I-ProHoster > Блог > Ukuphatha > Indiza yedatha yemeshi yesevisi iqhathaniswa nendiza yokulawula

Indiza yedatha yemeshi yesevisi iqhathaniswa nendiza yokulawula

Sawubona, Habr! Ngethula ekunakeni kwakho ukuhunyushwa kwalesi sihloko "Indiza yedatha yemeshi yesevisi vs indiza yokulawula" umbhali UMat Klein.

Indiza yedatha yemeshi yesevisi iqhathaniswa nendiza yokulawula

Kulokhu, "ngangifuna futhi ngahumusha" incazelo yakho kokubili izingxenye zesevisi ye-mesh, indiza yedatha kanye nendiza yokulawula. Le ncazelo kimi ibonakale iqondakala kakhulu futhi ijabulisa, futhi okubaluleke kakhulu iholela ekuqondeni kokuthi “Ingabe iyadingeka nhlobo?”

Njengoba umqondo we- "Service mesh" usuthandwa kakhulu eminyakeni emibili edlule (isihloko sokuqala Okthoba 10, 2017) futhi nenani lababambe iqhaza esikhaleni lenyukile, ngibone ukwanda okulinganayo kokudideka phakathi kwakho konke. umphakathi wezobuchwepheshe mayelana nendlela yokuqhathanisa nokuqhathanisa izixazululo ezihlukene.

Isimo sifinyezwa kangcono ngochungechunge olulandelayo lwama-tweets engiwabhale ngoJulayi:

Ukudideka kwemeshi yesevisi #1: Linkerd ~ = Nginx ~ = Haproxy ~ = Umthunywa. Akekho kubo olingana ne-Istio. I-Istio iyinto ehluke ngokuphelele. 1 /

Eyokuqala imane izindiza zedatha. Ngokwabo abenzi lutho. Kumelwe babe semoyeni ngokunye okwengeziwe. 2/

I-Istio iyisibonelo sendiza yokulawula ehlanganisa izingxenye ndawonye. Lesi esinye isendlalelo. /isiphetho

Ama-tweets adlule akhuluma ngamaphrojekthi amaningana ahlukene (i-Linkerd, i-NGINX, i-HAProxy, i-Envoy, ne-Istio), kodwa okubaluleke nakakhulu ukwethula imiqondo evamile yendiza yedatha, i-service mesh, nendiza yokulawula. Kulokhu okuthunyelwe, ngizohlehla futhi ngikhulume ngalokho engikushoyo ngamagama athi "indiza yedatha" kanye "nendiza yokulawula" ezingeni eliphezulu kakhulu, bese ngikhuluma ngokuthi imigomo isebenza kanjani kumaphrojekthi ashiwo kuma-tweets.

Iyini i-service mesh, ngempela?

Indiza yedatha yemeshi yesevisi iqhathaniswa nendiza yokulawula
Umfanekiso 1: Uhlolojikelele lwemeshi yesevisi

Umdwebo we-1 ibonisa umqondo we-mesh yesevisi ezingeni layo eliyisisekelo. Kunamaqoqo enkonzo amane (AD). Isenzakalo ngasinye sesevisi sihlotshaniswa neseva elibamba lasendaweni. Yonke ithrafikhi yenethiwekhi (i-HTTP, i-REST, i-gRPC, i-Redis, njll.) isuka esihlokweni esisodwa sohlelo lokusebenza idluliswa kummeleli wasendaweni kuya kumaqoqo afanelekile wesevisi yangaphandle. Ngale ndlela, isibonelo sohlelo lokusebenza asiyazi inethiwekhi iyonke futhi sazi kuphela ummeleli wendawo. Empeleni, inethiwekhi yesistimu esabalalisiwe isusiwe kusevisi.

Indiza yedatha

Kumeshi yesevisi, iseva elibamba etholakala endaweni yohlelo lokusebenza yenza le misebenzi elandelayo:

  • Ukutholwa kwesevisi. Yiziphi izinsiza/izinhlelo zokusebenza ezitholakalayo zesicelo sakho?
  • Ukuhlola impilo. Ingabe izimo zesevisi zibuyiswa ukutholwa kwesevisi ziphilile futhi zilungele ukwamukela ithrafikhi yenethiwekhi? Lokhu kungabandakanya kokubili okusebenzayo (isb. impendulo/ukuhlolwa kwezempilo) kanye nokungenzi lutho (isb ukusebenzisa amaphutha angu-3xx alandelanayo njengenkomba yesimo sesevisi esingenampilo) ukuhlolwa kwezempilo.
  • Umzila. Uma uthola isicelo sokuthi "/foo" kusuka kusevisi ye-REST, yiliphi iqoqo lesevisi okufanele isicelo sithunyelwe kulo?
  • Ukulayisha ukulinganisa. Uma iqoqo lesevisi selikhethiwe ngesikhathi somzila, isicelo kufanele sithunyelwe kusiphi isibonelo? Ngasiphi isikhathi sokuvala? Ngaziphi izilungiselelo zokuphulwa kwesifunda? Uma isicelo sihluleka, kufanele sizanywe kabusha?
  • Ukuqinisekisa nokugunyazwa. Ngezicelo ezingenayo, ingabe isevisi yokushaya ingabonakala/igunyazwe kusetshenziswa i-mTLS noma enye indlela? Uma yaziwa/igunyaziwe, ingabe ivunyelwe ukushayela umsebenzi oceliwe (iphoyinti lokugcina) kusevisi noma kufanele kubuyiswe impendulo engagunyaziwe?
  • Ukuqaphela. Izibalo ezinemininingwane, amalogi/amalogi, kanye nedatha yomkhondo esabalalisiwe kufanele yenziwe esicelweni ngasinye ukuze opharetha baqonde ukugeleza kwethrafikhi esabalalisiwe kanye nezinkinga zokulungisa amaphutha njengoba ziphakama.

Indiza yedatha inesibopho sawo wonke amaphuzu wangaphambilini ku-mesh yesevisi. Eqinisweni, ummeleli wendawo wesevisi (inqola eseceleni) iyindiza yedatha. Ngamanye amazwi, indiza yedatha inesibopho sokusakaza okunemibandela, ukudlulisela phambili, kanye nokuqapha wonke amaphakethe enethiwekhi athunyelwa noma asuka kusevisi.

Indiza yokulawula

I-abstract yenethiwekhi ehlinzekwa ngummeleli wendawo endizeni yedatha iwumlingo(?). Nokho, ingabe ummeleli wazi kanjani ngempela ngomzila othi "/foo" oya kusevisi B? Ingasetshenziswa kanjani idatha yokutholwa kwesevisi egcwele izicelo zommeleli? Amapharamitha alungiselelwe kanjani ukulinganisa umthwalo, ukuphela kwesikhathi, ukuphulwa kwesekethe, njll.? Ulusebenzisa kanjani uhlelo lokusebenza usebenzisa indlela eluhlaza okwesibhakabhaka/eluhlaza noma indlela yoshintsho lwethrafikhi enomusa? Ubani olungiselela ukuqinisekiswa kwesistimu yonkana nezilungiselelo zokugunyaza?

Zonke izinto ezingenhla zingaphansi kolawulo lwendiza yokulawula ye-mesh yesevisi. Indiza elawulayo ithatha isethi yama-proxies ahlukene angawodwa futhi iwaguqule abe isistimu esabalalisiwe.

Ngicabanga ukuthi isizathu esenza ochwepheshe abaningi bathole imiqondo ehlukene yendiza yedatha nendiza elawulayo idida ingoba kubantu abaningi indiza yedatha ijwayelekile kuyilapho indiza yokulawula ingeyangaphandle/ingaqondakali. Sekuyisikhathi eside sisebenza namarutha enethiwekhi namaswishi isikhathi eside. Siyaqonda ukuthi amaphakethe/izicelo kumele zisuke endaweni A ziye ku-B nokuthi singasebenzisa izingxenyekazi zekhompuyutha nesofthiwe ukwenza lokhu. Isizukulwane esisha sama-proxies esofthiwe siyizinguqulo ezinhle zamathuluzi osekunesikhathi eside siwasebenzisa.

Indiza yedatha yemeshi yesevisi iqhathaniswa nendiza yokulawula
Umfanekiso 2: Indiza elawula abantu

Kodwa-ke, sekunesikhathi eside sisebenzisa izindiza zokulawula, nakuba opharetha abaningi benethiwekhi bengase bangahlobanisi le ngxenye yesistimu nanoma iyiphi ingxenye yobuchwepheshe. Isizathu silula:
Izindiza eziningi ezilawulayo ezisetshenziswa namuhla yilezi... thina.

In Umfanekiso 2 ibonisa lokho engikubiza ngokuthi “Indiza elawula abantu.” Kulolu hlobo lokusatshalaliswa, olusavame kakhulu, isisebenzisi esingumuntu esinenhliziyo encane sidala ukucushwa okumile - okungenzeka ngemibhalo - futhi sikusebenzise ngenqubo ethile ekhethekile kuwo wonke ama-proxies. Abameleli babe sebeqala ukusebenzisa lokhu kulungiselelwa futhi baqale ukucubungula indiza yedatha besebenzisa izilungiselelo ezibuyekeziwe.

Indiza yedatha yemeshi yesevisi iqhathaniswa nendiza yokulawula
Umfanekiso 3: Indiza yokulawula inezikhala zesevisi ethuthukisiwe

In Umfanekiso 3 ibonisa indiza yokulawula "enwetshiwe" ye-mesh yesevisi. Iqukethe izingxenye ezilandelayo:

  • Umuntu: Kusekhona umuntu (ngethemba ukuthi uthukuthele kancane) owenza izinqumo ezisezingeni eliphezulu mayelana nalo lonke uhlelo.
  • Lawula i-UI yendiza: Umuntu usebenzisana nohlobo oluthile lwesixhumi esibonakalayo ukuze alawule isistimu. Lokhu kungaba ingosi yewebhu, uhlelo lokusebenza lomugqa womyalo (CLI), noma esinye isixhumi esibonakalayo. Ngokusebenzisa isixhumi esibonakalayo somsebenzisi, u-opharetha uyakwazi ukufinyelela imingcele yokucushwa kwesistimu yomhlaba wonke efana nale:
    • Ukulawula ukusetshenziswa, ukuguqulwa kwethrafikhi okuluhlaza/okuluhlaza kanye/noma kancane kancane
    • Izinketho zokuqinisekisa kanye nokugunyazwa
    • Ukucaciswa kwethebula lomzila, isibonelo uma uhlelo lokusebenza lucela ulwazi mayelana nokuthi "/foo" kwenzekani
    • Layisha izilungiselelo zesilinganisi, njengokuvala isikhathi, ukuzama futhi, izilungiselelo zokuphulwa kwesekethi, njll.
  • Isihleli somsebenzi: Amasevisi asebenza engqalasizinda ngokusebenzisa uhlobo oluthile lwesistimu yokushejula/ye-orchestration, njenge-Kubernetes noma i-Nomad. Umhleli unesibopho sokulayisha isevisi kanye nommeleli wayo wasendaweni.
  • Ukutholwa kwesevisi. Uma isihleli siqala futhi simisa izimo zesevisi, sibika isimo sezempilo ohlelweni lokutholwa kwesevisi.
  • I-Sidecar proxy APIs yokucushwa : Amaphrokzi endawo akhipha isimo ezingxenyeni ezihlukahlukene zesistimu esebenzisa imodeli ekugcineni engashintshi ngaphandle kokungenelela komsebenzisi. Lonke uhlelo, oluhlanganisa zonke izimo zesevisi ezisebenzayo njengamanje kanye namaseva abamba endawo, agcina eguqulela ohlelweni olulodwa lwe-ecosystem. I-API yendiza yedatha yendawo yonke yezithunywa iyisibonelo esisodwa sokuthi lokhu kusebenza kanjani ekusebenzeni.

Empeleni, inhloso yendiza yokulawula iwukusetha inqubomgomo ezogcina yamukelwe yindiza yedatha. Izindiza zokulawula ezithuthuke kakhulu zizosusa izingxenye eziningi zezinye izinhlelo ku-opharetha futhi zidinga ukusebenza okumbalwa okwenziwa ngesandla, inqobo nje uma zisebenza ngendlela efanele!...

Indiza yedatha nendiza yokulawula. Indiza yedatha vs. isifinyezo sendiza yokulawula

  • Indiza yedatha yemeshi yesevisi: Ithinta yonke iphakethe/isicelo kusistimu. Ibophezelekile ekutholeni isicelo/isevisi, ukuhlola impilo, umzila, ukulinganisa ukulayisha, ukufakazela ubuqiniso/ukugunyaza nokubonakala.
  • Indiza yokulawula inezikhala zesevisi: Ihlinzeka ngenqubomgomo nokucushwa kwazo zonke izindiza zedatha ezisebenzayo ngaphakathi kwenethiwekhi yesevisi. Ayithinti noma yimaphi amaphakheji/izicelo kusistimu. Indiza yokulawula iguqula zonke izindiza zedatha zibe isistimu esabalalisiwe.

Isimo sephrojekthi samanje

Ngemva kokuqonda incazelo engenhla, ake sibheke isimo samanje sephrojekthi ye-service mesh.

  • Izindiza zedatha: Linkerd, NGINX, HAProxy, Envoy, Traefik
  • Lawula izindiza: Istio, Nelson, SmartStack

Kunokuba ngingene ekuhlaziyeni okujulile kwesixazululo ngasinye kulezi ezingenhla, ngizokhuluma kafushane ngamanye amaphuzu engikholwa ukuthi adala ukudideka okuningi ku-ecosystem njengamanje.

I-Linkerd ibingesinye seziphakeli zokuqala zendiza yedatha ye-mesh yesevisi ekuqaleni kuka-2016 futhi yenze umsebenzi omuhle kakhulu wokuqwashisa nokunaka imodeli yokuklama i-service mesh. Cishe izinyanga eziyisi-6 ngemuva kwalokho, u-Envoy wajoyina i-Linkerd (yize wayekade enoLyft kusukela ngasekupheleni kuka-2015). I-Linkerd ne-Envoy amaphrojekthi amabili avame ukukhulunywa ngawo lapho kuxoxwa ngezinsizakusebenza.

I-Istio yamenyezelwa ngoMeyi 2017. Imigomo yephrojekthi ye-Istio ifana kakhulu nendiza yokulawula enwetshiwe eboniswe ku Umfanekiso 3. Ummeleli we-Istio ungummeleli ozenzakalelayo. Ngakho, i-Istio iyindiza yokulawula, futhi uMthunywa uyindiza yedatha. Ngesikhathi esifushane, i-Istio yenza injabulo enkulu, futhi ezinye izindiza zedatha zaqala ukuhlanganisa njengengxenye ye-Envoy (kokubili i-Linkerd ne-NGINX ibonise ukuhlanganiswa ne-Istio). Iqiniso lokuthi izindiza ezihlukene zedatha zingasetshenziswa ngaphakathi kwendiza yokulawula efanayo kusho ukuthi indiza yokulawula kanye nendiza yedatha akusho ukuthi kuhlanganiswe ngokuqinile. I-API efana ne-Envoy's generic data plane API ingakha ibhuloho phakathi kwezingxenye ezimbili zohlelo.

U-Nelson no-SmartStack basiza ngokuqhubekayo ngokufanekisa ukuhlukaniswa kwendiza yokulawula kanye nendiza yedatha. U-Nelson usebenzisa i-Envoy njengommeleli wayo futhi wakha indiza yokulawula ethembekile ye-mesh yesevisi ngokusekelwe kusitaki se-HashiCorp, i.e. Nomad, njll. I-SmartStack mhlawumbe bekungowokuqala kwegagasi elisha lama-meshes wesevisi. I-SmartStack yakha indiza yokulawula eduze kwe-HAProxy noma i-NGINX, ebonisa ikhono lokuhlukanisa indiza yokulawula kusuka kumeshi yesevisi kusuka endizeni yedatha.

I-Microservice architecture ene-service mesh ithola ukunakwa okwengeziwe (ngokufanele!), futhi amaphrojekthi amaningi nabathengisi sebeqala ukusebenza ngale ndlela. Eminyakeni embalwa ezayo sizobona izinto ezintsha eziningi kokubili endizeni yedatha kanye nendiza yokulawula, kanye nokuxutshwa okwengeziwe kwezingxenye ezahlukene. Ekugcineni, i-microservice architecture kufanele ibe sobala kakhulu futhi ibe nemilingo (?) ku-opharetha.
Ngethemba ukuthi ngizocasuka kancane.

Okuthathwayo okubalulekile

  • I-service mesh iqukethe izingxenye ezimbili ezihlukene: indiza yedatha kanye nendiza yokulawula. Zombili izingxenye ziyadingeka, futhi ngaphandle kwazo uhlelo ngeke lusebenze.
  • Wonke umuntu ujwayelene nendiza yokulawula, futhi kuleli phuzu, indiza yokulawula kungaba nguwe!
  • Zonke izindiza zedatha ziqhudelana zodwa ezicini, ukusebenza, ukulungiseka, nokunwebeka.
  • Zonke izindiza ezilawulayo ziqhudelana zodwa ngezici, ukulungiseka, ukunwebeka, kanye nokusebenziseka kalula.
  • Indiza eyodwa yokulawula ingaqukatha izifinyezo ezifanele nama-API ukuze kusetshenziswe izindiza eziningi zedatha.

Source: www.habr.com

Engeza amazwana