Sezvo isu tichifamba kubva kune monolithic application kuenda kune microservices architecture, tinotarisana nematambudziko matsva.
Mune monolithic application, zvinowanzo kuve nyore kuona kuti ndeipi chikamu cheiyo system kukanganisa kwakaitika. Zvingangodaro, dambudziko riri mukodhi ye monolith pachayo, kana mu database. Asi patinotanga kutsvaga dambudziko mune microservice architecture, zvese hazvisisiri pachena. Isu tinofanirwa kutsvaga nzira yese iyo chikumbiro chakatora kubva pakutanga kusvika pakupedzisira uye sarudza kubva kumazana emicroservices. Uyezve, vazhinji vavo vanewo nzvimbo dzavo dzekuchengetedza, izvo zvinogona kukonzera kukanganisa kunonzwisisika, pamwe nezvinetso nekushanda uye kukanganisa kushivirira.
Ndanga ndichitsvaga kwenguva yakareba chishandiso chinogona kubatsira kubata nematambudziko akadai (Ndakanyora nezve izvi paHabrΓ©: , ), asi pakupedzisira ndakagadzira yangu yakavhurika sosi mhinduro. Muchinyorwa chino ini ndinotaura nezve mabhenefiti ebasa mesh maitiro uye kugovera chishandiso chitsva chekushandiswa kwayo.
Distributed tracing ndiyo mhinduro yakajairika kune dambudziko rekutsvaga zvikanganiso mumasisitimu akagoverwa. Asi zvakadini kana nzira iyi yekuunganidza ruzivo pamusoro pekubatana kwetiweki isati yashandiswa muhurongwa, kana, zvakanyanya, muchikamu chegadziriro inotoshanda nemazvo, asi muchikamu haiti, sezvo isati yawedzerwa kumabasa ekare. ? Kuti uone chaicho chinokonzera dambudziko, zvinodikanwa kuve nemufananidzo wakakwana wezviri kuitika muhurongwa. Izvo zvakanyanya kukosha kuti unzwisise kuti ndeapi mamicroservices anobatanidzwa munzira dzakakosha dzebhizinesi.
Pano sevhisi mesh nzira inogona kuuya kuzotibatsira, iyo inobata nemichina yese yekuunganidza ruzivo rwenetiweki padanho rakaderera pane masevhisi anoshanda pachawo. Iyi nzira inotibvumira kubata traffic yese uye kuiongorora pane nhunzi. Uyezve, zvikumbiro hazvifanirwe kuziva chero chinhu nezvazvo.
Service mesh nzira
Pfungwa huru yesevhisi mesh nzira ndeyekuwedzera imwe nhanho yezvivakwa pamusoro petiweki, izvo zvinotitendera kuita chero chinhu nekudyidzana kwe-inter-service. Mazhinji mashandisirwo anoshanda sezvizvi: imwe yekuwedzera sidecar mudziyo ine yakajeka proxy inowedzerwa kune yega yega microservice, kuburikidza iyo yese inouya uye inobuda traffic yesevhisi inopfuudzwa. Uye iyi ndiyo nzvimbo yatinogona kuita kuenzanisa kwevatengi, kushandisa mitemo yekuchengetedza, kuisa zvirambidzo pahuwandu hwezvikumbiro uye kuunganidza ruzivo rwakakosha pakudyidzana kwesevhisi mukugadzira.
Mhinduro
Iko kune kwatove kwakati wandei kushandiswa kweiyi nzira: ΠΈ . Vanopa zvakawanda zvezvinhu kunze kwebhokisi. Asi panguva imwe chete, kunouya kukuru pamusoro pezviwanikwa. Uyezve, iyo yakakura sumbu umo hurongwa hwakadaro hunoshanda, zvimwe zviwanikwa zvichange zvichidikanwa kuchengetedza zvivakwa zvitsva. PaAvito, isu tinoshandisa kubernetes masumbu ane zviuru zvezviitiko zvesevhisi (uye nhamba yavo inoramba ichikura nekukurumidza). Mukuita kwayo ikozvino, Istio inoshandisa ~ 300Mb ye RAM pane imwe sevhisi sevhisi. Nekuda kwehuwandu hukuru hwezvinokwanisika, kuyera kwakajeka kunokanganisa zvakare nguva yekupindura yesesevhisi (kusvika gumi).
Nekuda kweizvozvo, takatarisa kuti ndezvipi zvataida izvozvi, uye takasarudza kuti chikonzero chikuru chakaita kuti titange kuita zvigadziriso zvakadaro kugona kuunganidza ruzivo rwekutsvaga kubva kuhurongwa hwese pachena. Isu taida zvakare kuve nekutonga pamusoro pekudyidzana kwesevhisi uye kuita akasiyana manipulations nemisoro inotamiswa pakati pemasevhisi.
Nekuda kweizvozvo, takasvika pachisarudzo chedu:β .
Netramesh
ndeye lightweight sevhisi mesh mhinduro ine kugona kukwira nekusingaperi, zvisinei nehuwandu hwesevhisi muhurongwa.
Zvinangwa zvikuru zvemhinduro itsva zvaive zvakaderera zviwanikwa pamusoro uye kushanda kwakanyanya. Pakati peakanyanya maficha, isu takabva tangoda kukwanisa kutumira zviri pachena kuronda spans kune yedu Jaeger system.
Nhasi, mhinduro zhinji dzefu dzinoitwa muGolang. Uye, zvechokwadi, pane zvikonzero zveizvi. Kunyora mashandisirwo etiweki muGolang anoshanda asynchronously neI/O uye kuyera pamacores sezvinodiwa zviri nyore uye zviri nyore. Uye, chii chakakoshawo, kuita kwakakwana kugadzirisa dambudziko iri. Ndosaka takasarudzawo Golang.
Kubudirira
Isu takanangidzira nhamburiko dzedu pakuwana kubereka kwakanyanya. Kune mhinduro inoiswa padivi pechimwe chiitiko chesevhisi, kushandiswa kudiki kwe RAM uye CPU nguva inodiwa. Uye, chokwadi, kunonoka kwekupindura kunofanirawo kuva kuduku.
Ngationei zvatakawana.
RAM
Netramesh inoshandisa ~ 10Mb isina traffic uye 50Mb yakakura ine mutoro unosvika zviuru gumi RPS pamuenzaniso.
Istio envoy proxy inogara ichidya ~ 300Mb mumasumbu edu nezviuru zvezviitiko. Izvi hazvibvumi kuti zviyerwe kune sumbu rose.
NeNetramesh isu takawana ~ 10x kudzikiswa kwekushandisa ndangariro.
CPU
CPU kushandiswa kwakaenzana pasi pemutoro. Izvo zvinoenderana nehuwandu hwezvikumbiro pachikamu chenguva kune sidecar. Values ββpa3000 zvikumbiro pasekondi pakakwirira:
Pane imwe pfungwa yakakosha: Netramesh - mhinduro isina ndege yekudzora uye isina mutoro haidyi CPU nguva. NeIstio, masidecars anogara achivandudza sevhisi endpoints. Nekuda kweizvozvo, tinogona kuona mufananidzo uyu pasina mutoro:
Isu tinoshandisa HTTP/1 kutaurirana pakati pemasevhisi. Kuwedzera kwekupindura nguva yeIstio kana proxying kuburikidza nenhume yaive kusvika ku5-10ms, iyo yakawanda kwazvo kune masevhisi akagadzirira kupindura mune millisecond. NeNetramesh nguva ino yadzikira kusvika pa0.5-2ms.
Kukwanisika
Izvo zvishoma zviwanikwa zvinodyiwa nemumiriri wega wega zvinoita kuti zvikwanise kuiisa padivi pesevhisi yega yega. Netramesh yakagadzirwa nemaune isina chinhu chekudzora ndege kuti ingochengeta yega yega sidecar lightweight. Kazhinji musevhisi mesh mhinduro, ndege inodzora inogovera ruzivo rwekutsvaga sevhisi kune yega yega sidecar. Pamwe chete nazvo zvinouya ruzivo nezve nguva yekubuda uye kuenzanisa marongero. Zvese izvi zvinokutendera iwe kuti uite zvakawanda zvinobatsira zvinhu, asi, zvinosuruvarisa, inobhuroka sidecars muhukuru.
Kuwanikwa kwesevhisi
Netramesh haiwedzere mamwe maitiro ekutsvaga sevhisi. Yese traffic inoiswa pachena kuburikidza netra sidecar.
Netramesh inotsigira HTTP/1 application protocol. Kuti uzvitsanangure, rondedzero inogadziriswa yemaports inoshandiswa. Kazhinji, iyo sisitimu ine akati wandei madoko kuburikidza iyo HTTP kutaurirana kunoitika. Semuyenzaniso, tinoshandisa 80, 8890, 8080 pakudyidzana pakati pemasevhisi nezvikumbiro zvekunze.Pakadai, anogona kusetwa pachishandiswa shanduko yezvakatipoteredza. NETRA_HTTP_PORTS.
Kana iwe ukashandisa Kubernetes se orchestrator uye yayo Sevhisi entity nzira yekutaurirana mukati mesevhisi pakati pemasevhisi, saka mashini anoramba akafanana. Kutanga, iyo microservice inowana sevhisi IP kero ichishandisa kube-dns uye inovhura iyo nyowani yekubatanidza kwairi. Kubatana uku kunotanga kusimbiswa neyemuno netra-sidecar uye ese TCP mapaketi anotanga asvika kune netra. Tevere, netra-sidecar inomisikidza chinongedzo nenzvimbo yepakutanga. NAT pane pod IP pane node inoramba yakangofanana neisina netra.
Yakagoverwa kutsvaga uye kutumira mamiriro
Netramesh inopa mashandiro anodiwa kutumira kuteedzera spans nezve HTTP kudyidzana. Netra-sidecar inotambidza HTTP protocol, zviyero zvekukumbira kunonoka, uye inobvisa ruzivo rwakakosha kubva kuHTTP misoro. Pakupedzisira, isu tinowana zvese zvinoteedzera mune imwechete Jaeger system. Kuti ugadzirise zvakanaka-grained, iwe unogona zvakare kushandisa mamiriro ekunze anopihwa neraibhurari yepamutemo .
Asi pane dambudziko. Kusvikira masevhisi agadzira uye nekutumira yakakosha uber musoro, isu hatione yakabatana yekutevera spans muhurongwa. Uye izvi ndizvo zvatinoda kukurumidza kutsvaga chikonzero chematambudziko. Pano zvakare Netramesh ine mhinduro. MaProxies anoverenga misoro yeHTTP uye, kana isina iyo uber trace id, ita imwe. Netramesh inochengetawo ruzivo nezve zvinopinda uye zvinobuda zvikumbiro mumotokari yepadivi uye inozvifananidza nekuvapfumisa neinodiwa inobuda yekukumbira misoro. Zvese zvaunoda kuti uite mumasevhisi kutumira musoro mumwe chete X-Request-Id, iyo inogona kugadzirwa uchishandisa shanduko yemamiriro NETRA_HTTP_REQUEST_ID_HEADER_NAME. Kuti udzore saizi yemamiriro ekunze muNetramesh, unogona kuseta anotevera nharaunda akasiyana: NETRA_TRACING_CONTEXT_EXPIRATION_MILLISECONDS (nguva iyo mamiriro acho achachengetwa) uye NETRA_TRACING_CONTEXT_CLEANUP_INTERVAL (frequency of context kuchenesa).
Izvo zvakare zvinogoneka kusanganisa nzira dzakawanda pane yako system nekudzimaka nechakakosha chikamu chechiratidzo. Netra inobvumidza iwe kuisa HTTP_HEADER_TAG_MAP kushandura misoro yeHTTP kuita ma tag anoenderana ekutevera. Izvi zvinogona kunyanya kubatsira pakuedza. Mushure mekupasa bvunzo inoshanda, unogona kuona kuti ndeipi chikamu cheiyo sisitimu chakakanganisika nekusefa nekiyi yechikamu chinoenderana.
Kusarudza Kunobva Chikumbiro
Kuti uone kuti chikumbiro chakabva kupi, unogona kushandisa mashandiro ekuwedzera musoro nekwakabva. Kushandisa an environment variable NETRA_HTTP_X_SOURCE_HEADER_NAME Unogona kudoma zita remusoro rinozoiswa otomatiki. Nokushandisa NETRA_HTTP_X_SOURCE_VALUE unogona kuseta kukosha uko iyo X-Source musoro uchaiswa kune zvese zvinobuda zvikumbiro.
Izvi zvinobvumira kugoverwa kwemusoro unobatsira uyu kugovaniswa zvakafanana mukati me network. Ipapo iwe unogona kuishandisa mumasevhisi uye woiwedzera kune matanda uye metrics.
Traffic routing uye Netramesh vemukati
Netramesh ine zvikamu zviviri zvikuru. Yekutanga, netra-init, inoisa mitemo yetiweki kuvharira traffic. Anoshandisa kubata yese kana chikamu chetraffic padivi pemotokari, inova chikamu chechipiri chikuru cheNetramesh. Iwe unogona kugadzirisa kuti ndeapi madoko anoda kutambirwa kune inouya uye inobuda TCP zvikamu: INBOUND_INTERCEPT_PORTS, OUTBOUND_INTERCEPT_PORTS.
Chishandiso chinewo chinhu chinonakidza - probabilistic routing. Kana iwe ukashandisa Netramesh chete yekuunganidza yekutevera spans, saka munzvimbo yekugadzira iwe unogona kuchengetedza zviwanikwa uye kugonesa probabilistic routing uchishandisa zvinosiyana. NETRA_INBOUND_PROBABILITY ΠΈ NETRA_OUTBOUND_PROBABILITY (kubva pa0 kusvika ku1). Iko kukosha kweiyo 1 (yese traffic inobatwa).
Mushure mekubudirira kubata, netra sidecar inogamuchira iyo nyowani yekubatanidza uye inoshandisa SO_ORIGINAL_DST socket sarudzo kuti uwane kwekutanga kwekuenda. Netra inozovhura chinongedzo chitsva kune yekutanga IP kero uye inomisikidza nzira mbiri TCP kutaurirana pakati pemapato, ichiteerera kune yese traffic inopfuura. Kana iyo chiteshi ichitsanangurwa seHTTP, Netra inoedza kupfuudza nekuitsvaga. Kana HTTP parsing ikatadza, Netra inowira kumashure kuTCP uye pachena proxies mabyte.
Kuvaka girafu rekutsamira
Mushure mekugamuchira huwandu hukuru hwekutsvaga ruzivo muJaeger, ini ndoda kuwana yakazara girafu yekudyidzana muhurongwa. Asi kana sisitimu yako yakanyatsoremerwa uye mabhiriyoni ekutsvagisa spans achiunganidza pazuva, kuaunganidza harisi basa riri nyore. Pane nzira yepamutemo yekuita izvi: . Nekudaro, zvinotora maawa kuti ugadzire girafu rakazara uye zvinokumanikidza kurodha yese dataset kubva kuJaeger kwemaawa makumi maviri nemana apfuura.
Kana iwe uri kushandisa Elasticsearch kuchengeta nzvimbo dzekutevera, unogona kushandisa , iyo inovaka iyo yakafanana girafu mumaminitsi uchishandisa maficha uye kugona kweElasticsearch.
Maitiro ekushandisa Netramesh
Netra inogona kuwedzerwa nyore kune chero sevhisi inomhanya chero orchestrator. Unogona kuona muenzaniso .
Parizvino, Netra haina kugona kuita otomatiki masidecars kumasevhisi, asi pane zvirongwa zvekushandisa.
Ramangwana reNetramesh
chinangwa chikuru ndeyekuwana mari shoma yezvishandiso uye kushanda kwepamusoro, ichipa hunyanzvi hwekuona uye kutonga kwekutaurirana kwepakati-sevhisi.
Mune ramangwana, Netramesh ichatsigira mamwe maapplication layer protocol kunze kweHTTP. L7 routing ichave iripo munguva pfupi iri kutevera.
Shandisa Netramesh kana ukasangana nematambudziko akafanana uye unyore kwatiri nemibvunzo nemazano.
Source: www.habr.com