Sawubona futhi!.. Ngosuku olwandulela ukuqala kwesifundo Silungiselele enye inguqulo ewusizo.
Imeshi yesevisi isendlalelo sengqalasizinda esilungisekayo, esibambeke kancane esidingekayo ukuze kusingathwe amavolumu amakhulu okuxhumana okusekelwe kunethiwekhi phakathi kwezinqubo phakathi kwe-application programming interfaces (APIs). I-Service Mesh inika amandla ukuxhumana okusheshayo, okuthembekile nokuvikelekile phakathi kwezinsizakalo zengqalasizinda yohlelo lokusebenza olufakwe iziqukathi futhi ngokuvamile ephemeral. I-Service Mesh ihlinzeka ngamakhono afana nokutholwa kwesevisi, ukulinganisa ukulayisha, ukubethela, ukubeka izinto obala, ukulandeleka, ukufakazela ubuqiniso nokugunyazwa, kanye nokwesekwa kwephethini yokuvala shaqa ngokuzenzakalela (I-circuit breaker).
Imeshi yesevisi ngokuvamile isetshenziswa ngokunikeza isenzakalo ngasinye sesevisi ngesibonelo sommeleli, esibizwa I-Sidecar. I-Sidecar phatha ukuxhumana phakathi kwamasevisi, qapha futhi uxazulule izinkinga zokuphepha, okungukuthi, yonke into engakhishwa kumasevisi angawodwana. Ngale ndlela, onjiniyela bangabhala, bagcine, futhi banikeze ikhodi yesicelo kumasevisi, futhi abaphathi besistimu bangasebenza ne-Service Mesh futhi basebenzise uhlelo lokusebenza.
I-Istio evela ku-Google, IBM kanye ne-Lyft okwamanje iyisakhiwo esidume kakhulu se-mesh yesevisi. Futhi i-Kubernetes, eyasungulwa kwa-Google, manje isiwukuphela kohlaka lwe-orchestration yesiqukathi esisekelwa yi-Istio. Abathengisi bazama ukudala izinguqulo ezisekelwa ngokwentengiso ze-Istio. Kuzoba mnandi ukubona ukuthi yiziphi izinto ezintsha abangaziletha kuphrojekthi yomthombo ovulekile.
Kodwa-ke, i-Istio akuyona ukuphela kwenketho njengoba kuthuthukiswa okunye ukusetshenziswa kwe-Service Mesh. Iphethini sidecar proxy ukuqaliswa okuthandwa kakhulu, njengoba kungahlulelwa ngamaphrojekthi we-Buoyant, HashiCorp, Solo.io nabanye. Kukhona nezinye izindlela zokwakha: ikhithi yamathuluzi yobuchwepheshe beNetflix ingenye yezindlela lapho ukusebenza kwe-Service Mesh kusetshenziswa khona nge-Ribbon, Hysterix, Eureka, Archaius library, kanye nezinkundla ezifana ne-Azure Service Fabric.
I-Service Mesh nayo inamagama ayo ezingxenye zesevisi nemisebenzi:
- Uhlaka lwe-orchestration yesiqukathi. Njengoba iziqukathi eziningi zengezwa kwingqalasizinda yesicelo, kunesidingo sethuluzi elihlukile lokuqapha nokuphatha iziqukathi - uhlaka lwe-orchestration yesiqukathi. I-Kubernetes ibambe ngokuqinile kule niche, kangangokuthi ngisho nezimbangi zayo ezinkulu i-Docker Swarm kanye ne-Mesosphere DC/OS inikeza ukuhlanganiswa ne-Kubernetes njengenye indlela.
- Amasevisi Nezimo (Kubernetes Pods). Isibonelo ikhophi eyodwa esebenzayo ye-microservice. Kwesinye isikhathi isibonelo esisodwa kuba yisitsha esisodwa. Ku-Kubernetes, isibonelo siqukethe iqembu elincane leziqukathi ezizimele ezibizwa ngokuthi i-pod. Amaklayenti awavamisile ukufinyelela isenzakalo noma i-pod ngokuqondile; ngokuvamile, afinyelela isevisi, okuyisethi yezenzakalo ezifanayo, ezingabekezeleleki futhi ezibekezelela amaphutha noma ama-pods (okuphindaphindwayo).
- I-Sidecar Proxy. I-Sidecar Proxy isebenza ngesibonelo esisodwa noma i-pod. Iphuzu le-Sidecar Proxy iwukuba umzila noma ithrafikhi yommeleli evela esitsheni esebenza ngaso futhi ubuyisele ithrafikhi. I-Sidecar isebenzisana namanye ama-Sidecar Proxies futhi iphethwe uhlaka lwe-orchestration. Ukufakwa okuningi kwe-Service Mesh kusebenzisa Ummeleli we-Sidecar ukuze kuvinjwe futhi kulawule yonke i-traffic engena noma ephuma esenzakalweni noma i-pod.
- Ukutholwa Kwesevisi. Uma isenzakalo sidinga ukuxhumana nenye isevisi, sidinga ukuthola (ukuthola) isenzakalo esinempilo nesitholakalayo senye isevisi. Ngokuvamile, isibonelo senza ukubheka kwe-DNS. Uhlaka lwe-orchestration yesiqukathi lugcina uhlu lwezimo ezilungele ukwamukela izicelo futhi lunikeza isixhumi esibonakalayo semibuzo ye-DNS.
- Ukulayisha ukulinganisa. Iningi lezinhlaka ze-orchestration zeziqukathi zihlinzeka ngokulinganisa komthwalo kusendlalelo 4 (ezokuthutha). I-Service Mesh isebenzisa ukulinganisa komthwalo okuyinkimbinkimbi kakhulu kusendlalelo 7 (izinga lohlelo lokusebenza), okucebile ngama-algorithms futhi kusebenza kangcono ekulawuleni ithrafikhi. Izilungiselelo zokulinganisa ukulayisha zingashintshwa kusetshenziswa i-API, okukuvumela ukuthi uhlele ukuthunyelwa kokuluhlaza okuluhlaza okwesibhakabhaka noma kwe-canary.
- Ukubethela. I-Service Mesh ingabhala ngemfihlo futhi isuse ukubethela kwezicelo nezimpendulo, isuse lo mthwalo kumasevisi. I-Service Mesh ingaphinda ithuthukise ukusebenza ngokubeka kuqala noma isebenzise kabusha ukuxhumana okukhona okuqhubekayo, ukunciphisa isidingo sokubala okumba eqolo ukuze kudalwe ukuxhumana okusha. Ukuqaliswa okuvame kakhulu kokubethela kwethrafikhi ngu mutual TLS (mTLS), lapho ingqalasizinda yokhiye womphakathi (i-PKI) ikhiqiza futhi isabalalisa izitifiketi nokhiye ukuze kusetshenziswe Ummeleli we-Sidecar.
- Ukuqinisekisa kanye Nokugunyazwa. I-Service Mesh ingagunyaza futhi iqinisekise izicelo ezenziwe ngaphandle noma ngaphakathi kohlelo lokusebenza, ithumele izicelo eziqinisekisiwe kuphela ezimeni.
- Usekelo lwephethini yokuvala shaqa ngokuzenzakalela. I-Service Mesh isekela , ehlukanisa izimo ezingenampilo bese izibuyisela kancane kancane echibini lezimo ezinempilo lapho kudingeka.
Ingxenye yohlelo lokusebenza lwe-Service Mesh elawula ithrafikhi yenethiwekhi phakathi kwezimo ibizwa ngokuthi Indiza Yedatha. Dala futhi usebenzise ukucushwa okulawula ukuziphatha Indiza Yedatha, yenziwa kusetshenziswa okuhlukile Indiza Yokulawula. Indiza Yokulawula ngokuvamile ihlanganisa noma yakhelwe ukuxhuma ku-API, CLI, noma i-GUI ukuze ulawule uhlelo lokusebenza.
I-Control Plane ku-Service Mesh isabalalisa ukulungiselelwa phakathi kwe-Sidecar Proxy kanye ne-Data Plane.
Ukwakhiwa kweService Mesh kuvame ukusetshenziselwa ukuxazulula izinkinga zokusebenza eziyinkimbinkimbi kusetshenziswa iziqukathi nama-microservices. Amaphayona ensimini yizinkampani ezifana neLyft, Netflix kanye ne-Twitter, ezihlinzeka ngezinsizakalo ezinzile ezigidini zabasebenzisi emhlabeni jikelele. (). Kuzinhlelo zokusebenza ezingafuneki kangako, izakhiwo ezilula cishe zizokwanela.
I-Service Mesh architecture cishe ngeke ibe yimpendulo yakho konke ukusebenza kohlelo lokusebenza nezinkinga zokulethwa. Abadwebi bezakhiwo nabathuthukisi bane-arsenal enkulu yamathuluzi, futhi eyodwa kuphela kubo isando, okumele, phakathi kwemisebenzi eminingi, ixazulule eyodwa kuphela - izipikili ezishaya ngesando. , isibonelo, ihlanganisa amamodeli amaningana ahlukene ahlinzeka ngokuqhubekayo kwezindlela zokuxazulula izinkinga kusetshenziswa ama-microservices.
Izinto ezihlangana ndawonye esakhiweni se-Service Mesh, njenge-NGINX, iziqukathi, i-Kubernetes, nama-microservices njengendlela yezakhiwo, zingakhiqiza ngokulinganayo ekusetshenzisweni okungeyona i-Service Mesh. Isibonelo, i-Istio yaklanywa njengesakhiwo esiphelele se-mesh yesevisi, kodwa i-modularity yayo isho ukuthi onjiniyela bangakhetha futhi basebenzise izingxenye zobuchwepheshe kuphela abazidingayo. Unalokhu engqondweni, kubalulekile ukuthuthukisa ukuqonda okucacile komqondo we-Service Mesh, ngisho noma ungaqiniseki ukuthi uyoke ukwazi ukuwusebenzisa ngokugcwele kuhlelo lwakho lokusebenza.
Source: www.habr.com