Cherechedza. transl.: Masevhisi meshes akave mhinduro yakakodzera muzvivakwa zvemazuva ano zvekushandisa zvinotevera microservice architecture. Nepo Istio inogona kunge iri pamiromo yevazhinji mainjiniya eDevOps, ichiri chigadzirwa chitsva icho, kunyangwe chakazara maererano nehunyanzvi hwachinopa, chinogona kuda nguva yakawanda yekujairana nacho. Injiniya weGerman Rinor Maloku, uyo anoona nezve cloud computing yevatengi vakakura pakambani yekufonera Orange Networks, akanyora zvinoshamisa zvakatevedzana zvezvinhu zvinokutendera iwe kukurumidza uye zvakadzama kunyura muIstio. Anotanga nyaya yake neizvo Istio inogona kuita muhuwandu uye kuti iwe unogona sei kukurumidza kuzviona nemeso ako.
Istio -Iyo Open Source chirongwa chakagadziridzwa mukubatana nezvikwata zveGoogle, IBM neLyft. Inogadzirisa zvinonetsa zvinomuka mumamicroservices-based application, senge:
- Traffic Management: nguva, kuedzazve, kuyera kuyera;
- Chengetedzo: kupedzisa mushandisi kutendeseka uye mvumo;
- Kucherechedzwa: kutsvaga, kutarisa, kutema miti.
Zvese izvi zvinogona kugadziriswa padanho rekushandisa, asi mushure meizvozvo masevhisi ako haazove "micro". Kuedza kwese kugadzirisa matambudziko aya kutambisa zviwanikwa zvekambani zvinogona kushandiswa zvakananga kune kukosha kwebhizinesi. Ngatitarisei muenzaniso:
Project Manager: Zvinotora nguva yakareba sei kuti uwedzere mhinduro?
Mugadziri: Mimhanyi miviri.MP: Chii?.. Inongova CRUD!
R: Kuita CRUD ndicho chikamu chiri nyore, asi isu tichiri kuda kutendesa uye kubvumidza vashandisi nemasevhisi. Sezvo network isingavimbike, iwe uchafanirwa kuita zvikumbiro zvakadzokororwa, zvakare muvatengi. Zvakare, kuve nechokwadi chekuti system yese haina kuparara, iwe unozoda nguva yekubuda uye (kuti uwane rumwe ruzivo nezve ese ari maviri mapatani ataurwa, ona gare gare muchinyorwa - approx. transl.), uye kuitira kuona matambudziko, kutarisa, kutsvaga, [β¦]MP: Ah, saka ngatingoisa chinhu ichi muChigadzirwa sevhisi.
Ini ndinofunga zano rakajeka: huwandu hwenhanho uye kushanda nesimba kunodiwa kuwedzera imwe sevhisi yakakura. Muchikamu chino, tichatarisa kuti Istio inobvisa sei kuoma kwese kwataurwa pamusoro (izvo hazvina kuitirwa kuve bhizinesi logic) kubva kumasevhisi.
taura pfungwa: Ichi chinyorwa chinofungidzira kuti une ruzivo rwekushanda rweKubernetes. Zvikasadaro, ndinokurudzira kuverenga uye chete pashure paizvozvo ramba uchiverenga chinyorwa ichi.
Istio pfungwa
Munyika isina Istio, imwe sevhisi inoita zvikumbiro zvakananga kune imwe, uye kana paine kukundikana, sevhisi inofanirwa kuzvibata pachayo: ita kuyedza kutsva, kupa nguva yekubuda, kuvhura dunhu redunhu, nezvimwe.
Network traffic muKubernetes
Istio inopa yakasarudzika mhinduro, yakaparadzaniswa zvachose kubva kumasevhisi uye kushanda nekukanganisa netiweki kutaurirana. Uye saka inoshandisa:
- kukanganisa kushivirira: Zvichienderana nekodhi yemamiriro mumhinduro, inonzwisisa kana chikumbiro chakundikana uye wochiita zvakare.
- Canary rollouts: inodzosera chete chikamu chakatarwa chezvikumbiro kune iyo itsva vhezheni yesevhisi.
- Monitoring uye metrics: Zvakatora nguva yakareba sei kuti sevhisi ipindure?
- Kutsvaga uye Kucherechedzwa: Inowedzera yakakosha misoro kuchikumbiro chega chega uye inovateedzera pane iyo cluster.
- Chengetedzo: Inotora chiratidzo cheJWT, inosimbisa uye inobvumidza vashandisi.
Aya angori mashoma emikana (chaizvo ingori mishoma!) yekukushamisa iwe. Zvino ngatinyure mune zvehunyanzvi ruzivo!
Istio architecture
Istio inobata ese network traffic uye inoshandisa seti yemitemo kwairi, ichiisa smart proxy muchimiro che sidecar chigaba mune yega yega pod. MaProxies anomutsa zvese zvinogoneka zvinoumba a Data Plane, uye vanogona kugadzirwa zvine simba vachishandisa Kudzora Ndege.
Data Plane
MaProxies akaiswa mumapods anobvumira Istio kuzadzisa zviri nyore izvo zvatinoda. Semuyenzaniso, ngatitarisei iyo yekuedza zvakare uye yedunhu breaker mabasa.
Kuedzazve uye kutyora kwedunhu kunoitwa muEnvoy
Summing up:
- nhume (tiri kutaura nezve proxy iri mubhokisi remota, iro rinogoverwa se - approx. transl.) inotumira chikumbiro kumuenzaniso wekutanga webasa B uye inokundikana.
- Envoy Sidecar anoedza zvakare (edzazve). (1)
- Chikumbiro chakundikana uye chinodzoserwa kune proxy yachidaidza.
- Izvi zvinovhura Circuit Breaker uye inodaidza iyo inotevera sevhisi kune zvinotevera zvikumbiro. (2)
Izvi zvinoreva kuti haufanirwe kushandisa imwe Yedzazve raibhurari, iwe haufanirwe kuita yako pachako kusevenzesa kweCircuit Breaking uye Service Discovery mumutauro wechirongwa X, Y kana Z. Zvese izvi nezvimwe zvakawanda zvinowanikwa kunze kwebhokisi. muIstio uye haidi kwete kuchinja kwekodhi.
Hukuru! Iye zvino ungada kuenda parwendo neIstio, asi iwe uchine kusava nechokwadi, mibvunzo yakazaruka. Kana iyi iri mhinduro yepasirese yezviitiko zvese zvehupenyu, saka une fungidziro yechisikigo: mushure mezvose, mhinduro dzese dzakadaro muchokwadi dzinoshanduka kuve dzisina kukodzera chero nyaya.
Uye pakupedzisira unobvunza: "Zvinogoneka here?"
Iye zvino wagadzirira rwendo rwegungwa, ngatizivei neKudzora Ndege.
Kudzora Ndege
Inoumbwa nezvikamu zvitatu: Pilot, chisanganiso ΠΈ nhare, iyo inoshanda pamwe chete kugadzirisa Nhume kuti dzifambise traffic, kutevedzera mitemo, uye kuunganidza telemetry data. Schematically zvese zvinotaridzika seizvi:
Kudyidzana kweKudzora Ndege neData Plane
Nhume (kureva ndege yedata) inogadziriswa uchishandisa (Custom Resource Definitions) inotsanangurwa neIstio uye yakanyatsogadzirirwa chinangwa ichi. Zvinoreva izvi kwauri ndezvekuti vanoita senge imwe sosi muKubernetes ine yakajairika syntax. Kana yangosikwa, sosi iyi inotorwa nendege yekudzora yoiswa kune Nhume.
Hukama hwemasevhisi kuIstio
Isu takatsanangura hukama hweIstio kumasevhisi, asi kwete zvakadzoserwa: masevhisi anobatana sei neIstio?
Kutaura chokwadi, masevhisi anonyatsoziva kuvepo kweIstio sehove dziri dzemvura padzinozvibvunza kuti, "Mvura chii zvakadaro?"
Mufananidzo : - Unoda sei mvura? - Mvura chii zvakadaro?
Nokudaro, iwe unogona kutora boka rekushanda uye mushure mekutumira zvikamu zveIstio, masevhisi ari mairi acharamba achishanda, uye mushure mokubvisa zvikamu izvi, zvose zvichange zvakanaka zvakare. Zviri pachena kuti munyaya iyi iwe ucharasikirwa nekwanisi inopiwa neIstio.
Dzidziso yakakwana - ngatiise ruzivo urwu mukuita!
Istio mukuita
Istio inoda Kubernetes cluster ine angangoita 4 vCPU uye 8 GB ye RAM iripo. Kukurumidza kuseta sumbu uye kutevera mirairo kubva kuchinyorwa, ini ndinokurudzira kushandisa Google Cloud Platform, iyo inopa vashandisi vatsva. .
Mushure mekugadzira sumbu uye kugadzirisa kupinda kuKubernetes kuburikidza neiyo console utility, unogona kuisa Istio kuburikidza neHelm package maneja.
Helm installation
Isa iyo Helm mutengi pakombuta yako, sezvakatsanangurwa mukati . Tichashandisa izvi kugadzira matemplate ekuisa Istio muchikamu chinotevera.
Kuisa Istio
Dhawunirodha Istio zviwanikwa kubva (link yemunyori wemabviro kuvhezheni 1.0.5 yachinjirwa kune yazvino, kureva 1.0.6 - approx. transl.), bvisa zviri mukati mune rimwe dhairekitori, randichazofona kubva zvino [istio-resources].
Kuti uone zviri nyore zviwanikwa zveIstio, gadzira nzvimbo yezita muK8s cluster istio-system:
$ kubectl create namespace istio-systemPedzisa kuiswa nekuenda kune dhairekitori [istio-resources] uye kumhanya murairo:
$ helm template install/kubernetes/helm/istio
--set global.mtls.enabled=false
--set tracing.enabled=true
--set kiali.enabled=true
--set grafana.enabled=true
--namespace istio-system > istio.yamlUyu murairo uchaburitsa zvakakosha zveIstio kufaira istio.yaml. Isu takagadzirisa iyo yakajairwa template kuti ienderane isu, tichitsanangura zvinotevera paramita:
-
global.mtls.enabledyakaiswa mukatifalse(kureva mTLS authentication yadzimwa - approx.)kurerutsa maitiro edu ekufambidzana; -
tracing.enabledinosanganisira kukumbira kutsvaga uchishandisa Jaeger; -
kiali.enabledinoisa Kiali muboka rekuona masevhisi uye traffic; -
grafana.enabledinoisa Grafana kuti ione maitiro akaunganidzwa.
Ngatishandisei zviwanikwa zvakagadzirwa nemurairo:
$ kubectl apply -f istio.yamlKuiswa kweIstio pane cluster kwapera! Mirira kusvika mapodhi ese ari munzvimbo yemazita istio-system achakwanisa Running kana Completednekumhanyisa murairo uri pasi apa:
$ kubectl get pods -n istio-systemIkozvino tagadzirira kuenderera mberi muchikamu chinotevera, apo tichasimudzira application.
Architecture yeSentiment Analysis application
Ngatishandisei muenzaniso weSentiment Analysis microservice application inoshandiswa mune yatotaurwa . Izvo zvakaoma zvakakwana kuratidza kugona kweIstio mukuita.
Iko kushandiswa kunosanganisira ina microservices:
- sevhisi SA-Frontend, iyo inoshandira kumberi kweReactjs application;
- sevhisi SA-WebApp, iyo inoshandisa Sentiment Analysis mibvunzo;
- sevhisi SA-Logic, iyo inozviita pachayo ;
- sevhisi SA-Feedback, iyo inogamuchira mhinduro kubva kune vashandisi pamusoro pekururama kwekuongorora.
Mumufananidzo uyu, pamusoro pemasevhisi, tinoona zvakare Ingress Controller, iyo muKubernetes inofambisa zvikumbiro zvinouya kumasevhisi akakodzera. Istio inoshandisa pfungwa yakafanana mukati mayo Ingress Gateway, mamwe mashoko anozotevera.
Kumhanyisa application neproxy kubva kuIstio
Kuti uwane mamwe mashandisiro ataurwa muchinyorwa, clone yako repository . Iyo ine application uye inoratidza yeKubernetes uye Istio.
Kupinza sidecars
Kupinza kunogona kuitwa otomatiki kana noruoko. Kuti uise otomatiki zvigubhu zvepadivi, unozofanirwa kuseta label kunzvimbo yezita istio-injection=enabled, izvo zvinoitwa nemurairo unotevera:
$ kubectl label namespace default istio-injection=enabled
namespace/default labeledIye zvino podhi yega yega inozoiswa mune yakasarudzika namespace (default) ichagamuchira chigaba chayo chepadivi. Kuona izvi, ngatiisei bvunzo application nekuenda kumudzi wedhairekitori repository [istio-mastery] uye kuita murairo unotevera:
$ kubectl apply -f resource-manifests/kube
persistentvolumeclaim/sqlite-pvc created
deployment.extensions/sa-feedback created
service/sa-feedback created
deployment.extensions/sa-frontend created
service/sa-frontend created
deployment.extensions/sa-logic created
service/sa-logic created
deployment.extensions/sa-web-app created
service/sa-web-app createdKana taendesa masevhisi, ngatitarisei kuti mapods ane midziyo miviri (ine sevhisi pachayo uye padivi payo) nekumhanyisa murairo. kubectl get pods uye kuve nechokwadi kuti pasi pembiru READY kukosha kwataurwa 2/2, zvichiratidza kuti midziyo yese iri kushanda:
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
sa-feedback-55f5dc4d9c-c9wfv 2/2 Running 0 12m
sa-frontend-558f8986-hhkj9 2/2 Running 0 12m
sa-logic-568498cb4d-2sjwj 2/2 Running 0 12m
sa-logic-568498cb4d-p4f8c 2/2 Running 0 12m
sa-web-app-599cf47c7c-s7cvd 2/2 Running 0 12mZvinotaridzika seizvi:
Envoy proxy mune imwe yepods
Ikozvino iyo application yave kusimuka uye ichishanda, isu tichada kubvumidza iri kuuya traffic kuti iuye mukushandisa.
Ingress Gateway
Iyo yakanakisa tsika yekuita izvi (kubvumira traffic musumbu) iri kuburikidza Ingress Gateway muIstio, iyo iri pa "kumucheto" kwesumbu uye inokubvumira kuti uite zvinhu zveIstio zvakadai sekufambisa, kuenzanisa kwekutakura, kuchengeteka uye kutarisa kwemigwagwa inouya.
Iyo Ingress Gateway chikamu uye sevhisi inoiendesa kunze yakaiswa musumbu panguva yekuiswa kweIstio. Kuti uzive yekunze IP kero yebasa, mhanya:
$ kubectl get svc -n istio-system -l istio=ingressgateway
NAME TYPE CLUSTER-IP EXTERNAL-IP
istio-ingressgateway LoadBalancer 10.0.132.127 13.93.30.120Isu ticharamba tichiwana iyo application tichishandisa iyi IP (ini ndichaidaidza se EXTERNAL-IP), saka kuti zviitike isu tichanyora kukosha kwayo kuita shanduko:
$ EXTERNAL_IP=$(kubectl get svc -n istio-system
-l app=istio-ingressgateway
-o jsonpath='{.items[0].status.loadBalancer.ingress[0].ip}')Kana iwe ukaedza kuwana iyi IP kuburikidza nebrowser izvozvi, iwe unogashira Basa Risingawanikwe kukanganisa, nekuti nekusarudzika Istio inovhara zvese zvinouya traffic, Gateway haisati yatsanangurwa.
Gateway resource
Gedhi iCRD (Custom Resource Definition) muKubernetes, inotsanangurwa mushure mekuisa Istio musumbu uye kugonesa kugona kutsanangura madoko, protocol uye mauto atinoda kubvumidza inouya traffic.
Mune yedu kesi, isu tinoda kubvumidza HTTP traffic pachiteshi 80 kune ese mahosts. Basa rinoitwa netsanangudzo inotevera ():
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: http-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"Iyi gadziriso haidi tsananguro kunze kweiyo yekusarudza istio: ingressgateway. Neichi chisarudzi tinogona kutsanangura kuti ndeipi Ingress Gateway yekushandisa iyo gadziriso. Kwatiri, iyi ndiyo Ingress Gateway controller, iyo yakaiswa nekusarudzika muIstio.
Iyo gadziriso inoshandiswa nekudaidza murairo unotevera:
$ kubectl apply -f resource-manifests/istio/http-gateway.yaml gateway.networking.istio.io/http-gateway createdIyo gedhi ikozvino inobvumira kupinda pachiteshi 80, asi haina ruzivo rwekuenda kupi zvikumbiro. Nokuda kweizvi uchada Virtual Services.
VirtualService resource
Iyo VirtualService inoudza iyo Ingress Gateway nzira yekufambisa zvikumbiro zvinotenderwa mukati mesumbu.
Zvikumbiro zvekushandisa kwedu zvinouya kuburikidza ne http-gedhi zvinofanirwa kutumirwa kune sa-frontend, sa-web-app uye sa-feedback masevhisi:
Nzira dzinoda kugadzirwa neVirtualServices
Ngatitarisei zvikumbiro zvinofanirwa kutumirwa kuSA-Frontend:
- Machisi chaiwo munzira
/inofanira kutumirwa kuSA-Frontend kuti uwane index.html; - Prefixed nzira
/static/*inofanira kutumirwa kuSA-Frontend kuti igamuchire static mafaira anoshandiswa kumberi, seCSS neJavaScript; - Nzira dzakafananidzwa nekutaura nguva dzose
'^.*.(ico|png|jpg)$', inofanira kutumirwa kuSA-Frontend, nokuti Iyi ndiyo mifananidzo inoratidzwa papeji.
Iko kushandiswa kunowanikwa nekugadzirisa kunotevera ():
kind: VirtualService metadata: name: sa-external-services spec: hosts: - "*" gateways: - http-gateway # 1 http: - match: - uri: exact: / - uri: exact: /callback - uri: prefix: /static - uri: regex: '^.*.(ico|png|jpg) ΠΠ°ΠΆΠ½ΡΠ΅ ΠΌΠΎΠΌΠ΅Π½ΡΡ:ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: ΠΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ Π²ΡΡΠ΅ Ρ ΡΠ°Π½ΠΈΡΡΡ Π² ΡΠ°ΠΉΠ»Π΅
- ΠΡΠΎΡ VirtualService ΠΎΡΠ½ΠΎΡΠΈΡΡΡ ΠΊ Π·Π°ΠΏΡΠΎΡΠ°ΠΌ, ΠΏΡΠΈΡ ΠΎΠ΄ΡΡΠΈΠΌ ΡΠ΅ΡΠ΅Π· http-gateway;
- Π
destinationΠΎΠΏΡΠ΅Π΄Π΅Π»ΡΠ΅ΡΡΡ ΡΠ΅ΡΠ²ΠΈΡ, ΠΊΡΠ΄Π° ΠΎΡΠΏΡΠ°Π²Π»ΡΡΡΡΡ Π·Π°ΠΏΡΠΎΡΡ.sa-virtualservice-external.yaml, ΠΊΠΎΡΠΎΡΡΠΉ ΡΠ°ΠΊΠΆΠ΅ ΡΠΎΠ΄Π΅ΡΠΆΠΈΡ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ Π΄Π»Ρ ΠΌΠ°ΡΡΡΡΡΠΈΠ·Π°ΡΠΈΠΈ Π² SA-WebApp ΠΈ SA-Feedback, Π½ΠΎ Π±ΡΠ» ΡΠΎΠΊΡΠ°ΡΡΠ½ Π·Π΄Π΅ΡΡ Π² ΡΡΠ°ΡΡΠ΅ Π΄Π»Ρ Π»Π°ΠΊΠΎΠ½ΠΈΡΠ½ΠΎΡΡΠΈ. ΠΡΠΈΠΌΠ΅Π½ΠΈΠΌ VirtualService Π²ΡΠ·ΠΎΠ²ΠΎΠΌ:$ kubectl apply -f resource-manifests/istio/sa-virtualservice-external.yaml virtualservice.networking.istio.io/sa-external-services createdΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: ΠΠΎΠ³Π΄Π° ΠΌΡ ΠΏΡΠΈΠΌΠ΅Π½ΡΠ΅ΠΌ ΡΠ΅ΡΡΡΡΡ Istio, Kubernetes API Server ΡΠΎΠ·Π΄Π°ΡΡ ΡΠΎΠ±ΡΡΠΈΠ΅, ΠΊΠΎΡΠΎΡΠΎΠ΅ ΠΏΠΎΠ»ΡΡΠ°Π΅Ρ Istio Control Plane, ΠΈ ΡΠΆΠ΅ ΠΏΠΎΡΠ»Π΅ ΡΡΠΎΠ³ΠΎ Π½ΠΎΠ²Π°Ρ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ ΠΏΡΠΈΠΌΠ΅Π½ΡΠ΅ΡΡΡ ΠΊ ΠΏΡΠΎΠΊΡΠΈ-ΡΠ΅ΡΠ²Π΅ΡΠ°ΠΌ Envoy ΠΊΠ°ΠΆΠ΄ΠΎΠ³ΠΎ pod'Π°. Π ΠΊΠΎΠ½ΡΡΠΎΠ»Π»Π΅Ρ Ingress Gateway ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»ΡΠ΅ΡΡΡ ΠΎΡΠ΅ΡΠ΅Π΄Π½ΡΠΌ Envoy, ΡΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠΈΡΠΎΠ²Π°Π½Π½ΡΠΌ Π² Control Plane. ΠΡΡ ΡΡΠΎ Π½Π° ΡΡ Π΅ΠΌΠ΅ Π²ΡΠ³Π»ΡΠ΄ΠΈΡ ΡΠ°ΠΊ:
ΠΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ Istio-IngressGateway Π΄Π»Ρ ΠΌΠ°ΡΡΡΡΡΠΈΠ·Π°ΡΠΈΠΈ Π·Π°ΠΏΡΠΎΡΠΎΠ²ΠΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ Sentiment Analysis ΡΡΠ°Π»ΠΎ Π΄ΠΎΡΡΡΠΏΠ½ΡΠΌ ΠΏΠΎ
http://{EXTERNAL-IP}/. ΠΠ΅ ΠΏΠ΅ΡΠ΅ΠΆΠΈΠ²Π°ΠΉΡΠ΅, Π΅ΡΠ»ΠΈ Π²Ρ ΠΏΠΎΠ»ΡΡΠ°Π΅ΡΠ΅ ΡΡΠ°ΡΡΡ Not Found: ΠΈΠ½ΠΎΠ³Π΄Π° ΡΡΠ΅Π±ΡΠ΅ΡΡΡ ΡΡΡΡ Π±ΠΎΠ»ΡΡΠ΅ Π²ΡΠ΅ΠΌΠ΅Π½ΠΈ Π΄Π»Ρ ΡΠΎΠ³ΠΎ, ΡΡΠΎΠ±Ρ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ Π²ΡΡΡΠΏΠΈΠ»Π° Π² ΡΠΈΠ»Ρ ΠΈ ΠΊΡΡΠΈ Envoy ΠΎΠ±Π½ΠΎΠ²ΠΈΠ»ΠΈΡΡ.ΠΠ΅ΡΠ΅Π΄ ΡΠ΅ΠΌ, ΠΊΠ°ΠΊ ΠΏΡΠΎΠ΄ΠΎΠ»ΠΆΠΈΡΡ, ΠΏΠΎΡΠ°Π±ΠΎΡΠ°ΠΉΡΠ΅ Π½Π΅ΠΌΠ½ΠΎΠ³ΠΎ Ρ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ΠΌ, ΡΡΠΎΠ±Ρ ΡΠ³Π΅Π½Π΅ΡΠΈΡΠΎΠ²Π°ΡΡ ΡΡΠ°ΡΠΈΠΊ (Π΅Π³ΠΎ Π½Π°Π»ΠΈΡΠΈΠ΅ Π½Π΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΠΎ Π΄Π»Ρ Π½Π°Π³Π»ΡΠ΄Π½ΠΎΡΡΠΈ Π² ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠΈΡ Π΄Π΅ΠΉΡΡΠ²ΠΈΡΡ β ΠΏΡΠΈΠΌ. ΠΏΠ΅ΡΠ΅Π².).
Kialiβ: Π½Π°Π±Π»ΡΠ΄Π°Π΅ΠΌΠΎΡΡΡ
Π§ΡΠΎΠ±Ρ ΠΏΠΎΠΏΠ°ΡΡΡ Π² Π°Π΄ΠΌΠΈΠ½ΠΈΡΡΡΠ°ΡΠΈΠ²Π½ΡΠΉ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡ Kiali, Π²ΡΠΏΠΎΠ»Π½ΠΈΡΠ΅ ΡΠ»Π΅Π΄ΡΡΡΡΡ ΠΊΠΎΠΌΠ°Π½Π΄Ρ:
$ kubectl port-forward $(kubectl get pod -n istio-system -l app=kiali -o jsonpath='{.items[0].metadata.name}') -n istio-system 20001β¦ ΠΈ ΠΎΡΠΊΡΠΎΠΉΡΠ΅ , Π·Π°Π»ΠΎΠ³ΠΈΠ½ΠΈΠ²ΡΠΈΡΡ ΠΏΠΎΠ΄ admin/admin. ΠΠ΄Π΅ΡΡ Π²Ρ Π½Π°ΠΉΠ΄Π΅ΡΠ΅ ΠΌΠ½ΠΎΠΆΠ΅ΡΡΠ²ΠΎ ΠΏΠΎΠ»Π΅Π·Π½ΡΡ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠ΅ΠΉ, Π½Π°ΠΏΡΠΈΠΌΠ΅Ρ, Π΄Π»Ρ ΠΏΡΠΎΠ²Π΅ΡΠΊΠΈ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½ΡΠΎΠ² Istio, Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ² ΠΏΠΎ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ, ΡΠΎΠ±ΡΠ°Π½Π½ΠΎΠΉ ΠΏΡΠΈ ΠΏΠ΅ΡΠ΅Ρ Π²Π°ΡΠ΅ ΡΠ΅ΡΠ΅Π²ΡΡ Π·Π°ΠΏΡΠΎΡΠΎΠ², ΠΏΠΎΠ»ΡΡΠ΅Π½ΠΈΡ ΠΎΡΠ²Π΅ΡΠΎΠ² Π½Π° Π²ΠΎΠΏΡΠΎΡΡ Β«ΠΡΠΎ ΠΊ ΠΊΠΎΠΌΡ ΠΎΠ±ΡΠ°ΡΠ°Π΅ΡΡΡ?Β», Β«Π£ ΠΊΠ°ΠΊΠΎΠΉ Π²Π΅ΡΡΠΈΠΈ ΡΠ΅ΡΠ²ΠΈΡΠ° Π²ΠΎΠ·Π½ΠΈΠΊΠ°ΡΡ ΡΠ±ΠΎΠΈ?Β» ΠΈ Ρ.ΠΏ. Π ΠΎΠ±ΡΠ΅ΠΌ, ΠΈΠ·ΡΡΠΈΡΠ΅ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠΈ Kiali ΠΏΠ΅ΡΠ΅Π΄ ΡΠ΅ΠΌ, ΠΊΠ°ΠΊ Π΄Π²ΠΈΠ³Π°ΡΡΡΡ Π΄Π°Π»ΡΡΠ΅ β ΠΊ Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΠΌΠ΅ΡΡΠΈΠΊ Ρ Grafana.
Grafana: Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΡ ΠΌΠ΅ΡΡΠΈΠΊ
Π‘ΠΎΠ±ΡΠ°Π½Π½ΡΠ΅ Π² Istio ΠΌΠ΅ΡΡΠΈΠΊΠΈ ΠΏΠΎΠΏΠ°Π΄Π°ΡΡ Π² Prometheus ΠΈ Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·ΠΈΡΡΡΡΡΡ Ρ Grafana. Π§ΡΠΎΠ±Ρ ΠΏΠΎΠΏΠ°ΡΡΡ Π² Π°Π΄ΠΌΠΈΠ½ΠΈΡΡΡΠ°ΡΠΈΠ²Π½ΡΠΉ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡ Grafana, Π²ΡΠΏΠΎΠ»Π½ΠΈΡΠ΅ ΠΊΠΎΠΌΠ°Π½Π΄Ρ Π½ΠΈΠΆΠ΅, ΠΏΠΎΡΠ»Π΅ ΡΠ΅Π³ΠΎ ΠΎΡΠΊΡΠΎΠΉΡΠ΅ :
$ kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath={.items[0].metadata.name}) 3000ΠΠ»ΠΈΠΊΠ½ΡΠ² Π½Π° ΠΌΠ΅Π½Ρ Home ΡΠ»Π΅Π²Π° ΡΠ²Π΅ΡΡ Ρ ΠΈ Π²ΡΠ±ΡΠ°Π² Istio Service Dashboard Π² Π»Π΅Π²ΠΎΠΌ Π²Π΅ΡΡ Π½Π΅ΠΌ ΡΠ³Π»Ρ, Π½Π°ΡΠ½ΠΈΡΠ΅ Ρ ΡΠ΅ΡΠ²ΠΈΡΠ° sa-web-app, ΡΡΠΎΠ±Ρ ΠΏΠΎΡΠΌΠΎΡΡΠ΅ΡΡ Π½Π° ΡΠΎΠ±ΡΠ°Π½Π½ΡΠ΅ ΠΌΠ΅ΡΡΠΈΠΊΠΈ:
ΠΠ΄Π΅ΡΡ Π½Π°Ρ ΠΆΠ΄ΡΡ ΠΏΡΡΡΠΎΠ΅ ΠΈ ΡΠΎΠ²Π΅ΡΡΠ΅Π½Π½ΠΎ ΡΠΊΡΡΠ½ΠΎΠ΅ ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½ΠΈΠ΅ β ΡΡΠΊΠΎΠ²ΠΎΠ΄ΡΡΠ²ΠΎ Π½ΠΈΠΊΠΎΠ³Π΄Π° ΡΠ°ΠΊΠΎΠ΅ Π½Π΅ ΠΎΠ΄ΠΎΠ±ΡΠΈΡ. ΠΠ°Π²Π°ΠΉΡΠ΅ ΠΆΠ΅ ΡΠΎΠ·Π΄Π°Π΄ΠΈΠΌ Π½Π΅Π±ΠΎΠ»ΡΡΡΡ Π½Π°Π³ΡΡΠ·ΠΊΡ ΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΠΊΠΎΠΌΠ°Π½Π΄ΠΎΠΉ:
$ while true; do curl -i http://$EXTERNAL_IP/sentiment -H "Content-type: application/json" -d '{"sentence": "I love yogobella"}'; sleep .8; doneΠΠΎΡ ΡΠ΅ΠΏΠ΅ΡΡ Ρ Π½Π°Ρ Π³ΠΎΡΠ°Π·Π΄ΠΎ Π±ΠΎΠ»Π΅Π΅ ΡΠΈΠΌΠΏΠ°ΡΠΈΡΠ½ΡΠ΅ Π³ΡΠ°ΡΠΈΠΊΠΈ, Π° Π² Π΄ΠΎΠΏΠΎΠ»Π½Π΅Π½ΠΈΠ΅ ΠΊ Π½ΠΈΠΌ β Π·Π°ΠΌΠ΅ΡΠ°ΡΠ΅Π»ΡΠ½ΡΠ΅ ΠΈΠ½ΡΡΡΡΠΌΠ΅Π½ΡΡ Prometheus Π΄Π»Ρ ΠΌΠΎΠ½ΠΈΡΠΎΡΠΈΠ½Π³Π° ΠΈ Grafana Π΄Π»Ρ Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΠΌΠ΅ΡΡΠΈΠΊ, ΡΡΠΎ ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡ Π½Π°ΠΌ ΡΠ·Π½Π°ΡΡ ΠΎ ΠΏΡΠΎΠΈΠ·Π²ΠΎΠ΄ΠΈΡΠ΅Π»ΡΠ½ΠΎΡΡΠΈ, ΡΠΎΡΡΠΎΡΠ½ΠΈΠΈ Π·Π΄ΠΎΡΠΎΠ²ΡΡ, ΡΠ»ΡΡΡΠ΅Π½ΠΈΡΡ /Π΄Π΅Π³ΡΠ°Π΄Π°ΡΠΈΠΈ Π² ΡΠ°Π±ΠΎΡΠ΅ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ² Π½Π° ΠΏΡΠΎΡΡΠΆΠ΅Π½ΠΈΠΈ Π²ΡΠ΅ΠΌΠ΅Π½ΠΈ.
ΠΠ°ΠΊΠΎΠ½Π΅Ρ, ΠΏΠΎΡΠΌΠΎΡΡΠΈΠΌ Π½Π° ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΡ Π·Π°ΠΏΡΠΎΡΠΎΠ² Π² ΡΠ΅ΡΠ²ΠΈΡΠ°Ρ .
Jaegerβ: ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠ°
Π’ΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠ° Π½Π°ΠΌ ΠΏΠΎΡΡΠ΅Π±ΡΠ΅ΡΡΡ, ΠΏΠΎΡΠΎΠΌΡ ΡΡΠΎ ΡΠ΅ΠΌ Π±ΠΎΠ»ΡΡΠ΅ Ρ Π½Π°Ρ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ², ΡΠ΅ΠΌ ΡΠ»ΠΎΠΆΠ½Π΅Π΅ Π΄ΠΎΠ±ΡΠ°ΡΡΡΡ Π΄ΠΎ ΠΏΡΠΈΡΠΈΠ½Ρ ΡΠ±ΠΎΡ. ΠΠΎΡΠΌΠΎΡΡΠΈΠΌ Π½Π° ΠΏΡΠΎΡΡΠΎΠΉ ΡΠ»ΡΡΠ°ΠΉ ΠΈΠ· ΠΊΠ°ΡΡΠΈΠ½ΠΊΠΈ Π½ΠΈΠΆΠ΅:
Π’ΠΈΠΏΠΎΠ²ΠΎΠΉ ΠΏΡΠΈΠΌΠ΅Ρ ΡΠ»ΡΡΠ°ΠΉΠ½ΠΎΠ³ΠΎ Π½Π΅ΡΠ΄Π°ΡΠ½ΠΎΠ³ΠΎ Π·Π°ΠΏΡΠΎΡΠ°ΠΠ°ΠΏΡΠΎΡ ΠΏΡΠΈΡ ΠΎΠ΄ΠΈΡ, ΠΏΠ°Π΄Π°Π΅Ρ β Π² ΡΡΠΌ ΠΆΠ΅ ΠΏΡΠΈΡΠΈΠ½Π°? ΠΠ΅ΡΠ²ΡΠΉ ΡΠ΅ΡΠ²ΠΈΡ? ΠΠ»ΠΈ Π²ΡΠΎΡΠΎΠΉ? ΠΡΠΊΠ»ΡΡΠ΅Π½ΠΈΡ Π΅ΡΡΡ Π² ΠΎΠ±ΠΎΠΈΡ β Π΄Π°Π²Π°ΠΉΡΠ΅ ΠΏΠΎΡΠΌΠΎΡΡΠΈΠΌ Π½Π° Π»ΠΎΠ³ΠΈ ΠΊΠ°ΠΆΠ΄ΠΎΠ³ΠΎ. ΠΠ°ΠΊ ΡΠ°ΡΡΠΎ Π²Ρ Π»ΠΎΠ²ΠΈΠ»ΠΈ ΡΠ΅Π±Ρ Π·Π° ΡΠ°ΠΊΠΈΠΌ Π·Π°Π½ΡΡΠΈΠ΅ΠΌ? ΠΠ°ΡΠ° ΡΠ°Π±ΠΎΡΠ° Π±ΠΎΠ»ΡΡΠ΅ ΠΏΠΎΡ ΠΎΠΆΠ° Π½Π° Π΄Π΅ΡΠ΅ΠΊΡΠΈΠ²ΠΎΠ² ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ½ΠΎΠ³ΠΎ ΠΎΠ±Π΅ΡΠΏΠ΅ΡΠ΅Π½ΠΈΡ, Π° Π½Π΅ ΡΠ°Π·ΡΠ°Π±ΠΎΡΡΠΈΠΊΠΎΠ²β¦
ΠΡΠΎ ΡΠΈΡΠΎΠΊΠΎ ΡΠ°ΡΠΏΡΠΎΡΡΡΠ°Π½ΡΠ½Π½Π°Ρ ΠΏΡΠΎΠ±Π»Π΅ΠΌΠ° Π² ΠΌΠΈΠΊΡΠΎΡΠ΅ΡΠ²ΠΈΡΠ°Ρ ΠΈ ΡΠ΅ΡΠ°Π΅ΡΡΡ ΠΎΠ½Π° ΡΠ°ΡΠΏΡΠ΅Π΄Π΅Π»ΡΠ½Π½ΡΠΌΠΈ ΡΠΈΡΡΠ΅ΠΌΠ°ΠΌΠΈ ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠΈ, Π² ΠΊΠΎΡΠΎΡΡΡ ΡΠ΅ΡΠ²ΠΈΡΡ ΠΏΠ΅ΡΠ΅Π΄Π°ΡΡ Π΄ΡΡΠ³ Π΄ΡΡΠ³Ρ ΡΠ½ΠΈΠΊΠ°Π»ΡΠ½ΡΠΉ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΎΠΊ, ΠΏΠΎΡΠ»Π΅ ΡΠ΅Π³ΠΎ ΡΡΠ° ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ ΠΏΠ΅ΡΠ΅Π½Π°ΠΏΡΠ°Π²Π»ΡΠ΅ΡΡΡ Π² ΡΠΈΡΡΠ΅ΠΌΡ ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠΈ, Π³Π΄Π΅ ΠΎΠ½Π° ΡΠΎΠΏΠΎΡΡΠ°Π²Π»ΡΠ΅ΡΡΡ Ρ Π΄Π°Π½Π½ΡΠΌΠΈ Π·Π°ΠΏΡΠΎΡΠ°. ΠΠΎΡ ΠΈΠ»Π»ΡΡΡΡΠ°ΡΠΈΡ:
ΠΠ»Ρ ΠΈΠ΄Π΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ Π·Π°ΠΏΡΠΎΡΠ° ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ TraceIdΠ Istio ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ Jaeger Tracer, ΠΊΠΎΡΠΎΡΡΠΉ ΡΠ΅Π°Π»ΠΈΠ·ΡΠ΅Ρ Π½Π΅Π·Π°Π²ΠΈΡΠΈΠΌΡΠΉ ΠΎΡ Π²Π΅Π½Π΄ΠΎΡΠΎΠ² ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊ OpenTracing API. ΠΠΎΠ»ΡΡΠΈΡΡ Π΄ΠΎΡΡΡΠΏ ΠΊ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»ΡΡΠΊΠΎΠ³ΠΎ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡΡ Jaeger ΠΌΠΎΠΆΠ½ΠΎ ΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΠΊΠΎΠΌΠ°Π½Π΄ΠΎΠΉ:
$ kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686Π’Π΅ΠΏΠ΅ΡΡ Π·Π°ΠΉΠ΄ΠΈΡΠ΅ Π½Π° ΠΈ Π²ΡΠ±Π΅ΡΠΈΡΠ΅ ΡΠ΅ΡΠ²ΠΈΡ sa-web-app. ΠΡΠ»ΠΈ ΡΠ΅ΡΠ²ΠΈΡ Π½Π΅ ΠΏΠΎΠΊΠ°Π·Π°Π½ Π² Π²ΡΠΏΠ°Π΄Π°ΡΡΠ΅ΠΌ ΠΌΠ΅Π½Ρ β ΠΏΡΠΎΡΠ²ΠΈΡΠ΅/ΡΠ³Π΅Π½Π΅ΡΠΈΡΡΠΉΡΠ΅ Π°ΠΊΡΠΈΠ²Π½ΠΎΡΡΡ Π½Π° ΡΡΡΠ°Π½ΠΈΡΠ΅ ΠΈ ΠΎΠ±Π½ΠΎΠ²ΠΈΡΠ΅ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡ. ΠΠΎΡΠ»Π΅ ΡΡΠΎΠ³ΠΎ Π½Π°ΠΆΠΌΠΈΡΠ΅ Π½Π° ΠΊΠ½ΠΎΠΏΠΊΡ Find Traces, ΠΊΠΎΡΠΎΡΠ°Ρ ΠΏΠΎΠΊΠ°ΠΆΠ΅Ρ ΡΠ°ΠΌΡΠ΅ ΠΏΠΎΡΠ»Π΅Π΄Π½ΠΈΠ΅ ΡΡΠ΅ΠΉΡΡ β Π²ΡΠ±Π΅ΡΠΈΡΠ΅ Π»ΡΠ±ΠΎΠΉ β ΠΏΠΎΠΊΠ°ΠΆΠ΅ΡΡΡ Π΄Π΅ΡΠ°Π»ΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½Π°Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ ΠΏΠΎ Π²ΡΠ΅ΠΌ ΡΡΠ΅ΠΉΡΠ°ΠΌ:
ΠΡΠΎΡ ΡΡΠ΅ΠΉΡ ΠΏΠΎΠΊΠ°Π·ΡΠ²Π°Π΅Ρ:
- ΠΠ°ΠΏΡΠΎΡ ΠΏΡΠΈΡ ΠΎΠ΄ΠΈΡ Π² istio-ingressgateway (ΡΡΠΎ ΠΏΠ΅ΡΠ²ΠΎΠ΅ Π²Π·Π°ΠΈΠΌΠΎΠ΄Π΅ΠΉΡΡΠ²ΠΈΠ΅ Ρ ΠΎΠ΄Π½ΠΈΠΌ ΠΈΠ· ΡΠ΅ΡΠ²ΠΈΡΠΎΠ², ΠΈ Π΄Π»Ρ Π·Π°ΠΏΡΠΎΡΠ° Π³Π΅Π½Π΅ΡΠΈΡΡΠ΅ΡΡΡ Trace ID), ΠΏΠΎΡΠ»Π΅ ΡΠ΅Π³ΠΎ ΡΠ»ΡΠ· Π½Π°ΠΏΡΠ°Π²Π»ΡΠ΅Ρ Π·Π°ΠΏΡΠΎΡ Π² ΡΠ΅ΡΠ²ΠΈΡ sa-web-app.
- Π ΡΠ΅ΡΠ²ΠΈΡΠ΅ sa-web-app Π·Π°ΠΏΡΠΎΡ ΠΏΠΎΠ΄Ρ Π²Π°ΡΡΠ²Π°Π΅ΡΡΡ Envoy sidecar'ΠΎΠΌ, ΡΠΎΠ·Π΄Π°ΡΡΡΡ Β«ΡΠ΅Π±ΡΠ½ΠΎΠΊΒ» Π² span'Π΅ (ΠΏΠΎΡΡΠΎΠΌΡ ΠΌΡ Π²ΠΈΠ΄ΠΈΠΌ Π΅Π³ΠΎ Π² ΡΡΠ΅ΠΉΡΠ°Ρ ) ΠΈ ΠΏΠ΅ΡΠ΅Π½Π°ΠΏΡΠ°Π²Π»ΡΠ΅ΡΡΡ Π² ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅Ρ sa-web-app. ( β Π»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠ°Ρ Π΅Π΄ΠΈΠ½ΠΈΡΠ° ΡΠ°Π±ΠΎΡΡ Π² Jaeger, ΠΈΠΌΠ΅ΡΡΠ°Ρ Π½Π°Π·Π²Π°Π½ΠΈΠ΅, Π²ΡΠ΅ΠΌΡ Π½Π°ΡΠ°Π»ΠΎ ΠΎΠΏΠ΅ΡΠ°ΡΠΈΠΈ ΠΈ Π΅Ρ ΠΏΡΠΎΠ΄ΠΎΠ»ΠΆΠΈΡΠ΅Π»ΡΠ½ΠΎΡΡΡ. Span'Ρ ΠΌΠΎΠ³ΡΡ Π±ΡΡΡ Π²Π»ΠΎΠΆΠ΅Π½Π½ΡΠΌΠΈ ΠΈ ΡΠΏΠΎΡΡΠ΄ΠΎΡΠ΅Π½Π½ΡΠΌΠΈ. ΠΡΠΈΠ΅Π½ΡΠΈΡΠΎΠ²Π°Π½Π½ΡΠΉ Π°ΡΠΈΠΊΠ»ΠΈΡΠ΅ΡΠΊΠΈΠΉ Π³ΡΠ°Ρ ΠΈΠ· span'ΠΎΠ² ΠΎΠ±ΡΠ°Π·ΡΠ΅Ρ trace. β ΠΏΡΠΈΠΌ. ΠΏΠ΅ΡΠ΅Π².)
- ΠΠ΄Π΅ΡΡ Π·Π°ΠΏΡΠΎΡ ΠΎΠ±ΡΠ°Π±Π°ΡΡΠ²Π°Π΅ΡΡΡ ΠΌΠ΅ΡΠΎΠ΄ΠΎΠΌ sentimentAnalysis. ΠΡΠΈ ΡΡΠ΅ΠΉΡΡ ΡΠΆΠ΅ ΡΠ³Π΅Π½Π΅ΡΠΈΡΠΎΠ²Π°Π½Ρ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ΠΌ, Ρ.Π΅. Π΄Π»Ρ Π½ΠΈΡ ΠΏΠΎΡΡΠ΅Π±ΠΎΠ²Π°Π»ΠΈΡΡ ΠΈΠ·ΠΌΠ΅Π½Π΅Π½ΠΈΡ Π² ΠΊΠΎΠ΄Π΅.
- Π‘ ΡΡΠΎΠ³ΠΎ ΠΌΠΎΠΌΠ΅Π½ΡΠ° ΠΈΠ½ΠΈΡΠΈΠΈΡΡΠ΅ΡΡΡ POST-Π·Π°ΠΏΡΠΎΡ Π² sa-logic. Trace ID Π΄ΠΎΠ»ΠΆΠ΅Π½ Π±ΡΡΡ ΠΏΡΠΎΠ±ΡΠΎΡΠ΅Π½ ΠΈΠ· sa-web-app.
- β¦
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: ΠΠ° 4 ΡΠ°Π³Π΅ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ Π΄ΠΎΠ»ΠΆΠ½ΠΎ ΡΠ²ΠΈΠ΄Π΅ΡΡ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ, ΡΠ³Π΅Π½Π΅ΡΠΈΡΠΎΠ²Π°Π½Π½ΡΠ΅ Istio, ΠΈ ΠΏΠ΅ΡΠ΅Π΄Π°ΡΡ ΠΈΡ Π² ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠΈΠ΅ Π·Π°ΠΏΡΠΎΡΡ, ΠΊΠ°ΠΊ ΠΏΠΎΠΊΠ°Π·Π°Π½ΠΎ Π½Π° ΠΈΠ·ΠΎΠ±ΡΠ°ΠΆΠ΅Π½ΠΈΠΈ Π½ΠΈΠΆΠ΅:
(A) ΠΠ° ΠΏΡΠΎΠ±ΡΠΎΡ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΎΠ² ΠΎΡΠ²Π΅ΡΠ°Π΅Ρ Istio; (B) ΠΠ° Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ ΠΎΡΠ²Π΅ΡΠ°ΡΡ ΡΠ΅ΡΠ²ΠΈΡΡIstio Π΄Π΅Π»Π°Π΅Ρ ΠΎΡΠ½ΠΎΠ²Π½ΡΡ ΡΠ°Π±ΠΎΡΡ, Ρ.ΠΊ. Π³Π΅Π½Π΅ΡΠΈΡΡΠ΅Ρ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ Π΄Π»Ρ Π²Ρ ΠΎΠ΄ΡΡΠΈΡ Π·Π°ΠΏΡΠΎΡΠΎΠ², ΡΠΎΠ·Π΄Π°ΡΡ Π½ΠΎΠ²ΡΠ΅ span'Ρ Π² ΠΊΠ°ΠΆΠ΄ΠΎΠΌ sidecare'Π΅ ΠΈ ΠΏΡΠΎΠ±ΡΠ°ΡΡΠ²Π°Π΅Ρ ΠΈΡ . ΠΠ΄Π½Π°ΠΊΠΎ Π±Π΅Π· ΡΠ°Π±ΠΎΡΡ Ρ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠ°ΠΌΠΈ Π²Π½ΡΡΡΠΈ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ² ΠΏΠΎΠ»Π½ΡΠΉ ΠΏΡΡΡ ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠΈ Π·Π°ΠΏΡΠΎΡΠ° Π±ΡΠ΄Π΅Ρ ΡΡΠ΅ΡΡΠ½.
ΠΠ΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΠΎ ΡΡΠΈΡΡΠ²Π°ΡΡ (ΠΏΡΠΎΠ±ΡΠ°ΡΡΠ²Π°ΡΡ) ΡΠ»Π΅Π΄ΡΡΡΠΈΠ΅ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ:
x-request-id x-b3-traceid x-b3-spanid x-b3-parentspanid x-b3-sampled x-b3-flags x-ot-span-contextΠΡΠΎ Π½Π΅ΡΠ»ΠΎΠΆΠ½Π°Ρ Π·Π°Π΄Π°ΡΠ°, ΠΎΠ΄Π½Π°ΠΊΠΎ Π΄Π»Ρ ΡΠΏΡΠΎΡΠ΅Π½ΠΈΡ Π΅Ρ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΡΠΆΠ΅ ΡΡΡΠ΅ΡΡΠ²ΡΠ΅Ρ β Π½Π°ΠΏΡΠΈΠΌΠ΅Ρ, Π² ΡΠ΅ΡΠ²ΠΈΡΠ΅ sa-web-app ΠΊΠ»ΠΈΠ΅Π½Ρ RestTemplate ΠΏΡΠΎΠ±ΡΠ°ΡΡΠ²Π°Π΅Ρ ΡΡΠΈ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ, Π΅ΡΠ»ΠΈ ΠΏΡΠΎΡΡΠΎ Π΄ΠΎΠ±Π°Π²ΠΈΡΡ Π±ΠΈΠ±Π»ΠΈΠΎΡΠ΅ΠΊΠΈ Jaeger ΠΈ OpenTracing Π² .
ΠΠ°ΠΌΠ΅ΡΡΡΠ΅, ΡΡΠΎ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ Sentiment Analysis Π΄Π΅ΠΌΠΎΠ½ΡΡΡΠΈΡΡΠ΅Ρ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ Π½Π° Flask, Spring ΠΈ ASP.NET Core.
Π’Π΅ΠΏΠ΅ΡΡ, ΠΊΠΎΠ³Π΄Π° ΡΡΠ°Π»ΠΎ ΡΡΠ½ΠΎ, ΡΡΠΎ ΠΌΡ ΠΏΠΎΠ»ΡΡΠ°Π΅ΠΌ ΠΈΠ· ΠΊΠΎΡΠΎΠ±ΠΊΠΈ (ΠΈΠ»ΠΈ ΠΏΠΎΡΡΠΈ Β«ΠΈΠ· ΠΊΠΎΡΠΎΠ±ΠΊΠΈΒ»), ΡΠ°ΡΡΠΌΠΎΡΡΠΈΠΌ Π²ΠΎΠΏΡΠΎΡΡ ΡΠΎΠ½ΠΊΠΎ Π½Π°ΡΡΡΠ°ΠΈΠ²Π°Π΅ΠΌΠΎΠΉ ΠΌΠ°ΡΡΡΡΡΠΈΠ·Π°ΡΠΈΠΈ, ΡΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ ΡΠ΅ΡΠ΅Π²ΡΠΌ ΡΡΠ°ΡΠΈΠΊΠΎΠΌ, Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ ΠΈ Ρ.ΠΏ.!
ΠΡΠΈΠΌ. ΠΏΠ΅ΡΠ΅Π².: ΠΎΠ± ΡΡΠΎΠΌ ΡΠΈΡΠ°ΠΉΡΠ΅ Π² ΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΡΠ°ΡΡΠΈ ΠΌΠ°ΡΠ΅ΡΠΈΠ°Π»ΠΎΠ² ΠΏΠΎ Istio ΠΎΡ Rinor Maloku, ΠΏΠ΅ΡΠ΅Π²ΠΎΠ΄Ρ ΠΊΠΎΡΠΎΡΡΡ ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡ Π² Π½Π°ΡΠ΅ΠΌ Π±Π»ΠΎΠ³Π΅ Π² Π±Π»ΠΈΠΆΠ°ΠΉΡΠ΅Π΅ Π²ΡΠ΅ΠΌΡ. UPDATE (14 ΠΌΠ°ΡΡΠ°): ΡΠΆΠ΅ ΠΎΠΏΡΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½Π°.
P.S. ΠΎΡ ΠΏΠ΅ΡΠ΅Π²ΠΎΠ΄ΡΠΈΠΊΠ°
Π§ΠΈΡΠ°ΠΉΡΠ΅ ΡΠ°ΠΊΠΆΠ΅ Π² Π½Π°ΡΠ΅ΠΌ Π±Π»ΠΎΠ³Π΅:
- Β«ΠΠ°Π·Π°Π΄ ΠΊ ΠΌΠΈΠΊΡΠΎΡΠ΅ΡΠ²ΠΈΡΠ°ΠΌ Π²ΠΌΠ΅ΡΡΠ΅ Ρ IstioΒ»: , ;
- «»;
- «»;
- «»;
- «».
ΠΡΡΠΎΡΠ½ΠΈΠΊ: habr.com
route:
- destination:
host: sa-frontend # 2
port:
number: 80
Pfungwa dzakakosha:
- Iyi VirtualService inoreva zvikumbiro zvinouya kuburikidza http-gedhi;
- Π
destinationSevhisi inotumirwa zvikumbiro inotemwa.taura pfungwa: Magadzirirwo ari pamusoro anochengetwa mufaira
sa-virtualservice-external.yaml, iyo inewo marongero ekufambisa muSA-WebApp uye SA-Feedback, asi yakapfupikiswa pano muchinyorwa chekupfupika.Ngatishandise VirtualService nekufona:
taura pfungwa: Patinodya zviwanikwa zveIstio, Kubernetes API Server inogadzira chiitiko chinogamuchirwa neIstio Control Plane, uye mushure meizvozvo kugadziridzwa kutsva kunoshandiswa kune imwe neimwe pod's Envoy proxies. Uye iyo Ingress Gateway controller inoita kunge imwe Nhume yakagadziridzwa muDhipatimendi Rokudzora. Zvese izvi zvinotaridzika seizvi mudhayagiramu:
Istio-IngressGateway kumisikidza yekukumbira nziraSentiment Analysis application yave kuwanikwa pa
http://{EXTERNAL-IP}/. Usanetseka kana iwe ukawana Hauna Kuwanikwa chimiro: Dzimwe nguva zvinotora nguva yakati rebei kuti gadziriso iite uye Envoy caches kugadzirisa.Usati waenderera, tamba neapp zvishoma kuti ugadzire traffic. (kuvapo kwayo kwakakosha kuti ijekeswe muzviito zvinotevera - approx. transl.).
Kiali: kucherechedzwa
Kuti usvike kune Kiali administrative interface, mhanyisa unotevera kuraira:
... uye vhura , kupinda mukati se admin/admin. Pano iwe unowana akawanda anobatsira maficha, semuenzaniso, kutarisa kumisikidzwa kweIstio zvikamu, fungidzira masevhisi uchishandisa ruzivo rwakaunganidzwa kubva mukubvunzurudza zvikumbiro zvetiweki, tora mhinduro kumibvunzo "Ndiani arikusangana naani?", "Ndeipi vhezheni yebasa iri kusangana kukundikana?β zvichingoenda zvakadaro. Kazhinji, ongorora kugona kweKiali usati waenderera mberi nekuona metrics neGrafana.
Grafana: metrics kuona
Metrics inounganidzwa muIstio inopinda muPrometheus uye inoonekwa naGrafana. Kuti usvike kuGrafana administrative interface, mhanyisa murairo pazasi wobva wavhura :
Kudzvanya pane menyu Home kumusoro kuruboshwe uye kusarudza Istio Service Dashboard kumusoro kuruboshwe, tanga nebasa sa-web-appkutarisa ma metrics akaunganidzwa:
Izvo zvakatimirira pano ibasa risina chinhu uye rinofinha - manejimendi haazombobvumira izvi. Ngatigadzirei mutoro mudiki nemurairo unotevera:
Iye zvino tine magirafu akawanda akanaka, uye nekuwedzera kwavari, zvinoshamisa zvePrometheus zvishandiso zvekutarisa uye Grafana yekuona metrics izvo zvinotibvumira kudzidza nezvekuita, hutano, kuvandudzwa / kuderedzwa mumasevhisi nekufamba kwenguva.
Chekupedzisira, ngatitarisei kutsvaga zvikumbiro mumasevhisi.
Jaeger: kutsvaga
Tichada kutsvaga nekuti kuwanda kwesevhisi yatinayo, ndiko kunonyanya kuoma kusvika kune chikonzero chekutadza. Ngatitarisei nyaya iri nyore kubva pamufananidzo uri pazasi:
Muenzaniso wechikumbiro chatadza kurongekaChikumbiro chinouya, chinowira - chikonzero chii? Sevhisi yekutanga? Kana wechipiri? Pane zvakasarudzika mune zvese - ngatitarisei matanda ega ega. Kangani kawakazvibata uchiita izvi? Basa redu rakafanana nesoftware yekuongorora pane vanogadzira ...
Iri idambudziko rakajairika mumamicroservices uye rinogadziriswa neakagoverwa ekutsvaga masisitimu, umo masevhisi anopfuudza yakasarudzika musoro kune mumwe nemumwe, mushure mezvo ruzivo urwu rwunotumirwa kune yekutevera system, kwainofananidzwa nedata rekukumbira. Heino mufananidzo:
TraceId inoshandiswa kuona chikumbiroIstio inoshandisa Jaeger Tracer, iyo inoshandisa mutengesi-akazvimiririra OpenTracing API chimiro. Iwe unogona kuwana iyo Jaeger mushandisi interface neinotevera rairo:
Zvino enda ku uye sarudza sevhisi sa-web-app. Kana iyo sevhisi isina kuratidzwa mune yekudonha-pasi menyu, ratidza / gadzira chiitiko pane peji uye gadzirisa iyo interface. Mushure meizvozvo, tinya bhatani Find Traces, iyo icharatidza zvichangobva kuitika - sarudza chero - ruzivo rwakadzama pane ese maronda achaonekwa:
Ichi chinyorwa chinoratidza:
- Chikumbiro chinopinda istio-ingressgateway (uku ndiko kusangana kwekutanga neimwe yemasevhisi, uye Trace ID inogadzirwa yechikumbiro), mushure meizvozvo gedhi rinotumira chikumbiro kubasa. sa-web-app.
- Mushumiro sa-web-app chikumbiro chinotorwa neEnvoy sidecar, "mwana" anogadzirwa mukati menguva (ndosaka tichizviona mumatanho) uye anodzoserwa kumudziyo. sa-web-app. ( - inonzwisisika unit yebasa muJaeger, ine zita, nguva yekutanga yekushanda uye nguva yayo. Spans inogona kuiswa uye kuodha. Yakanangwa acyclic graph yezvipanha inoumba trace. - approx. transl.)
- Pano chikumbiro chinogadziriswa nenzira sentimentAnalysis. Aya maronda atogadzirwa neapp, i.e. vaida kuchinja kodhi.
- Kubva panguva ino zvichienda mberi, chikumbiro chePOST chinotangwa mukati sa-logic. Trace ID inofanira kuendeswa mberi kubva sa-web-app.
- ...
taura pfungwa: Muchikamu chechina, chikumbiro chinofanira kuona misoro inogadzirwa neIstio uye ipfuure kune zvinotevera zvikumbiro sezvakaratidzwa mumufananidzo uri pazasi:
(A) Istio ine basa rekutumira misoro; (B) Masevhisi ane basa remusoroIstio inoita rakawanda rebasa nekuti... inogadzira misoro yezvikumbiro zvinouya, inogadzira mitsva mitsva mune yega yega yekutarisira uye inoendesa mberi. Nekudaro, pasina kushanda nemusoro mukati mesevhisi, iyo yakazara yekukumbira nzira yekutsvaga inorasika.
Misoro inotevera inofanirwa kuverengerwa:
Iri harisi basa rakaoma, asi kurerutsa kuita kwayo kwatovepo - semuenzaniso, mune sa-web-app sevhisi, iyo RestTemplate mutengi inoendesa mberi iyi misoro kana iwe ukangowedzera Jaeger uye OpenTracing raibhurari ku. .
Ziva kuti Sentiment Analysis application inoratidza kuita muFlask, Spring, uye ASP.NET Core.
Iye zvino zvave pachena izvo zvatinowana kunze kwebhokisi (kana kupotsa kunze kwebhokisi), ngatitarisei nzira yakarongeka, manejimendi traffic traffic, chengetedzo, nezvimwe!
Cherechedza. transl.: Verenga pamusoro peizvi muchikamu chinotevera chezvinyorwa paIstio kubva kuRinor Maloku, shanduro dzichatevera pa blog yedu munguva pfupi iri kutevera. UPDATE (Kurume 14): yakatodhindwa.
PS kubva kumushanduri
Verenga zvakare pablog yedu:
- "Kudzokera kumamicroservices neIstio": , ;
- Β«";
- Β«";
- Β«";
- Β«".
Source: www.habr.com