Cherechedza. transl.: Sevhisi mesh chiitiko chisati chave neshanduro yakagadzikana muchiRussia (makore anopfuura 2 apfuura takakurudzira sarudzo ye "mesh for services", uye gare gare vamwe vashandi vakatanga kushingaira kusimudzira musanganiswa we "sevhisi yebasa"). Kugara kutaura nezve tekinoroji iyi kwakatungamira kune mamiriro umo kushambadzira uye tekinoroji zvikamu zvakanyanyisa kupindirana. Izvi zvinoshamisa zvinhu kubva kune mumwe wevanyori vezwi rekutanga zvakagadzirirwa kupa kujekeswa kune mainjiniya nevamwe.
Comic kubva
Nhanganyaya
Kana iwe uri injinjini yesoftware inoshanda kumwe kubackend system space, izwi rekuti "sevhisi mesh" rinogona kunge rakatodzika midzi mupfungwa dzako mumakore mashoma apfuura. Kutenda kune chiitiko chinoshamisa, mutsara uyu uri kutora indasitiri zvakanyanya uye zvakanyanya, uye hype uye kushambadza zvinopihwa zvine chekuita nazvo zviri kukura sebhora rechando riri kubhururuka richidzika uye kusaratidza zviratidzo zvekuderera.
Sevhisi mesh yakaberekerwa mumvura ine murky, yakarerekera kwegore rekuzvarwa ecosystem. Zvinosuruvarisa, izvi zvinoreva kuti yakawanda yekukakavadzana kwayo inotangira kubva ku "low-calorie talk" kusvika-kushandisa izwi reunyanzvi-zvisina maturo. Asi kana iwe ukacheka nepakati ruzha rwese, iwe uchaona kuti sevhisi mesh ine chaiyo chaiyo, yakatsanangurwa uye yakakosha basa.
Mune ino positi, ini ndichaedza kuita izvo chaizvo: ipa yakatendeseka, yakadzama, injinjini-yakatarisana negwara rebasa mesh. Ini handisi kungopindura mubvunzo: "Chii?", - asiwo "Sei?", pamwe chete "Sei manje?". Chekupedzisira, ndichaedza kudonongodza kuti sei (mukuona kwangu) iyi tekinoroji yakonzera kupenga kwakadai, inova nyaya inonakidza pachayo.
Ndiri ani
Mhoroi mose! Zita randu ndi . Ndiri mumwe wevasiki - iyo yekutanga sevhisi mesh purojekiti uye purojekiti ine mhosva yekuonekwa kwetemu service mesh sekudaro ( sorry guys!). (Note transl.: Nenzira, pakutanga kwekuonekwa kwezwi iri, makore anopfuura 2,5 apfuura, takatoshandura zvinyorwa zvekutanga zvemunyori mumwe chete "".) Iniwo musoro ndeyekutanga inogadzira inotonhorera sevhisi mesh zvinhu seLinkerd uye .
Iwe unogona kunge uchifungidzira kuti ndine maonero akarerekera uye akasarudzika panyaya iyi. Nekudaro, ini ndichaedza kuchengetedza kurerekera kune zvishoma (kunze kwechikamu chimwe chete: "Nei paine kutaura kwakawanda kudaro nezve mesh yebasa?", - umo ndichiri kugovera mazano angu ekare). Iniwo ndichaita zvandinogona kuita kuti gwara iri rive chinangwa sezvinobvira. Zvemienzaniso chaiyo, ini ndichanyanya kuvimba neruzivo rwaLinkerd, ndichitaura mutsauko (kana uripo) wandinoziva mukuitwa kwemamwe masevhisi mesh mhando.
Zvakanaka, inguva yekuenderera mberi kune zvinonaka.
Chii chinonzi service mesh?
Pasinei nezvose hype, chimiro chebasa mesh chiri nyore. Iri rinongori boka remushandisi wepamhepo proxies ari "padyo ne" masevhisi (tichataura zvishoma nezve "zvinotevera" gare gare), pamwe neseti yekutonga maitiro. Maproxies anodanwa pamwe chete data ndege, uye maitiro ekudzora anonzi kudzora ndege. Ndege yedata inobata mafoni pakati pemasevhisi uye inoita "marudzi ese ezvinhu zvakasiyana" navo; Iyo ndege inodzora, zvinoenderana, inoronga maitiro eiyo proxy uye inopa mukana kwauri, i.e. opareta, kune API, ichibvumira network kuti ishandiswe uye kuyerwa seyese.
Ndeupi rudzi rweproxy iyi? Iyi iLayer 7-inoziva TCP proxy (kureva "kufunga nezve" layer 7 yeOSI modhi) seHAProxy uye NGINX. Iwe unogona kusarudza proxy kune zvaunoda; Linkerd inoshandisa Rust proxy, inongopihwa zita . Isu tinoiisa pamwechete zvakanangana nesevhisi mesh. Mamwe meshes anosarudza mamwe ma proxies (Envoy isarudzo yakajairika). Nekudaro, kusarudza proxy ingori nyaya yekushandisa.
Ko aya maproxy server anoita sei? Zviripachena, ivo vanofona vachiuya nekubva kune masevhisi (kunyatso kutaura, vanoita semaproxies uye vanodzosera kumashure ma proxies, vachibata zvese zvinopinda nezvinobuda). Uye ivo vanoshandisa chimiro chinotarisa pane mafoni pakati pe masevhisi. Izvi zvinotarisisa traffic pakati pemasevhisi ndizvo zvinosiyanisa sevhisi mesh proxy kubva, toti, API gedhi kana ingress proxies (yekupedzisira inotarisisa mafoni anouya musumbu kubva kunze kwenyika). (Cherechedza. transl.: Kuti uenzanise yevaripo Ingress controllers yeKubernetes, mazhinji ayo anoshandisa iyo yakatotaurwa Nhume, ona. .)
Saka, isu takarongedza ndege yedata. Ndege yekudzora iri nyore: iboka rezvikamu zvinopa ma mechanics ayo ndege yedata inoda kushanda nenzira yakarongeka, kusanganisira kuwanikwa kwesevhisi, kuburitsa zvitupa zveTLS, metric aggregation, nezvimwewo. Ndege yedata inozivisa ndege yekudzora maitiro ayo; zvakare, iyo ndege inodzora inopa API inokubvumira kuti uchinje uye utarise maitiro eiyo ndege yedata sese.
Pazasi pane dhizaini yekudzora ndege uye data ndege muLinkerd. Sezvauri kuona, iyo ndege yekudzora inosanganisira akati wandei akasiyana zvikamu, zvinosanganisira Prometheus muenzaniso inounganidza metrics kubva kune proxy maseva, pamwe nezvimwe zvinhu zvakaita se. destination (kuwanikwa kwebasa), identity (chiremera chetifiketi, CA) uye public-api (magumo ewebhu uye CLI). Kusiyana neizvi, ndege yedata iri nyore linkrd-proxy padyo nemuenzaniso wekushandisa. Iyi ingori dhayagiramu ine musoro; Mukutumirwa kwepasirese-chaiyo, iwe unogona kunge uine replicas matatu ega ega yekudzora ndege chikamu uye mazana kana zviuru zveproxies mundege yedata.
(Makona eblue ari mudhayagiramu anofananidzira miganhu yeKubernetes pods. Unogona kuona kuti magaba ane linkerd-proxy ari mupod imwechete nemidziyo yekushandisa. Chirongwa ichi chinozivikanwa nekuti sidecar mudziyo.)
Sevhisi mesh architecture ine akati wandei akakosha. Chekutanga, sezvo basa remumiriri ndere kubvuta mafoni pakati pemasevhisi, mesh yesevhisi inongonzwisisika kana application yako yakagadzirirwa imwe seti yemasevhisi. Mesh anogona shandisa ne monoliths, asi izvi zvakajeka zvisingadiwi nekuda kweimwe chete proxy, uye kushanda kwayo hakugone kuve kuri kudiwa.
Imwe mhedzisiro yakakosha ndeyekuti sevhisi mesh inoda rakakura nhamba yemaproxies. Sezvineiwo, Linkerd inonamatira linkerd-proxy kune yese chiitiko chesevhisi yese (mamwe mashandisirwo anowedzera proxy kune yega node/host/virtual muchina. Zvakawanda zvakadaro). Kushanda kwakadai kushandiswa kweproxies pachayo kunotakura akati wandei mamwe matambudziko:
- MaProxies mundege yedata anofanira kunge ari fast, sezvo pakufona kwega kwega kune akati wandei mafoni kune proxy: imwe kudivi remutengi, imwe kudivi reseva.
- Uyewo maproxies anofanira kuva diki ΠΈ lightweight. Imwe neimwe ichadya ndangariro uye CPU zviwanikwa, uye mashandisiro aya anokura zvakatevedzana nekushandisa.
- Iwe unozoda michina yekuisa uye kugadzirisa huwandu hukuru hwema proxies. Kuzviita nemaoko haisi sarudzo.
Kazhinji, mesh yebasa inotaridzika seizvi (zvichida kubva paziso reshiri): iwe unotumira boka revashandisi venzvimbo "vanoita chimwe chinhu" nemukati, yepakati-sevhisi traffic, uye shandisa ndege yekudzora kuti itarise nekuibata.
Zvino yave nguva yekubvunza mubvunzo "Sei?"
Chii chinonzi sevhisi mesh?
Avo vakatanga kusangana nepfungwa yebasa mesh vanogona kuregererwa nekunzwa kutyisa. Iyo sevhisi mesh dhizaini inoreva kuti haingo wedzera latency mukushandisa, asi zvakare kupedza zviwanikwa uye achawedzera boka rezvishandiso zvitsva muzvivakwa. Kutanga iwe unogadzira mesh sevhisi, uye wobva wangoerekana wazviwana wave kuda kusevha mazana (kana asiri zviuru) zveproxies. Mubvunzo ndewokuti, ndiani anozvipira kuita izvi?
Mhinduro kumubvunzo uyu ine zvikamu zviviri. Chekutanga, mari yekutengeserana ine chekuita nekuendesa aya maproxies inogona kudzikiswa zvakanyanya nekuda kwedzimwe shanduko dziri kuitika mu ecosystem (zvimwe pane izvi gare gare).
Chechipiri, mudziyo wakaita seuyu inzira yakanaka yekuunza imwe pfungwa muhurongwa. Kwete chete nekuti sevhisi mesh inogona kuwedzera yakawanda mashandiro matsva, asiwo nekuti inogona kuitwa pasina kukanganisa ecosystem. Muchokwadi, iyo yese sevhisi mesh modhi yakavakirwa pane ichi chimiro: mune multiservice system, zvisinei kuti chii ita mabasa ega ega, traffic pakati pavo ndiyo yakanaka poindi yekuwedzera mashandiro.
Semuyenzaniso, muLinkerd (sezvakawanda meshes) kushanda kunotariswa zvakanyanya paHTTP mafoni, kusanganisira HTTP/2 uye gRPC*. Iko kushanda kwakapfuma - inogona kukamurwa kuita makirasi matatu:
- Zvimiro zvine chekuita ne kuvimbika. Zvikumbiro zvakadzokororwa, nguva, nzira ye canary (kutsemuka kwetraffic / redirection), nezvimwe.
- Zvimiro zvine chekuita ne monitoring. Kuunganidzwa kwemitengo yebudiriro, kunonoka uye mavhoriyamu ekukumbira sevhisi yega yega kana nzira dzemunhu; kuvakwa kwetopological mepu dzemasevhisi, nezvimwe.
- Zvimiro zvine chekuita ne chengetedzo. Mutual TLS, kutonga kwekuwana, nezvimwe.
* Kubva pamaonero aLinkerd, gRPC haina kumbosiyana neHTTP/2: inongoshandisa protobuf mubhadharo. Kubva pakuona kwemugadziri, zvinhu zviviri izvi, zvechokwadi, zvakasiyana.
Mazhinji emaitiro aya anoshanda pamwero wekukumbira (saka iyo "L7 proxy"). Semuenzaniso, kana iyo Foo sevhisi ikaita HTTP kufona kuBar sevhisi, chinongedzo-proxy padivi reFo inogona kuita hungwaru kuyera kuremerwa uye nzira dzekufona kubva kuFoo kuenda kuBar zviitiko zvichibva pane yakacherechedzwa latency; inogona kudzokorora chikumbiro kana zvichidikanwa (uye kana isina simba); inogona kurekodha kodhi yekupindura uye nguva yekupera, nezvimwe. Saizvozvo, linkerd-proxy padivi reBar inogona kuramba chikumbiro kana isingabvumirwe kana muganho wekukumbira ukapfuudzwa; inogona kurekodha kunonoka kwayo, nezvimwe.
MaProxies anogona "kuita chimwe chinhu" padanho rekubatanidza zvakare. Semuyenzaniso, linkerd-proxy kudivi reFo inogona kutanga kubatana kweTLS, uye linkerd-proxy padivi reBar inogona kuimisa, uye mativi ese ari maviri anogona kuonesa zvitupa zveTLS*. Izvi zvinopa kwete chete encryption pakati pemasevhisi, asiwo nzira yakachengeteka yekuona masevhisi: Foo neBar vanogona "kuratidza" kuti ndivo vavanoti ndivo.
* "Mutual of a friend" zvinoreva kuti chitupa chemutengi chinosimbiswa zvakare (mutual TLS). Mu "classic" TLS, semuenzaniso pakati pebrowser neserver, chitupa chedivi rimwe chete (sevha) chinowanzo simbiswa.
Zvisinei nekuti vanoshanda pakukumbira kana danho rekubatanidza, zvakakosha kusimbisa kuti ese masevhisi mesh mabasa ari kushanda hunhu. Linkerd haikwanise kushandura semantics yemubhadharo - semuenzaniso, kuwedzera minda kune JSON fragment kana kuita shanduko kuprotobuf. Tichazotaura nezve chinhu chakakosha ichi gare gare kana totaura nezve ESB nepakati.
Iyi ndiyo seti yezvimiro izvo sevhisi mesh inopa. Mubvunzo unomuka: wadii kuashandisa zvakananga mukushandisa? Uye sei uchinetseka neproxy zvachose?
Nei sevhisi mesh iri zano rakanaka
Nepo kugona kwesevhisi mesh kunonakidza, kukosha kwayo kwepakati hakurevi mune zvayo. Pakupedzisira isu Unogona dzishandise zvakananga mukushandisa (tichaona gare gare kuti aya ndiwo aive mabviro ebasa mesh). Kuedza uye kupfupisa mumutsara mumwe, kukosha kwesevhisi mesh ndeiyi: inopa maficha akakosha kumhanyisa yemazuva ano server software nenzira inowirirana pane yese stack uye yakazvimirira yekodhi yekushandisa.
Ngationgororei zano iri.
Β«Zvimiro zvakakoshesesa kumhanya yemazuva ano server software" Kana iwe uri kugadzira transactional server application yakabatana neInternet yeruzhinji, uchigamuchira zvikumbiro kubva kunze kwenyika uye uchizvipindura mukati menguva pfupi - semuenzaniso, webhu application, API server, uye ruzhinji rwezvimwe zvemazuva ano maapplication. - uye kana iwe ukaishandisa seseti yemasevhisi anopindirana pamwe chete, uye kana iwe uchigara uchivandudza iyi software, uchiwedzera maficha matsva, uye kana iwe ukamanikidzwa kuchengetedza iyi sisitimu mukushanda kurongeka panguva yekuchinja maitiro - mune izvi. nyaya, makorokoto, uri kugadzira yemazuva ano server software. Uye ese aya makuru maficha akanyorwa pamusoro anozove akakosha kwauri. Iko kushandisa kunofanirwa kuve kwakavimbika, kwakachengeteka, uye iwe unofanirwa kukwanisa kuona zvachiri kuita. Iyi ndiyo chaiyo mibvunzo iyo sevhisi mesh inobatsira kugadzirisa.
(Zvakanaka, ndima yapfuura ichiri kusanganisira kutenda kwangu kuti nzira iyi ndiyo nzira yemazuva ano yekugadzira server software. Vamwe vanofarira kugadzira monoliths, "reactive microservices" nezvimwe zvinhu zvisingawire pasi petsanangudzo yapiwa pamusoro. Vanhu ava vangangove vane yavo Maonero akasiyana neangu.Nekudaro, ini ndinofunga kuti "vakashata" - kunyangwe chero zvakadaro mesh yesevhisi haina kunyanya kubatsira kwavari).
Β«Uniform kune yese stack" Iko kushanda kunopihwa nesevhisi mesh hakungori mission-yakakosha. Vanoshanda kumasevhisi ese ari mukushandisa, zvisinei nekuti vakanyorwa nemutauro upi, hurongwa hupi hwavanoshandisa, ndiani akazvinyora, akaiswa sei, uye chero humwe hunyengeri hwekukura kwavo nekushandisa.
Β«Yakazvimirira yekodhi yekushandisa" Chekupedzisira, sevhisi mesh haingope kushanda kwakafanana pane yese stack, inozviita nenzira isingade kuti application igadziriswe. Hwaro hwakakosha hwesevhisi mesh mashandiro, kusanganisira mabasa ekumisikidza, kuvandudza, kushanda, kugadzirisa, nezvimwe, anogara zvachose padanho repuratifomu uye akazvimirira pane application. Chishandiso chinogona kuchinja pasina kukanganisa mesh yebasa. Nekudaro, iyo mesh sevhisi inogona kuchinja pasina chero kutora chikamu kubva mukushandisa.
Muchidimbu, sevhisi mesh haingopi kwakakosha kushanda, asi zvakare inozviita mune yepasirese, yunifomu, uye application-yakazvimirira nzira. Uye saka, kunyangwe sevhisi mesh mashandiro anogona kuitwa mukodhi yebasa (semuenzaniso, seraibhurari inosanganisirwa musevhisi yega yega), nzira iyi haizope kufanana uye kuzvimiririra kwakakosha zvakanyanya mune yebasa mesh.
Uye zvese zvaunofanirwa kuita kuwedzera boka remaproxies! Ndinovimbisa kuti tichatarisa mitengo yekushandisa ine chekuita nekuwedzera aya ma proxies munguva pfupi iri kutevera. Asi chekutanga ngatimbomirai titarise iyi pfungwa yekuzvimirira kubva pamaonero akasiyana. vanhu.
Ndiani anobatsira mesh service?
Sezvingave zvisingaite, kuti tekinoroji ive chikamu chakakosha cheecosystem, inofanirwa kugamuchirwa nevanhu. Saka ndiani anofarira service mesh? Ndiani anobatsirwa nekushandiswa kwayo?
Kana iwe uchigadzira yemazuva ano server software, unogona kufunga nezvechikwata chako seboka varidzi vebasaavo pamwe chete vanovandudza nekuita bhizinesi logic, uye varidzi vepuratifomu, kugadzira chikuva chemukati umo masevhisi aya anoshanda. Mumasangano maduku, ava vanogona kunge vari vanhu vakafanana, asi sezvo kambani inokura, mabasa aya anowanzova akajeka uye kunyange akakamurwa kuita zvikamu zviduku ... (Pane zvakawanda zvingataurwa pano pamusoro pekuchinja kwemaitiro e devops, kukanganiswa kwehurongwa hwemicroservices, nezvimwewo) n. Asi parizvino ngatitore tsananguro idzi sekupihwa kwazvakaitwa).
Kubva pamaonero aya, vakajeka vanobatsirwa nesevhisi mesh ndivo varidzi vepuratifomu. Mushure mezvose, pakupedzisira chinangwa chechikwata chepuratifomu kugadzira chikuva chemukati icho varidzi vesevhisi vanogona kuita bhizinesi pfungwa uye vanozviita nenzira inova nechokwadi chekuti vakazvimiririra sezvinobvira kubva kune yakasviba ruzivo rwekushanda kwayo. Haisi chete sevhisi mesh inopa hunyanzvi hwakakosha pakuzadzisa chinangwa ichi, inozviita nenzira iyo iyo isingaite kuti vatsamire kune varidzi vebasa.
Varidzi vebasa vanobatsirwawo, kunyangwe neimwe nzira isina kunanga. Chinangwa chemuridzi webasa ndechekuita sezvingabvira mukuita zvinonzwisisika zvebhizinesi maitiro, uye zvishoma zvaanofanira kunetseka nezvenyaya dzekushanda, zviri nani. Panzvimbo pekutarisana nekuita, toti, edzazve marongero kana TLS, vanogona kutarisa chete pazvinangwa zvebhizinesi uye vanotarisira kuti chikuva chinotarisira zvimwe. Izvi zvine pundutso huru kwavari.
Kukosha kwesangano kwekupatsanurwa kwakadaro pakati pevaridzi vemapuratifomu nemasevhisi hakugone kuwedzererwa. Ndinofunga anobatsira chikuru mupiro kune kukosha kwesevhisi mesh.
Takadzidza chidzidzo ichi apo wekutanga Linkerd fan akatiudza chikonzero nei vakasarudza sevhisi mesh: nekuti zvakavabvumira "kuchengeta chitoro chekutaura chiri shoma." Heano mamwe madiki: vakomana kubva kune imwe kambani hombe vakatama chikuva chavo kuenda Kubernetes. Sezvo application yacho yaibata ruzivo rwakadzama, ivo vaida kuvharidzira kutaurirana kwese mumasumbu. Zvisinei, mamiriro acho ezvinhu akaomeswa nekuvapo kwemazana emasevhisi uye mazana ezvikwata zvebudiriro. Tarisiro yekuonana nemunhu wese uye kuvanyengetedza kuti vaise rutsigiro rweTLS muzvirongwa zvavo haina kuvafadza zvachose. Mushure mekuisa Linkerd, vakatamisa mutoro kubva kuvagadziri (kubva pakuona kweiyi yaive dambudziko risingakoshi) kuenda kumapuratifomu, kwavari icho chaive chakakosha chepamusoro. Mune mamwe mazwi, Linkerd yakagadziriswa kwavari kwete zvakanyanya dambudziko rehunyanzvi seyesangano.
Muchidimbu, mesh sevhisi yakawanda yemhinduro, kwete yehunyanzvi, asi socio-technical Matambudziko. (Ndatenda kusuma iyi temu.)
Sevhisi mesh inogadzirisa matambudziko angu ese here?
Ehe. Ndinoreva, kwete!
Kana iwe ukatarisa iwo matatu makirasi ezvimiro ataurwa pamusoro - kuvimbika, chengetedzo, uye kucherechedzwa - zvinova pachena kuti sevhisi mesh haisi mhinduro yakakwana kune chero yeaya matambudziko. Nepo Linkerd ichigona kuburitsa zvikumbiro (kana ichiziva kuti havana simba), haikwanise kuita sarudzo pamusoro pezvekudzosera kumushandisi kana sevhisi yakundikana zvachose-idzo sarudzo dzinofanirwa kuitwa nechikumbiro. Linkerd inogona kuchengeta nhamba dzezvikumbiro zvakabudirira, asi haikwanise kutarisa mukati mesevhisi uye nekupa iyo yemukati metrics - iyo application inofanirwa kunge iine maturusi akadaro. Uye kunyangwe Linkerd ichikwanisa kuronga mTLS, yakazara-yakazara kuchengetedza mhinduro inoda zvimwe zvakawanda.
A subset yezvimiro munzvimbo idzi zvinopihwa nesevhisi mesh zvine chekuita nazvo platform features. Neizvi ndinoreva mabasa ayo:
- Yakazvimirira yebhizinesi logic. Iyo nzira yekudaidza histograms pakati peFo neBar inovakwa yakazvimirira zvachose nei Foo anodaidza Bar.
- Zvakaoma kuita nemazvo. MuLinkerd, kudzokororwa kwakamisikidzwa nemhando dzese dzezvinhu zvakanakisa sekuyedzazve mabhajeti (edzazve mabhajeti), sezvo nzira isina hunyanzvi, yekutarisana nekuita zvinhu zvakadaro ichatungamira pakubuda kwezvinonzi "avalanche yezvikumbiro" (edzazve dutu) uye mamwe matambudziko maitiro akagoverwa masisitimu.
- Kunyanya kushanda kana kushandiswa zvakafanana. Iyo TLS michina inongo nzwisisika kana ikashandiswa kwese kwese.
Sezvo mabasa aya achiitwa padanho reproxy (uye kwete padanho rekushandisa), mesh yesevhisi inovapa pa platform, kwete maapplication. Nekudaro, hazvina basa kuti masevhisi akanyorwa nemutauro upi, anoshandisa chimiro chipi, ndiani aanyora uye nei. MaProxies anoshanda kunze kwezvose izvi ruzivo, uye hwaro hwakakosha hwekuita uku, kusanganisira mabasa ekumisikidza, kugadzirisa, kushanda, kugadzirisa, nezvimwe, zvinongori padanho repuratifomu.
Mienzaniso yebasa mesh kugona
Kupfupisa, mesh sevhisi haisi mhinduro yakakwana yekuvimbika, kucherechedzwa, kana kuchengetedzeka. Kukura kwenzvimbo idzi kunoda kutora chikamu kwevaridzi vebasa, Ops/SRE zvikwata uye mamwe masangano emakambani. Iyo mesh sevhisi inopa chete chikuva-chikamu "chidimbu" kune imwe neimwe yenzvimbo idzi.
Sei sevhisi mesh yave yakakurumbira izvozvi?
Parizvino iwe ungangodaro uri kushamisika: zvakanaka, kana mesh sevhisi yakanaka kudaro, nei tisina kutanga kuendesa mamirioni emaproxies mune stack makore gumi apfuura?
Pane mhinduro yebhanari kumubvunzo uyu: makore gumi apfuura munhu wese akavaka monoliths, uye hapana aida mesh yebasa. Ichi ichokwadi, asi mukuona kwangu mhinduro iyi inopotsa iyo pfungwa. Kunyangwe makore gumi apfuura, iyo pfungwa ye microservices senzira inovimbisa yekuvaka yakakura masisitimu yakakurukurwa zvakanyanya uye yakashandiswa kumakambani akadai se Twitter, Facebook, Google uye Netflix. Maonero akajairwa - zvirinani muzvikamu zveindasitiri yandakasangana nayo - yaive yekuti microservices yaive "nzira chaiyo" yekuvaka masisitimu makuru, kunyangwe yaive yakaoma.
Ehe, kunyangwe makore gumi apfuura kwaive nemakambani aishandisa mamicroservices, haana kunamira maproxi pese pavaigona kuti vagadzire mesh yebasa. Zvisinei, kana ukanyatsotarisa, vakaita chimwe chinhu chakafanana: mazhinji emakambani aya aida kushandiswa kweraibhurari yakakosha yemukati yekukurukurirana kwenetiweki (dzimwe nguva inonzi raibhurari yakakura yevatengi, mafuta mutengi raibhurari).
Netflix yaive neHysterix, Google yaive neStubby, Twitter yaive neraibhurari yeFinagle. Finagle, semuenzaniso, yaisungirwa kune yega yega sevhisi pa Twitter. Yakabata ese ari maviri mutengi uye server divi rekubatanidza, inotenderwa kudzokororwa zvikumbiro, inotsigirwa yekukumbira nzira, kuyera kuyera uye kuyerwa. Iyo yakapa dhizaini inowirirana yekuvimbika uye kucherechedzwa mukati meiyo yese Twitter stack, zvisinei nezvaiitwa nesevhisi. Ehe, yaingoshanda kumitauro yeJVM uye yaive yakavakirwa pachirongwa chechirongwa chaifanira kushandiswa pachishandiswa chose. Nekudaro, mashandiro ayo aive akafanana neaya ebasa mesh. (Kutaura zvazviri, yekutanga vhezheni yeLinkerd yaingove Finagle yakaputirwa mune proxy fomu.)
Nekudaro, makore gumi apfuura pakanga pasina mamicroservices chete, asiwo akakosha proto-service-mesh maraibhurari ayo akagadzirisa matambudziko akafanana anogadziriswa mesh mesh nhasi. Nekudaro, iyo mesh mesh pachayo yakanga isipo panguva iyoyo. Paitofanira kuva neimwe shift asati aoneka.
Uye apa ndipo pane mhinduro yakadzama, yakavanzwa mune imwe shanduko yakaitika mumakore gumi apfuura: mutengo wekuendesa microservices wakaderera zvakanyanya. Makambani ataurwa pamusoro apa akashandisa microservices makore gumi apfuura β Twitter, Netflix, Facebook, Google β aive makambani ane hukuru hukuru uye zviwanikwa zvakakura. Ivo vaisangove nezvinodiwa chete, asiwo kugona kuvaka, kuendesa, uye kushanda hombe microservices-based application. Simba uye kushanda nesimba izvo mainjiniya e Twitter akaisa mukufamba kubva kune monolithic kuenda kune microservices nzira inoshamisa. (Kutaura zvakanaka, ndizvo zvakaitawo chokwadi chekuti yakabudirira.) Aya marudzi emafambisirwo ezvivakwa zvaive zvisingagoneke kumakambani madiki.
Kurumidza kumberi kune ikozvino. Kune kutanga nhasi uko chiyero che microservices kune vanogadzira chiri 5: 1 (kana kunyange ), uye chii chimwe, vanorarama nazvo zvinobudirira! Kana 5-munhu yekutanga inogona kushanda zviri nyore makumi mashanu microservices, saka chimwe chinhu chakanyatso kudzikisa mutengo wekuita kwavo.
1500 microservices muMonzo; mutsara wega wega mutemo wakatemerwa network inobvumira traffic
Kudzikiswa kunoshamisa kwemutengo wekushandisa microservices mhedzisiro yeimwe maitiro: kuwedzera kukurumbira kwemidziyo ΠΈ vaimbi. Iyi ndiyo chaiyo mhinduro yakadzama kumubvunzo wekuti chii chakakonzera kubuda kwesevhisi mesh. Iyo tekinoroji imwechete yakaita ese ese masevhisi meshes uye mamicroservices anokwezva: Kubernetes uye Docker.
Sei? Zvakanaka, Docker inogadzirisa dambudziko hombe - iro dambudziko rekurongedza. Nekurongedza application uye yayo (isina-network) yekumhanyisa nguva kutsamira mumudziyo, Docker inoshandura iyo application kuita inochinjika unit iyo inogona kutambirwa uye kumhanya chero kupi. Panguva imwecheteyo, inorerutsa zvakanyanya kushanda mitauro yakawanda Stack: Nekuti mudziyo iatomic unit yekuurayisa, yekuendesa uye kushanda, hazvina basa kuti chii chiri mukati, ingave JVM, Node, Go, Python, kana Ruby application. Iwe ingozviparura uye ndizvozvo.
Kubernetes inotora zvese kune inotevera nhanho. Ikozvino kune matani e "zvinhu zvekumhanya" uye matani emichina yekumhanyisa pairi, panodiwa chishandiso chinogona kuzvibatanidza. Mupfungwa yakafara, iwe unopa Kubernetes akawanda emidziyo nemichina yakawanda, uye inovamisa vachipesana (zvechokwadi, iyi inzira ine simba uye inogara ichichinja: midziyo mitsva inofamba ichitenderedza sisitimu, michina inotanga nekumira. , etc. Zvisinei, Kubernetes anotora zvose izvi mupfungwa ).
Kana Kubernetes ichinge yagadziriswa, mutengo wenguva yekuisa uye kushanda sevhisi imwe hauna kusiyana zvishoma nemutengo wekutumira nekushandisa masevhisi gumi (chaizvoizvo, inenge yakafanana kumasevhisi e100). Wedzera kune iyi midziyo senge yekurongedza nzira inokurudzira kuitiswa kwemitauro yakawanda, uye iwe une huwandu hwezvishandiso zvitsva zvinoiswa muchimiro chemicroservices yakanyorwa mumitauro yakasiyana - chaizvo iyo mhando yenzvimbo iyo mesh sevhisi inonyatso kukodzera.
Saka, isu tinouya kumhinduro kumubvunzo wekuti nei pfungwa ye mesh sevhisi yave yakakurumbira ikozvino: iyo homogeneity iyo Kubernetes inopa kune masevhisi inoshanda zvakananga kumatambudziko ekushanda akatarisana nesevhisi mesh. Iwe unorongedza maproxies mumidziyo, ipa Kubernetes basa rekuvanamatira pese paanogona, uye voila! Nekuda kweizvozvo, iwe unowana sevhisi mesh, nepo mechanics ese ekutumirwa kwayo anotungamirwa naKubernetes. (Zvichida kubva pakuona kweshiri. Chokwadi, pane zvakawanda zvakasiyana-siyana pakuita uku.)
Kuzvipfupikisa: chikonzero sevhisi meshes yave yakakurumbira ikozvino, uye kwete makore gumi apfuura, ndeyekuti Kubernetes naDocker havana kungowedzera zvakanyanya. need mairi, kurerutsa kushandiswa kwezvikumbiro seti yemitauro yakawanda, asi zvakare yakaderedzwa zvakanyanya. mari pakushanda kwayo, ichipa nzira dzekuendesa nekutsigira sidecar proxy fleets.
Sei paine kutaura kwakanyanya pamusoro pesevhisi mesh?
Kudzivirira: Muchikamu chino ini ndinoshandisa marudzi ese efungidziro, fungidziro, magadzirirwo uye ruzivo rwemukati.
Tsvaga "sevhisi mesh" uye iwe uchasangana netani yezvakadzokororwa zvakaderera-calori zvemukati, mapurojekiti asinganzwisisike, uye kaleidoscope yekukanganisa inokodzera echo chamber. Chero tekinoroji nyowani inoita izvi, asi kana iri sevhisi mesh dambudziko rakanyanya kuoma. Sei?
Zvakanaka, chikamu chayo imhosva yangu. Ndanga ndichishanda nesimba kusimudzira Linkerd uye sevhisi mesh mukana wese wandinowana kuburikidza neasingaverengeki mablog blog uye zvinyorwa zvakaita seizvi. Asi handina simba rakadaro. Kuti tipindure chaizvo mubvunzo uyu, tinoda kutaura zvishoma nezvemamiriro ese. Uye hazvibviri kutaura nezvazvo pasina kutaura chirongwa chimwe chete: ndeye yakavhurika sosi sevhisi mesh yakagadzirwa pamwe chete neGoogle, IBM neLyft.
(Makambani matatu aya ane mabasa akasiyana zvikuru: Kubatanidzwa kwaLyft kunoratidzika kunge kuri muzita chete; ivo vanyori veEnvoy, asi havashandisi kana kutora chikamu mukusimudzirwa kweIstio. IBM inobatanidzwa uye inoshandisa kuvandudzwa kweIstio. Google inobatanidzwa muIstio's budiriro, asi hainyatso kuishandisa kusvika pandinogona kutaura.)
Iyo Istio purojekiti inozivikanwa pazvinhu zviviri. Chekutanga, pane yakakura kushambadzira kuedza iyo Google, kunyanya, iri kuisa mukusimudzira. Ndingafungidzira kuti vanhu vazhinji vanoziva nezve mesh mesh pfungwa nhasi vakatanga kudzidza nezvayo kuburikidza neIstio. Chinhu chechipiri ndechekuti Istio yakagamuchirwa zvisina kunaka sei. Munyaya iyi, zviri pachena kuti ndiri bato rinofarira, asi ndichiedza kuramba ndiine chinangwa sezvinobvira, handikwanisi kubatsira , isina kunyanya kusiyanisa (kunyangwe isiri yega: systemd inouya mupfungwa, ...) yeOpen Source project.
(Mukuita, Istio inoratidzika kunge ine matambudziko kwete chete nekuoma uye UX, asiwo nekushanda. Somuenzaniso, panguva Muchidzidzo chechitatu, vatsvakurudzi vakawana mamiriro ezvinhu umo Istio's tail latency yakanga iri 100 nguva yakakwirira kudarika Linkerd, pamwe chete nemamiriro ezvinhu ane nzara apo Linkerd yakaramba ichishanda kubudirira apo Istio yakamira kushanda zvachose.)
Ndichisiya dzidziso dzangu dzekuti sei izvi zvaitika, ndinotenda kuti kufara kukuru kwakatenderedza mesh yesevhisi kunotsanangurwa nekutora chikamu kweGoogle. Kureva, musanganiswa wezvinhu zvitatu zvinotevera:
- Kusimudzira kweGoogle kweIstio;
- kusatendera kunoenderana, maitiro ekutsoropodza kune chirongwa;
- iyo ichangoburwa meteoric kusimuka mukuzivikanwa kweKubernetes, ndangariro dzichiri nyowani.
Pamwe chete zvinhu izvi zvinosangana kugadzira inokatyamadza, isina oxygen nharaunda umo kugona kwehungwaru kutonga kunodzikiswa, uye chete akasiyana akasiyana anosara. .
Kubva pakuona kwaLinkerd, izvi ndizvo ... zvandaizotsanangura sechikomborero chakasanganiswa. Ndinoreva, zvakanaka kuti sevhisi mesh yapinda mune mainstream nenzira yaasina kuita muna 2016 pakatanga Linkerd uye zvaive zvakaoma kuti vanhu vatarise chirongwa ichi. Ikozvino hakuna dambudziko rakadaro! Asi nhau dzakaipa ndedzekuti sevhisi mesh landscape iri kuvhiringa nhasi zvekuti hazvigoneke kuti unzwisise kuti ndeapi mapurojekiti ari muchikamu chebasa mesh (regai tinzwisise kuti ndeipi inonyatsokodzera imwe nyaya yekushandisa). Izvi ndezvechokwadi dhizaini kune wese munhu (uye pane zvechokwadi mamwe mamiriro apo Istio kana imwe purojekiti inokodzera zvirinani pane Linkerd, sezvo iyo yekupedzisira isati iri mhinduro yepasirese).
Kudivi reLinkerd, zano redu rave rekufuratira ruzha, kuramba takatarisa pakugadzirisa matambudziko enharaunda, uye kumirira kuti hype ipere. Pakupedzisira, iyo hype ichadzikira uye isu tinogona kuramba tichishanda takadzikama.
Panguva ino, tose tichafanira kushivirira zvishomanene.
Sevhisi mesh ichave yakakosha kwandiri, anozvininipisa software mainjiniya?
Mibvunzo inotevera ichakubatsira kupindura mubvunzo uyu:
Iwe unongobatanidzwa chete mukuita bhizinesi logic? Muchiitiko ichi, mesh yebasa haizobatsiri kwauri. Ndiko kuti, hongu, iwe unogona kunge uchifarira mazviri, asi zvine mutsindo mesh yebasa haifanire kukanganisa chero chinhu chiri munharaunda yako. Ramba uchishanda pane zvaunobhadharwa kuti uite.
Iwe uri kutsigira chikuva pane kambani inoshandisa Kubernetes? Ehe, mune iyi kesi iwe unoda mesh sevhisi (kunze kwekunge, chokwadi, uri kushandisa maK8s kungomhanyisa monolith kana batch kugadzirisa - asi ipapo ndinoda kubvunza kuti nei uchida maK8s). Iwe unozopedzisira uine akawanda mamicroservices akanyorwa nevanhu vakasiyana. Vese vanodyidzana uye vakasungirirwa mune tangle yekumhanyisa nguva yekutsamira, uye iwe unofanirwa kutsvaga nzira yekugadzirisa nazvo zvese. Kushandisa Kubernetes kunobvumidza iwe kusarudza mesh sevhisi "iwe pachako." Kuti uite izvi, zvijaidze nezvavanogona uye maficha uye pindura mubvunzo wekuti chero mapurojekiti aripo akakukodzera (ini ndinokurudzira kutanga tsvakiridzo yako neLinkerd).
Iwe uri kambani yepapuratifomu kukambani isingashandisi Kubernetes asi inoshandisa microservices? Muchiitiko ichi, mesh yebasa ichave yakakosha kwauri, asi kushandiswa kwayo kuchave kusiri kudiki. Chokwadi unogona tevedzera shanda sevhisi mesh nekuisa boka remaproxies, asi yakakosha mukana weKubernetes ndiyo yekufambisa modhi: kuchengetedza nemaoko ma proxies kunoda yakawanda nguva, simba uye mari.
Iwe une mutoro wepuratifomu mukambani inoshanda nemamonoliths? Muchiitiko ichi, pamwe haudi mesh yebasa. Kana iwe uri kushanda nemamonoliths (kana kunyange kuunganidzwa kwe monoliths) iyo yakanyatsotsanangurwa uye isingawanzo kushandura maitiro ekudyidzana, saka mesh sevhisi ichave isina zvishoma zvekukupa. Saka iwe unogona kungozvifuratira uye kutarisira kuti zvichanyangarika sehope dzakaipa ...
mhedziso
Pamwe, sevhisi mesh haifanirwe kunzi "tekinoroji yakanyanya hyped pasirese" - rukudzo urwu runogona kunge rwuri rweBitcoin kana AI. Pamwe ari muvashanu vepamusoro. Asi kana iwe ukacheka nepakati pematanho eruzha, zvinova pachena kuti sevhisi mesh inounza mabhenefiti chaiwo kune avo vanovaka zvikumbiro paKubernetes.
Ndinoda kuti uedze Linkerd - kuiisa pane Kubernetes cluster (kana kunyange Minikube pane laptop) , uye unogona kuzvionera zvandiri kutaura nezvazvo.
FAQ
- Kana ndikasiya basa mesh, ichanyangarika here?
- Ndinofanira kukuodza mwoyo: sevhisi mesh inesu kwenguva yakareba.
- Asi HANDIDI kushandisa sevhisi mesh!
- Zvakanaka, hazvidiwi! Ingoverenga gwaro rangu remibvunzo riri pamusoro kuti unzwisise kana uchifanira kujairana nehwaro hwaro.
- Iyi haisi yakanaka yekare ESB / yepakati ine sosi nyowani?
-Sevhisi mesh inobata nehunyanzvi hwekuita, kwete semantic imwe. bhazi rebasa rebhizimusi () Kuchengeta iyi kupatsanurwa kunobatsira mesh yesevhisi kudzivirira mafambiro akafanana.
-Sevhisi mesh inosiyana sei neAPI gedhi?
- Kune miriyoni zvinyorwa pane iyi nyaya. Ingo Google chete.
- Nhume ibasa mesh?
- Kwete, Nhume haisi mesh sevhisi, ndeye proxy server. Inogona kushandiswa kuronga mesh sevhisi (uye zvimwe zvakawanda - inzira yeruzhinji). Asi pachayo haisi sevhisi mesh.
- Network Service Mesh ibasa mesh?
- Aihwa. Pasinei nezita, iyi haisi mesh yebasa (unoda sei zvishamiso zvekutengesa?).
- Sevhisi mesh ichabatsira here nemeseji yangu-yakavakirwa reactive asynchronous system?
- Kwete, sevhisi mesh haizokubatsira iwe.
- Ndeipi sevhisi mesh yandinofanira kushandisa?
- , hapana chine musoro.
- Chinyorwa chinobaya! / Munyori anogamuchirwa!
- Ndokumbira ugovane chinongedzo kwairi neshamwari dzako dzese kuti vazvione!
Kutenda
Sezvaungave wakafungidzira kubva mumusoro, chinyorwa ichi chakafemerwa naJay Kreps' fantastic treatise "" Ndakasangana naJay makore gumi apfuura pandakamubvunzurudza pa Linked In uye anga ari kurudziro kwandiri kubva ipapo.
Kunyange ini ndichida kuzvidaidza kuti "Linkerd developer", chokwadi ndechekuti ini ndiri muchengeti we README.md faira pane purojekiti. Linkerd iri kushandiswa nhasi , , vanhu, uye chirongwa ichi chingadai chisina kuitika pasina kutora chikamu kwenharaunda inoshamisa yevapi nevashandisi.
Uye pakupedzisira, kuvonga kwakakosha kumusiki weLinkerd, (primus inter pares), uyo, pamwe chete neni makore mazhinji apfuura, takanyura mugakava rose iri nemambure ebasa.
PS kubva kumushanduri
Verenga zvakare pablog yedu:
- Β«";
- Β«";
- Β«";
- Β«";
- Β«".
Source: www.habr.com