Njengoba sisuka kuhlelo lokusebenza lwe-monolithic siye esakhiweni se-microservices, sibhekana nezinselele ezintsha.
Kuhlelo lokusebenza lwe-monolithic, ngokuvamile kulula kakhulu ukunquma ukuthi iyiphi ingxenye yesistimu iphutha elenzeke kuyo. Ngokunokwenzeka, inkinga ikukhodi ye-monolith ngokwayo, noma ku-database. Kodwa lapho siqala ukufuna inkinga ekwakhiweni kwe-microservice, yonke into ayisabonakali kangako. Sidinga ukuthola yonke indlela isicelo esiyithathile kusukela ekuqaleni kuze kube sekupheleni bese siyikhetha kumakhulukhulu ezinsiza ezincane. Ngaphezu kwalokho, eziningi zazo nazo zinezindawo zazo zokugcina, ezingase futhi zibangele amaphutha anengqondo, kanye nezinkinga zokusebenza nokubekezelelana kwamaphutha.
Sekuyisikhathi eside ngifuna ithuluzi elingasiza ukubhekana nezinkinga ezinjalo (ngabhala ngalokhu ku-HabrΓ©: , ), kodwa ekugcineni ngenze esami isixazululo somthombo ovulekile. Kulesi sihloko ngikhuluma ngezinzuzo zendlela yesevisi ye-mesh futhi ngabelana ngethuluzi elisha lokuqaliswa kwalo.
Ukulandela ngomkhondo okusabalalisa kuyisixazululo esivamile senkinga yokuthola amaphutha ezinhlelweni ezisabalalisiwe. Kodwa kuthiwani uma le ndlela yokuqoqa ulwazi mayelana nokusebenzisana kwenethiwekhi ingakaqaliswa ohlelweni, noma, okubi nakakhulu, engxenyeni yesistimu isivele isebenza kahle, kodwa ngokwengxenye ayifuni, ngoba ayizange ifakwe kumasevisi amadala. ? Ukucacisa imbangela eqondile yenkinga, kuyadingeka ukuba nesithombe esiphelele salokho okwenzeka ohlelweni. Kubaluleke kakhulu ukuqonda ukuthi yimaphi ama-microservices abandakanyeka ezindleleni ezibalulekile zebhizinisi.
Lapha indlela ye-service mesh ingasisiza, ezobhekana nayo yonke imishini yokuqoqa ulwazi lwenethiwekhi ezingeni eliphansi kunaleso elisebenza ngokwalo. Le ndlela isivumela ukuthi sibambe yonke i-traffic futhi siyihlaziye ngokuhamba kwesikhathi. Ngaphezu kwalokho, izinhlelo zokusebenza akudingeki nokuthi zazi lutho ngakho.
Indlela yesevisi ye-mesh
Umqondo oyinhloko wendlela ye-service mesh ukungeza esinye isendlalelo sengqalasizinda phezu kwenethiwekhi, esizosivumela ukuthi senze noma yini ngokusebenzisana kwezinsiza. Ukuqaliswa okuningi kusebenza ngale ndlela elandelayo: isiqukathi se-sidecar esengeziwe esinommeleli osobala singezwa ku-microservice ngayinye, lapho kudluliselwa khona yonke ithrafikhi engenayo nephumayo yesevisi. Futhi lena iyona ndawo lapho singenza khona ukulinganisa kwamakhasimende, sisebenzise izinqubomgomo zokuphepha, sibeke imingcele enanini lezicelo futhi siqoqe ulwazi olubalulekile ekusebenzisaneni kwezinsizakalo ekukhiqizeni.
Izixazululo
Sekuvele kukhona ukusetshenziswa okuningana kwale ndlela: ΠΈ . Banikeza izici eziningi ngaphandle kwebhokisi. Kodwa ngasikhathi sinye, kufika i-overhead enkulu kuzinsiza. Ngaphezu kwalokho, lapho likhulu iqoqo lapho uhlelo olunjalo lusebenza khona, kuyodingeka izinsiza ezengeziwe ukuze kugcinwe ingqalasizinda entsha. Kwa-Avito, sisebenzisa amaqoqo e-kubernetes aqukethe izinkulungwane zezenzakalo zesevisi (futhi inombolo yawo iyaqhubeka nokukhula ngokushesha). Ekusetshenzisweni kwayo kwamanje, i-Istio isebenzisa ~ 300Mb ye-RAM ngesenzakalo ngasinye sesevisi. Ngenxa yenani elikhulu lamathuba, ukulinganisa obala nakho kuthinta sonke isikhathi sokuphendula sezinsizakalo (kufika ku-10ms).
Ngenxa yalokho, sibheke ukuthi yimaphi amakhono esiwadingayo njengamanje, futhi sanquma ukuthi isizathu esiyinhloko esenza ukuba siqale ukusebenzisa izixazululo ezinjalo kwakuyikhono lokuqoqa ulwazi lokulandelela kulo lonke uhlelo ngokusobala. Besifuna futhi ukulawula ukusebenzisana kwezinsizakalo futhi senze ukukhohlisa okuhlukahlukene ngezihloko ezidluliswa phakathi kwamasevisi.
Ngenxa yalokho, sifinyelele esinqumweni sethu:β .
I-Netramesh
iyisisombululo semeshi yesevisi engasindi esinekhono lokukala ngokungapheli, kungakhathaliseki inani lezinsizakalo ohlelweni.
Imigomo eyinhloko yesixazululo esisha yayingaphansi kwezinsiza eziphansi nokusebenza okuphezulu. Phakathi kwezici eziyinhloko, ngokushesha besifuna ukukwazi ukuthumela ngokusobala izibambo zokulandelela kusistimu yethu ye-Jaeger.
Namuhla, izixazululo eziningi zamafu zisetshenziswa e-Golang. Futhi, yiqiniso, kunezizathu zalokhu. Ukubhala izinhlelo zokusebenza zenethiwekhi ngesi-Golang ezisebenza ngokufana ne-I/O futhi zikala kuzo zonke izici njengoba kudingeka kulula futhi kulula. Futhi, okubaluleke kakhulu, ukusebenza kwanele ukuxazulula le nkinga. Yingakho siphinde sakhetha iGolang.
Ukukhiqiza
Sigxilise imizamo yethu ekuzuzeni umkhiqizo ophezulu. Ukuze uthole isixazululo esisetshenziswa eduze kwesibonelo ngasinye sesevisi, ukusetshenziswa okuncane kwe-RAM nesikhathi se-CPU kuyadingeka. Futhi, kunjalo, ukubambezeleka kwempendulo kufanele futhi kube kuncane.
Ake sibone ukuthi yimiphi imiphumela esiyitholile.
RAM
I-Netramesh isebenzisa ~ 10Mb ngaphandle kwethrafikhi kanye no-50Mb esiphezulu ngomthwalo ongafika ku-10000 RPS isibonelo ngasinye.
Ummeleli wenxusa le-Istio uhlala esebenzisa ~ 300Mb kumaqoqo ethu ngezinkulungwane zezimo. Lokhu akukuvumeli ukuthi kukalwe kulo lonke iqoqo.
Nge-Netramesh sithole ukwehliswa okungu-~10x kokusetshenziswa kwenkumbulo.
CPU
Ukusetshenziswa kwe-CPU kucishe kulingane ngaphansi komthwalo. Kuya enanini lezicelo ngeyunithi ngayinye yesikhathi enqoleni eseceleni. Amanani ngezicelo ezingama-3000 ngesekhondi eliphakeme kakhulu:
Kukhona iphuzu elilodwa elibalulekile: I-Netramesh - isisombululo esingenayo indiza yokulawula futhi ngaphandle komthwalo asidli isikhathi se-CPU. Nge-Istio, izimoto eziseceleni zihlala zibuyekeza izindawo zokugcina zesevisi. Ngenxa yalokho, singabona lesi sithombe ngaphandle komthwalo:
Sisebenzisa i-HTTP/1 ukuxhumana phakathi kwamasevisi. Ukwenyuka kwesikhathi sokuphendula se-Istio lapho ibamba ngenxusa bekufike ku-5-10ms, okuyinqwaba yezinsizakalo ezilungele ukuphendula nge-millisecond. NgeNetramesh lesi sikhathi sehle safinyelela ku-0.5-2ms.
I-Scalability
Inani elincane lezinsiza ezisetshenziswa ummeleli ngamunye lenza kube lula ukulibeka eduze kwesevisi ngayinye. I-Netramesh idalwe ngamabomu ngaphandle kwengxenye yendiza yokulawula ukuze imane igcine i-sidecar ngayinye ingasindi. Ngokuvamile ezixazululweni zemeshi yesevisi, indiza elawulayo isabalalisa ulwazi lokutholwa kwesevisi kunqola eseceleni ngayinye. Okuhambisana nakho kuza nolwazi mayelana nokuvala isikhathi nezilungiselelo zokulinganisa. Konke lokhu kukuvumela ukuthi wenze izinto eziningi eziwusizo, kodwa, ngeshwa, kubhuqa ama-sidecars ngosayizi.
Ukutholwa kwesevisi
I-Netramesh ayingezi ezinye izindlela zokutholwa kwesevisi. Yonke ithrafikhi yenziwe ngokusobala nge-netra sidecar.
I-Netramesh isekela iphrothokholi yohlelo lokusebenza lwe-HTTP/1. Ukuyichaza, kusetshenziswe uhlu olulungisekayo lwamachweba. Ngokuvamile, uhlelo lunamachweba amaningana lapho ukuxhumana kwe-HTTP kwenzeka khona. Isibonelo, sisebenzisa u-80, 8890, 8080 ekusebenzelaneni phakathi kwezinsizakalo nezicelo zangaphandle. Kulokhu, zingasethwa kusetshenziswa okuguquguqukayo kwemvelo. NETRA_HTTP_PORTS.
Uma usebenzisa i-Kubernetes njenge-orchestra kanye nendlela yebhizinisi layo lokuxhumana phakathi kweqoqo phakathi kwamasevisi, khona-ke indlela ihlala ifana ncamashi. Okokuqala, i-microservice ithola ikheli le-IP lesevisi isebenzisa i-kube-dns futhi ivula ukuxhumana okusha kuyo. Lokhu kuxhumana kusungulwa okokuqala nge-netra-sidecar yendawo futhi wonke amaphakethe e-TCP aqala afika ku-netra. Okulandelayo, i-netra-sidecar isungula ukuxhumana nendawo okuyiwa kuyo yoqobo. I-NAT ku-pod IP ku-node ihlala ifana ncamashi nangaphandle kwe-netra.
Ukulandelela okusabalalisiwe nokudlulisa umongo
I-Netramesh ihlinzeka ngomsebenzi odingekayo ukuze kuthunyelwe izikhawu zokulandelela mayelana nokusebenzisana kwe-HTTP. I-Netra-sidecar idlulisa iphrothokholi ye-HTTP, ilinganisa ukulibaziseka kwesicelo, futhi ikhiphe ulwazi oludingekayo kuzihloko ze-HTTP. Ekugcineni, sithola yonke imikhondo ohlelweni olulodwa lwe-Jaeger. Ngokucushwa okucolisekile, ungasebenzisa futhi okuguquguqukayo kwendawo okuhlinzekwe umtapo wolwazi osemthethweni .
Kodwa kukhona inkinga. Kuze kube yilapho izinsiza zikhiqiza futhi zithumela unhlokweni we-uber okhethekile, ngeke sibone izikhala zokulandelela ezixhunyiwe ohlelweni. Futhi yilokhu esikudingayo ukuze sithole ngokushesha imbangela yezinkinga. Nalapha futhi iNetramesh inesixazululo. Abameli bafunda izihloko ze-HTTP futhi, uma bengenazo i-id trace ye-uber, yenze eyodwa. I-Netramesh iphinde igcine ulwazi mayelana nezicelo ezingenayo neziphumayo kunqola eseceleni futhi izifanise ngokuzicebisa ngezihloko zesicelo eziphumayo ezidingekayo. Odinga ukukwenza ezinkonzweni ukuthumela unhlokweni owodwa nje X-Request-Id, engacushwa kusetshenziswa i-variable yemvelo NETRA_HTTP_REQUEST_ID_HEADER_NAME. Ukuze ulawule usayizi womongo ku-Netramesh, ungasetha okuguquguqukayo kwemvelo okulandelayo: NETRA_TRACING_CONTEXT_EXPIRATION_MILLISECONDS (isikhathi lapho umongo uzogcinwa khona) kanye NETRA_TRACING_CONTEXT_CLEANUP_INTERVAL (imvamisa yokuhlanza umongo).
Kungenzeka futhi ukuhlanganisa izindlela eziningi kusistimu yakho ngokuzimaka ngethokheni yeseshini ekhethekile. I-Netra ikuvumela ukuthi ufake HTTP_HEADER_TAG_MAP ukuze uguqule izihloko ze-HTTP zibe omaka be-span bokulandelela abahambisanayo. Lokhu kungaba usizo ikakhulukazi ekuhloleni. Ngemva kokuphumelela ukuhlolwa kokusebenza, ungabona ukuthi iyiphi ingxenye yesistimu ethintwe ukuhlunga ngokhiye wesikhathi ohambisanayo.
Ukunquma Umthombo Wesicelo
Ukuze unqume ukuthi isicelo sivelaphi, ungasebenzisa umsebenzi wokwengeza ngokuzenzakalelayo unhlokweni ngomthombo. Ukusebenzisa i-variable yemvelo NETRA_HTTP_X_SOURCE_HEADER_NAME Ungacacisa igama likanhlokweni elizofakwa ngokuzenzakalelayo. Ngokusebenzisa NETRA_HTTP_X_SOURCE_VALUE ungasetha inani okuzosethwa kulo unhlokweni we-X kuzo zonke izicelo eziphumayo.
Lokhu kuvumela ukusatshalaliswa kwalesi nhlokweni esiwusizo ukuthi sisatshalaliswe ngokufanayo kuyo yonke inethiwekhi. Bese ungayisebenzisa kumasevisi futhi uyengeze kumalogi namamethrikhi.
Umzila wethrafikhi kanye nabangaphakathi be-Netramesh
I-Netramesh iqukethe izingxenye ezimbili eziyinhloko. Eyokuqala, i-netra-init, ibeka imithetho yenethiwekhi ukuze ivimbele ithrafikhi. Uyasebenzisa ukuvimba yonke noma ingxenye yethrafikhi ku-sidecar, okuyingxenye yesibili eyinhloko ye-Netramesh. Ungalungiselela ukuthi yiziphi izimbobo ezidinga ukuvinjwa ngezikhathi ze-TCP ezingenayo neziphumayo: INBOUND_INTERCEPT_PORTS, OUTBOUND_INTERCEPT_PORTS.
Ithuluzi liphinde libe nesici esithakazelisayo - umzila we-probabilistic. Uma usebenzisa i-Netramesh ngokukhethekile ukuqoqa izikhala zokulandelela, lapho-ke endaweni yokukhiqiza ungagcina izinsiza futhi unike amandla umzila onokwenzeka usebenzisa okuguquguqukayo. NETRA_INBOUND_PROBABILITY ΠΈ NETRA_OUTBOUND_PROBABILITY (kusuka ku-0 kuye ku-1). Inani elizenzakalelayo ngu-1 (yonke ithrafikhi iyabanjwa).
Ngemva kokungenela okuphumelelayo, i-netra sidecar yamukela uxhumano olusha nokusebenzisa SO_ORIGINAL_DST inketho yesokhethi ukuze uthole indawo yokuqala. I-Netra ibe isivula uxhumo olusha ekhelini le-IP langempela futhi isungula ukuxhumana kwe-TCP yezindlela ezimbili phakathi kwezinhlangothi, kulalela yonke ithrafikhi edlulayo. Uma imbobo ichazwa njenge-HTTP, i-Netra izama ukuyihlaziya nokuyilandelela. Uma ukuncozululwa kwe-HTTP kwehluleka, i-Netra iwela emuva ku-TCP futhi isebenze ngokusobala ama-byte.
Ukwakha igrafu yokuncika
Ngemva kokuthola inani elikhulu lolwazi lokulandelela ku-Jaeger, ngifuna ukuthola igrafu ephelele yokusebenzisana ohlelweni. Kodwa uma isistimu yakho ilayishwe impela futhi izigidigidi zezikhala zokulandelela zinqwabelana ngosuku, ukuzihlanganisa akubi umsebenzi olula. Kunendlela esemthethweni yokwenza lokhu: . Nokho, kuzothatha amahora ukwakha igrafu ephelele futhi kuzokuphoqa ukuthi ulande yonke idathasethi ku-Jaeger emahoreni angama-XNUMX adlule.
Uma usebenzisa i-Elasticsearch ukuze ugcine izikhala zokulandelela, ungasebenzisa , ezokwakha igrafu efanayo ngemizuzu isebenzisa izici namandla e-Elasticsearch.
Ungayisebenzisa kanjani i-Netramesh
I-Netra ingangezwa kalula kunoma iyiphi isevisi esebenzisa noma iyiphi i-orchestrator. Ungabona isibonelo .
Okwamanje, i-Netra ayinawo amandla okusebenzisa ngokuzenzakalelayo ama-sidecars ezinsizeni, kodwa kunezinhlelo zokuqaliswa.
Ikusasa le-Netramesh
umgomo oyinhloko ukuzuza izindleko ezincane zezinsiza nokusebenza okuphezulu, ukuhlinzeka ngamakhono ayisisekelo okubonwa nokulawula ukuxhumana phakathi kwezinsiza.
Ngokuzayo, i-Netramesh izosekela amanye amaphrothokholi wesendlalelo sohlelo lokusebenza ngaphandle kwe-HTTP. Umzila we-L7 uzotholakala esikhathini esizayo esiseduze.
Sebenzisa iNetramesh uma uhlangabezana nezinkinga ezifanayo futhi usibhalele ngemibuzo neziphakamiso.
Source: www.habr.com