
Uku ndiko optimization nekuti mushandisi haafanire kumirira anopfuura masekonzi masere uye isu tichaita mitsva mitatu yekuedza kuwana mhinduro kana ikatadza, tichiwedzera mukana wekubudirira mhinduro.
Isa iyo yakagadziridzwa gadziriso nemurairo unotevera:
$ kubectl apply -f resource-manifests/istio/retries/sa-logic-retries-timeouts-vs.yaml
virtualservice.networking.istio.io/sa-logic configured
Uye tarisa muGrafana magirafu kuti nhamba yemhinduro dzakabudirira yakawedzera pamusoro:
Kuvandudzwa kwenhamba dzemhinduro dzakabudirira mushure mekuwedzera nguva dzekubuda uye kuedza zvekare
Tisati taenda kuchikamu chinotevera (kana kuti, kune chikamu chinotevera chechinyorwa, nekuti mune izvi hapachazove nemimwe miedzo inoshanda - approx. transl.), bvisa sa-logic-buggy
uye VirtualService nekushandisa mirairo inotevera:
$ kubectl delete deployment sa-logic-buggy
deployment.extensions βsa-logic-buggyβ deleted
$ kubectl delete virtualservice sa-logic
virtualservice.networking.istio.io βsa-logicβ deleted
Circuit Breaker uye Bulkhead Pateni
Isu tiri kutaura nezve maviri akakosha mapatani mune microservice architecture iyo inokutendera iwe kuti uwane yekuzvidzoresa (kuzviporesa) masevhisi.
Circuit Breaker ("circuit breaker") rinoshandiswa kumisa zvikumbiro zvinouya kuchiitiko chesevhisi inoonekwa se isina hutano nekuidzoreredza uku zvikumbiro zvevatengi zvichiendeswa kune zvine hutano zviitiko zvesevhisi iyo (iyo inowedzera chikamu chemhinduro dzakabudirira). (Cherechedza: Tsananguro yakadzama yeiyo pateni inogona kuwanikwa, semuenzaniso,
Bulkhead ("chikamu") inoparadzanisa kutadza kwesevhisi kubva pakukanganisa hurongwa hwese. Semuyenzaniso, Sevhisi B yakatyoka uye imwe sevhisi (Mutengi weSevhisi B) inoita chikumbiro kuSevhisi B, zvichiita kuti ipedze dziva rayo reshinda uye itadze kuita zvimwe zvikumbiro (kunyangwe zvisiri zveBasa B). (Cherechedza: Tsananguro yakadzama yeiyo pateni inogona kuwanikwa, semuenzaniso,
Ini ndichasiya ruzivo rwekuita zveaya mapatani nekuti ari nyore kuwana mukati
PS kubva kumushanduri
Verenga zvakare pablog yedu:
- "Kudzokera kumamicroservices neIstio":
chikamu 1 (sumo kune makuru maficha) ,Chikamu 3 (kutendeseka uye mvumo) ; - Β«
Conduit - lightweight sevhisi mesh yeKubernetes "; - Β«
Chii chinonzi mesh sevhisi uye nei ndichida imwe [yegore application ine microservices]? ".
Source: www.habr.com