ProHoster > Ibhulogi > Ulawulo > Inqwelomoya yedatha yemesh vs. inqwelomoya yolawulo

Inqwelomoya yedatha yemesh vs. inqwelomoya yolawulo

Hayi Habr! Ndinikezela ingqalelo yakho inguqulelo yenqaku "Inkonzo yemesh data plane vs control plane" umbhali UMat Klein.

Inqwelomoya yedatha yemesh vs. inqwelomoya yolawulo

Ngeli xesha, "bendifuna kwaye ndiguqule" inkcazo yazo zombini icandelo le-mesh yenkonzo, indiza yedatha kunye nendiza yokulawula. Le nkcazo yayibonakala kum iqondakala kwaye inomdla, kwaye okona kubaluleke kakhulu ekhokelela ekuqondeni "Ngaba iyimfuneko kwaphela?"

Njengoko ingcamango ye "Service mesh" iye yanda kakhulu kule minyaka mibini idlulileyo (inqaku lokuqala ngo-Oktobha 10, 2017) kwaye inani labathathi-nxaxheba kwisithuba liye landa, ndibone ukunyuka okulinganayo kokudideka phakathi kwayo yonke into. uluntu lwetekhnoloji malunga nendlela yokuthelekisa kunye nokuthelekisa izisombululo ezahlukeneyo.

Imeko ishwankathelwa kakuhle ngolu luhlu lulandelayo lweetweets endizibhale ngoJulayi:

Ukubhideka komnatha wenkonzo #1: Linkerd ~ = Nginx ~ = Haproxy ~ = Umthunywa. Akukho namnye kubo olingana ne-Istio. I-Istio yinto eyahlukileyo ngokupheleleyo. 1 /

Eyokuqala ziinqwelomoya zedatha. Bebodwa abenzi nto. Kufuneka babe kwimeko yento engakumbi. 2/

I-Istio ngumzekelo wendiza yokulawula edibanisa iindawo kunye. Lo ngomnye umaleko. /isiphelo

Ii-tweets zangaphambili zikhankanya iiprojekthi ezininzi ezahlukeneyo (i-Linkerd, i-NGINX, i-HAProxy, i-Envoy, kunye ne-Istio), kodwa kubaluleke kakhulu ukwazisa iingcamango eziqhelekileyo zendiza yedatha, i-mesh yenkonzo, kunye nendiza yokulawula. Kule post, ndiya kuthabatha umva kwaye ndithethe malunga nokuba ndithetha ntoni na ngamagama athi "indiza yedatha" kunye "nendiza yokulawula" kwinqanaba eliphezulu kakhulu, kwaye emva koko ndithethe malunga nendlela imigaqo esebenza ngayo kwiiprojekthi ezikhankanywe kwi-tweets.

Yintoni i-mesh yenkonzo, ngokwenene?

Inqwelomoya yedatha yemesh vs. inqwelomoya yolawulo
Umzobo 1: Isishwankathelo semesh yenkonzo

Umzobo we-1 ibonisa ingqikelelo ye-mesh yenkonzo kwelona nqanaba lisisiseko. Kukho amaqela enkonzo amane (AD). Umzekelo wenkonzo nganye unxulunyaniswa nomncedisi onegunya wasekuhlaleni. Yonke i-traffic yenethiwekhi (i-HTTP, i-REST, i-gRPC, i-Redis, njl.) ukusuka kwimeko yesicelo esisodwa idluliselwe kwi-proxy yendawo ukuya kumaqela afanelekileyo angaphandle enkonzo. Ngale ndlela, umzekelo wesicelo awuyazi inethiwekhi iyonke kwaye uyazi kuphela i-proxy yayo yendawo. Enyanisweni, inethiwekhi yenkqubo esasazwayo yasuswa kwinkonzo.

Inqwelomoya yedatha

Kumnatha wenkonzo, iseva engummeli ebekwe kwindawo yesicelo yenza le misebenzi ilandelayo:

  • Ukufunyanwa kwenkonzo. Zeziphi iinkonzo/usetyenziso olukhoyo kwisicelo sakho?
  • Ukujonga impilo. Ngaba iimeko zenkonzo zibuyiswe ngokufunyanwa kwenkonzo zisempilweni kwaye zikulungele ukwamkela itrafikhi yenethiwekhi? Oku kunokubandakanya zombini ezisebenzayo (umz. impendulo/ukuhlolwa impilo) kunye nokwenziwa (umzekelo ukusebenzisa iimpazamo ezi-3 ezilandelelanayo ze-5xx njengophawu lwemeko yenkonzo engafanelekanga) uhlolo lwempilo.
  • Indlela. Xa ufumana isicelo ku-"/foo" kwinkonzo ye-REST, yeyiphi inkonzo yeqela ekufuneka isicelo sithunyelwe kuyo?
  • Umthwalo wokulinganisa. Emva kokuba iqela lenkonzo likhethiwe ngexesha lokuhamba, isicelo kufuneka sithunyelwe kweyiphi inkonzo? Ngeliphi ixesha lokuphuma? Ngawaphi amasethingi okuqhekeka kwesekethe? Ukuba isicelo asiphumeleli, kufuneka sizanywe kwakhona?
  • Uqinisekiso kunye nogunyaziso. Ngezicelo ezingenayo, ngaba inkonzo yokufowuna inokuchongwa/igunyaziswe ngokufihlakeleyo kusetyenziswa i-mTLS okanye enye indlela? Ukuba ivunyiwe/igunyaziswe, ngaba ivumelekile ukubiza umsebenzi oceliweyo (isiphelo) kwinkonzo okanye kufuneka kubuyiswe impendulo engagunyaziswanga?
  • Ukuqwalaselwa. Iinkcukacha-manani ezineenkcukacha, iilogi/iilogi, kunye nedatha yomkhondo esasaziweyo kufuneka iveliswe kwisicelo ngasinye ukuze abaqhubi bakwazi ukuqonda ukuhamba kwetrafikhi esasaziweyo kunye nemiba yokulungiswa kweempazamo njengoko ivela.

Indiza yedatha inoxanduva lwazo zonke iingongoma zangaphambili kwi-mesh yenkonzo. Enyanisweni, i-proxy yendawo kwinkonzo (i-sidecar) yindiza yedatha. Ngamanye amazwi, indiza yedatha inoxanduva losasazo olunemiqathango, ugqithiso, kunye nokubeka esweni yonke ipakethi yenethiwekhi ethunyelwa okanye isuka kwinkonzo.

Inqwelomoya yokulawula

Uthintelo lomsebenzi wothungelwano olunikezelwa ngummeli wasekuhlaleni kwinqwelo-moya yedatha lumlingo(?). Nangona kunjalo, ummeli wazi njani ngenene malunga nendlela "/foo" eya kwinkonzo B? Ingasetyenziswa njani idatha yokufunyanwa kwenkonzo ezaliswe zizicelo zommeli? Ingaba iiparamitha ziqwalaselwe njani ukulungelelanisa umthwalo, ukuphelelwa lixesha, ukwaphulwa kwesekethe, njl.njl.? Usifaka njani isicelo usebenzisa indlela eluhlaza okwesibhakabhaka/eluhlaza okanye indlela yenguqu yezothutho? Ngubani omisela ungqinisiso lwenkqubo ngokubanzi kunye nezicwangciso zogunyaziso?

Zonke ezi zinto zingentla ziphantsi kolawulo lwendiza yolawulo lwe-mesh yenkonzo. Inqwelomoya yokulawula ithatha isethi yeeproxies ezizimeleyo ezingenammiselo kwaye zijike zibe yinkqubo esasazwayo.

Ndicinga ukuba isizathu sokuba uninzi lweetekhnoloji zifumana iikhonsepthi ezahlukeneyo zenqwelomoya yedatha kunye nenqwelomoya yolawulo edidayo kungenxa yokuba kubantu abaninzi indiza yedatha iqhelekile ngelixa indiza yolawulo ingaphandle / ayiqondwa. Besisebenza kunye neerotha zenethiwekhi yomzimba kunye nokutshintsha ixesha elide. Siyaqonda ukuba iipakethi / izicelo kufuneka zihambe ukusuka kwindawo A ukuya kwindawo B kwaye sinokusebenzisa i-hardware kunye nesoftware ukwenza oku. Isizukulwana esitsha seproxies zesoftware ziinguqulelo ezintle zezixhobo ebesizisebenzisa ixesha elide.

Inqwelomoya yedatha yemesh vs. inqwelomoya yolawulo
Umzobo 2: Inqwelomoya yolawulo lomntu

Nangona kunjalo, kudala sisebenzisa iindiza zolawulo, nangona uninzi lwabaqhubi benethiwekhi abanakunxulumanisa le nxalenye yenkqubo kunye nayiphi na icandelo lobuchwepheshe. Isizathu silula:
Uninzi lweenqwelomoya ezisetyenziswayo namhlanje... thina.

phezu Umzobo 2 ibonisa into endiyibiza ngokuba “yinqwelo-moya yolawulo lomntu.” Kolu didi losasazo, olusaxhaphake kakhulu, umntu osebenza ngokukrokrelayo wenza ulungelelwaniso olungatshintshiyo - olunokubakho ngemibhalo ebhaliweyo - kwaye uyisebenzise ngenkqubo ekhethekileyo kuzo zonke iiproxies. Iiproksi ziqala ukusebenzisa olu lungelelwaniso kwaye ziqalise ukusetyenzwa kwendiza yedatha usebenzisa useto oluhlaziyiweyo.

Inqwelomoya yedatha yemesh vs. inqwelomoya yolawulo
Umzobo 3: Inqwelomoya yokulawula i-mesh yenkonzo

phezu Umzobo 3 ibonisa inqwelomoya yolawulo "eyandisiweyo" yomnatha wenkonzo. Iqulathe la malungu alandelayo:

  • Umntu: Kusekho umntu (ngethemba elingaphantsi komsindo) owenza izigqibo ezikwinqanaba eliphezulu malunga nenkqubo iyonke.
  • Lawula i-UI yenqwelomoya: Umntu usebenzisana nolunye uhlobo lojongano lomsebenzisi ukulawula inkqubo. Oku kunokuba yiwebhu portal, isicelo selayini yomyalelo (CLI), okanye olunye ujongano. Ukusebenzisa ujongano lomsebenzisi, umqhubi unofikelelo kwiiparamitha zokumisela inkqubo yehlabathi efana nale:
    • Ulawulo lokusasaza, blue/green kunye/okanye inguqu yetrafikhi kancinane
    • Ungqinisiso kunye neeKhetho zoGunyaziso
    • Ukucaciswa kwetafile yomzila, umzekelo xa isicelo A sicela ulwazi malunga "/foo" ukuba kwenzeka ntoni
    • Layisha useto lwe-balancer, olufana nokuphuma kwexesha, ukuzama kwakhona, useto lokwaphulwa kwesekethe, njl.
  • Umcwangcisi womthwalo womsebenzi: Iinkonzo ziqhutywa kwiziseko ezingundoqo kusetyenziswa uhlobo oluthile lwenkqubo yokucwangcisa/yeokhestra, efana neKubernetes okanye iNomad. Umcwangcisi unoxanduva lokulayisha inkonzo kunye nommeli wayo wasekhaya.
  • Ukufunyanwa kwenkonzo. Xa umcwangcisi eqala kwaye emisa iimeko zenkonzo, ixela imeko yezempilo kwinkqubo yokufumanisa inkonzo.
  • Sidecar proxy uqwalaselo APIs : Iiproksi zasekuhlaleni zikhupha ngokuguqukayo urhulumente kumalungu enkqubo ahlukeneyo zisebenzisa imodeli engaguqukiyo ekugqibeleni ngaphandle kokungenelela komsebenzisi. Inkqubo iyonke, ebandakanya zonke iimeko ezisebenzayo ngoku zenkonzo kunye neeseva zommeli wasekhaya, ekugqibeleni zidibana zibe yi-ecosystem enye. I-API yedatha yedatha ye-envoy ngumzekelo omnye wendlela oku kusebenza ngayo.

Ngokusisiseko, injongo yendiza yolawulo kukuseta umgaqo-nkqubo oya kuthi ekugqibeleni wamkelwe yindiza yedatha. Iinqwelomoya zolawulo oluphezulu kakhulu ziya kususa iinxalenye ezininzi zezinye iinkqubo kumsebenzisi kwaye zifuna ukusebenza okuncinci ngesandla, ukuba zisebenza ngokuchanekileyo!

Inqwelomoya yedatha kunye nenqwelomoya yokulawula. Inqwelomoya yedatha vs. isishwankathelo senqwelomoya

  • Inqwelomoya yedatha yemesh: Ichaphazela yonke ipakethe / isicelo kwisistim. Inoxanduva lokusetyenziswa/ukufunyanwa kwenkonzo, ujongo lwempilo, umzila, ukulinganisa umthwalo, ukuqinisekiswa/ugunyaziso kunye nokuqwalaselwa.
  • Inqwelomoya yokulawula umnatha wenkonzo: Ibonelela ngomgaqo-nkqubo kunye nolungelelwaniso lwazo zonke iinqwelo-moya eziqhuba idatha ngaphakathi kwinethiwekhi yenkonzo. Ayichukumisi naziphi na iiphakheji/izicelo kwisixokelelwano. Inqwelomoya yokulawula ijika zonke iindiza zedatha zibe yinkqubo esasazwayo.

Ubume beprojekthi yangoku

Emva kokuyiqonda le ngcaciso ingentla, makhe sijonge imeko yangoku yeprojekthi yemesh yenkonzo.

  • Iinqwelomoya zedatha: Linkerd, NGINX, HAProxy, umthunywa, Traefik
  • Iinqwelomoya zokulawula: Istio, Nelson, SmartStack

Kunokuba ndingene kuhlalutyo olunzulu lwesicombululo ngasinye kwezi zingasentla, ndiza kujongana ngokufutshane namanye amanqaku endikholelwa ukuba abangela ukubhideka okuninzi kwinkqubo yendalo ngoku.

I-Linkerd yayiyenye yeeseva zokuqala zedatha ye-proxy ye-mesh yenkonzo ekuqaleni kuka-2016 kwaye yenze umsebenzi omangalisayo wokwazisa kunye nengqalelo kwimodeli yoyilo lwe-mesh yenkonzo. Malunga neenyanga ezi-6 emva koko, uMthunywa wajoyina i-Linkerd (nangona wayekunye noLyft ukusukela emva kwexesha lika-2015). I-Linkerd kunye noMthunywa ziiprojekthi ezimbini ezidla ngokukhankanywa xa kuxoxwa ngeemeshes zenkonzo.

I-Istio yabhengezwa ngoMeyi 2017. Iinjongo zeprojekthi ye-Istio zifana kakhulu nendiza yokulawula eyandisiweyo eboniswe kuyo Umzobo 3. Umthunywa we-Istio ngummeli omiselweyo. Ngaloo ndlela, i-Istio yindiza yokulawula, kwaye uMthunywa yindiza yedatha. Ngexesha elifutshane, i-Istio yavelisa uvuyo olukhulu, kwaye ezinye iiplani zedatha zaqala ukudibanisa njengokutshintshwa kwe-Envoy (zombini i-Linkerd kunye ne-NGINX zibonise ukuhlanganiswa kunye ne-Istio). Inyani yokuba iindiza zedatha ezahlukeneyo zingasetyenziswa ngaphakathi kwinqwelomoya yolawulo efanayo ithetha ukuba inqwelomoya yolawulo kunye nenqwelomoya yedatha ayidityaniswanga ngokuyimfuneko. I-API efana ne-Invoy's generic data plane API inokwenza ibhulorho phakathi kweenxalenye ezimbini zenkqubo.

UNelson kunye no-SmartStack bancedisa ngakumbi ukubonakalisa ukuhlukana kwendiza yokulawula kunye nedatha yedatha. UNelson usebenzisa uMthunywa njengommeli wakhe kwaye wakha inqwelomoya yokulawula ethembekileyo kwimesh yenkonzo esekwe kwisitaki seHashiCorp, okt. Nomad, njl. I-SmartStack mhlawumbi yayiyeyokuqala kwi-wave entsha ye-meshes yenkonzo. I-SmartStack yakha indiza yokulawula malunga ne-HAProxy okanye i-NGINX, ebonisa ukukwazi ukuqhawula indiza yokulawula kwi-mesh yenkonzo evela kwindiza yedatha.

I-Microservice architecture ene-mesh yenkonzo ifumana ingqalelo ngakumbi nangakumbi (ngokufanelekileyo!), Kwaye iiprojekthi ezininzi kunye nabathengisi baqala ukusebenza kule ndlela. Kule minyaka imbalwa izayo siza kubona izinto ezintsha ezininzi kwinqwelomoya yedatha kunye nenqwelomoya yolawulo, kunye nokuxubana ngakumbi kwamacandelo ahlukeneyo. Ekugqibeleni, uyilo lwe-microservice kufuneka lucace ngakumbi kwaye lube nobugqi (?) kumsebenzisi.
Ngethemba kancinci kwaye kancinci ukucaphuka.

Izinto eziphambili ezithathwayo

  • Umnatha wenkonzo unamacandelo amabini ahlukeneyo: indiza yedatha kunye nenqwelomoya yokulawula. Omabini amacandelo afunekayo, kwaye ngaphandle kwawo inkqubo ayiyi kusebenza.
  • Wonke umntu uqhelene nenqwelomoya yokulawula, kwaye ngeli xesha, inqwelomoya yokulawula inokuba nguwe!
  • Zonke iindiza zedatha zikhuphisana enye kwenye kwiimpawu, ukusebenza, ukulungelelaniswa, kunye nokwandiswa.
  • Zonke iindiza zolawulo zikhuphisana enye kwenye kwiimpawu, ukulungelelaniswa, ukwandiswa, kunye nokulula kokusetyenziswa.
  • Inqwelomoya enye yokulawula inokuqulatha izithintelo ezifanelekileyo kunye ne-APIs ukwenzela ukuba kusetyenziswe iindiza ezininzi zedatha.

umthombo: www.habr.com

Yongeza izimvo