Izikhungo zedatha yesimanje zinamakhulu emishini esebenzayo efakiwe, embozwe izinhlobo ezahlukene zokuqapha. Kodwa ngisho nonjiniyela okahle onokuqapha okuphelele esandleni uzokwazi ukuphendula ngendlela efanele ekuhlulekeni kwenethiwekhi emizuzwini embalwa kuphela. Embikweni wengqungquthela ye-Next Hop 2020, ngethule indlela yokuklama inethiwekhi ye-DC, enesici esiyingqayizivele - isikhungo sedatha sizipholisa ngokwaso ngama-millisecond. Ngokunembayo, unjiniyela ulungisa inkinga ngomoya ophansi, kuyilapho izinsizakalo zingakuqapheli.
Konjiniyela abaningi benethiwekhi, inethiwekhi yesikhungo sedatha iqala, yebo, nge-ToR, ngokushintsha ku-rack. I-ToR ngokuvamile inezinhlobo ezimbili zezixhumanisi. Ezincane ziya kumaseva, ezinye - kunezikhathi ezingu-N ngaphezulu kwazo - ziya ngasemigogodleni yezinga lokuqala, okungukuthi, kuma-uplinks ayo. Ama-Uplink ngokuvamile abhekwa njengalingana, futhi ithrafikhi phakathi kwama-uplinks ibhalansiswa ngokusekelwe ku-hashi esuka ku-5-tuple, ehlanganisa i-proto, i-src_ip, i-dst_ip, i-src_port, i-dst_port. Azikho izimanga lapha.
Okulandelayo, ibukeka kanjani ipulani yezakhiwo? Imigogodla yezinga lokuqala ayixhumekile komunye nomunye, kodwa ixhunywe ngama-superspines. Uhlamvu X luzoba nesibopho sama-superspines; kucishe kufane nokuxhumanisa.
Futhi kuyacaca ukuthi, ngakolunye uhlangothi, ama-tori axhunywe kuwo wonke ama-spines wezinga lokuqala. Yini ebalulekile kulesi sithombe? Uma sinokusebenzisana ngaphakathi kwe-rack, khona-ke ukusebenzisana, vele, kuhamba nge-ToR. Uma ukusebenzisana kwenzeka ngaphakathi kwemojula, khona-ke ukusebenzisana kwenzeka ngemigodi yezinga lokuqala. Uma ukusebenzisana kuyi-intermodular - njengalapha, i-ToR 1 ne-ToR 2 - khona-ke ukusebenzisana kuzodlula emigogodleni yawo womabili amazinga okuqala nelesibili.
Ngokombono, i-architecture enjalo i-scalable kalula. Uma sinomthamo wembobo, isikhala esisele esikhungweni sedatha kanye nefayibha ebekwe ngaphambili, khona-ke inani lemizila lingahlala likhushulwa, ngaleyo ndlela kukhuliswe umthamo wonkana wesistimu. Lokhu kulula kakhulu ukukwenza ephepheni. Kungaba kanje empilweni. Kodwa indaba yanamuhla ayikho ngalokho.
Ngifuna kuthathwe izinqumo ezifanele. Sinezindlela eziningi ngaphakathi kwesikhungo sedatha. Zizimele ngokwemibandela. Indlela eyodwa ngaphakathi kwesikhungo sedatha ingenzeka kuphela ngaphakathi kwe-ToR. Ngaphakathi kwemojuli, sinenani lemizila elilingana nenani lemizila. Inani lezindlela phakathi kwamamojula lilingana nomkhiqizo wenombolo yezindiza kanye nenani lama-superspines endizeni ngayinye. Ukuze kucace, ukuze uthole umqondo wesilinganiso, ngizonikeza izinombolo ezivumelekile kwesinye sezikhungo zedatha ye-Yandex.
Kukhona izindiza eziyisishiyagalombili, indiza ngayinye ine-superspines engama-32. Ngenxa yalokho, kuvela ukuthi kukhona izindlela eziyisishiyagalombili ngaphakathi module, futhi ngokusebenzisana intermodule kukhona kakade 256 kubo.
Okusho ukuthi, uma sithuthukisa i-Cookbook, sizama ukufunda ukuthi singazakha kanjani izikhungo zedatha ezibekezelela amaphutha ezizelapha ngokwazo, khona-ke i-planar architecture iyisinqumo esifanele. Ixazulula inkinga yokukala, futhi ngokombono kulula. Kunezindlela eziningi ezizimele. Umbuzo usamile: i-architecture enjalo isinda kanjani ekuhlulekeni? Kukhona ukwehluleka okuhlukahlukene. Futhi sizoxoxa ngalokhu manje.
Vumela omunye we-superspines yethu "agule". Lapha ngabuyela ekwakhiweni kwezindiza ezimbili. Sizonamathela kulokhu njengesibonelo ngoba kuzoba lula ukubona ukuthi kwenzekani ngezingxenye ezimbalwa ezihambayo. Agule X11. Lokhu kuzowathinta kanjani amasevisi ahlala ngaphakathi kwezikhungo zedatha? Okuningi kuncike ekutheni ukwehluleka kubukeka kanjani.
Uma ukwehluleka kuhle, kubanjwe ezingeni lokuzenzakalelayo le-BFD efanayo, i-automation ibeka ngokujabulisayo amalunga ayinkinga futhi ihlukanise inkinga, khona-ke konke kuhamba kahle. Sinezindlela eziningi, ithrafikhi ihanjiswa ngokushesha kweminye imizila, futhi amasevisi ngeke abone lutho. Lesi iskripthi esihle.
Isimo esibi siwukuthi silahlekelwa njalo, futhi i-automation ayiboni inkinga. Ukuze siqonde ukuthi lokhu kuluthinta kanjani uhlelo lokusebenza, kuzodingeka sichithe isikhathi esincane sixoxa ngokuthi i-TCP isebenza kanjani.
Ngethemba ukuthi ngeke ngithuse muntu ngalolu lwazi: I-TCP iyiphrothokholi yokuqinisekisa ukudluliswa. Okusho ukuthi, esimweni esilula, umthumeli uthumela amaphakethe amabili futhi athole i-accumulative ack kuwo: "Ngithole amaphakethe amabili."
Ngemuva kwalokho, uzothumela amanye amaphakethe amabili, futhi isimo sizophinda. Ngiyaxolisa kusengaphambili ngokwenza lula. Lesi simo silungile uma ifasitela (inani lamaphakethe endizeni) limbili. Yiqiniso, esimweni esivamile lokhu akunjalo ngempela. Kodwa usayizi wewindi awuthinti umongo wokudlulisela iphakethe.
Kwenzekani uma silahlekelwa iphakethe 3? Kulokhu, umamukeli uzothola amaphakethe 1, 2 kanye no-4. Futhi uzotshela umthumeli ngokucacile esebenzisa inketho ye-SACK: "Uyazi, kufike abathathu, kodwa okuphakathi kulahlekile." Uthi, "Ack 2, SACK 4."
Ngalesi sikhathi, umthumeli ngaphandle kwezinkinga uphinda iphakethe elilahlekile.
Kodwa uma iphakethe lokugcina efasiteleni lilahlekile, isimo sizobukeka sihluke ngokuphelele.
Umamukeli uthola amaphakethe amathathu okuqala futhi okokuqala uqala ukulinda. Ngenxa yokulungiselelwa okuthile kusitaki se-TCP ye-Linux kernel, izolinda iphakethe elibhanqiwe ngaphandle uma amafulegi akhombisa ngokusobala ukuthi iphakethe lokugcina noma into efanayo. Izolinda kuze kuphele isikhathi sokuvala se-ACK Ebambezelekile bese ithumela ukuvuma emaphaketheni amathathu okuqala. Kodwa manje umthumeli uzolinda. Akazi noma iphakethe lesine lilahlekile noma selizofika. Futhi ukuze ingalayishi kakhulu inethiwekhi, izozama ukulinda inkomba ecacile yokuthi iphakethe lilahlekile, noma isikhathi sokuvala se-RTO siphelelwe yisikhathi.
Kuyini ukuphela kwesikhathi kwe-RTO? Lona umkhawulo we-RTT obalwa yisitaki se-TCP nokunye okungaguquki. Hlobo luni lokuhlala njalo, manje sizoxoxa.
Kodwa okubalulekile ukuthi uma siphinde sineshwa futhi iphakethe lesine lilahlekile futhi, i-RTO iphinda kabili. Okusho ukuthi, umzamo ngamunye ongaphumelelanga usho ukuphinda kabili isikhathi sokuvala.
Manje ake sibone ukuthi lesi sisekelo silingana nani. Ngokuzenzakalelayo, i-RTO encane ingu-200 ms. Le yi-RTO encane yamaphakheji wedatha. Kumaphakethe e-SYN kwehlukile, isekhondi elingu-1. Njengoba ubona, ngisho nomzamo wokuqala wokuthumela kabusha amaphakethe uzothatha izikhathi eziyi-100 kune-RTT engaphakathi kwesikhungo sedatha.
Manje ake sibuyele esimweni sethu. Kwenzakalani ngenkonzo? Isevisi iqala ukulahlekelwa amaphakethe. Inkonzo mayibe nenhlanhla ngokwemibandela ekuqaleni futhi ilahlekelwe okuthile phakathi nefasitela, bese ithola Isaka bese ithumela kabusha amaphakethe alahlekile.
Kodwa uma ishwa liziphinda, khona-ke sine-RTO. Yini ebalulekile lapha? Yebo, sinezindlela eziningi kunethiwekhi yethu. Kodwa ithrafikhi ye-TCP yoxhumo oluthile lwe-TCP izoqhubeka nokudlula esitakini esiphukile esifanayo. Ukulahleka kwephakethe, inqobo nje uma le X11 yethu ewumlingo ingaphumi yodwa, ingaholeli ekutheni isiminyaminya sigeleze ezindaweni ezingenankinga. Sizama ukuletha iphakethe ngesitaki esifanayo esiphukile. Lokhu kuholela ekwehlulekeni kwe-cascading: isikhungo sedatha isethi yezinhlelo zokusebenza ezisebenzisanayo, futhi okunye ukuxhumeka kwe-TCP kwazo zonke lezi zinhlelo zokusebenza kuqala ukonakala - ngoba i-superspine ithinta zonke izinhlelo zokusebenza ezikhona ngaphakathi kwesikhungo sedatha. Njengoba isisho sisho: uma ungaligqoki ihhashi, ihhashi laliqhuga; ihhashi laqhuga - umbiko awufikanga; umbiko awuzange ulethwe - sihlulwe empini. Lapha kuphela ukubala kusesesekhondini ukusuka lapho inkinga iphakama ukuya esigabeni sokuwohloka lapho izinkonzo ziqala ukuzizwa. Lokhu kusho ukuthi abasebenzisi bangahle baphuthelwe kokuthile ndawana thize.
Kunezixazululo ezimbili zakudala ezihambisanayo. Eyokuqala izinsizakalo ezizama ukufaka ama-straw futhi zixazulule inkinga kanje: βAke silungise okuthile kusitaki se-TCP. Masenze izikhathi zokuvala ezingeni lesicelo noma amaseshini e-TCP aphile isikhathi eside ngokuhlolwa kwezempilo kwangaphakathi.β Inkinga ukuthi izixazululo ezinjalo: a) azilingani nhlobo; b) zihlolwe kabi kakhulu. Okusho ukuthi, noma ngabe isevisi ilungiselela ngephutha isitaki se-TCP ngendlela eyenza kube ngcono, okokuqala, akunakwenzeka ukuthi isebenze kuzo zonke izinhlelo zokusebenza nazo zonke izikhungo zedatha, futhi okwesibili, cishe, ngeke iqonde ukuthi yenziwe. kahle, futhi yini engekho. Okusho ukuthi, iyasebenza, kepha ayisebenzi kahle futhi ayilinganisi. Futhi uma kunenkinga yenethiwekhi, ubani okufanele asolwe? Yiqiniso, i-NOC. I-NOC yenzani?
Izinsizakalo eziningi zikholelwa ukuthi emsebenzini we-NOC kwenzeka into efana nale. Kodwa uma ngikhuluma iqiniso, hhayi lokho kuphela.
I-NOC ohlelweni lwakudala ibambe iqhaza ekuthuthukisweni kwezinhlelo eziningi zokuqapha. Lokhu kokubili ibhokisi elimnyama nokuqapha ibhokisi elimhlophe. Mayelana nesibonelo sokuqapha umgogodla webhokisi elimnyama Alexander Klimenko ku-Next Hop yokugcina. Ngendlela, lokhu kuqapha kuyasebenza. Kodwa ngisho nokuqapha okufanelekile kuzoba nesikhathi sangempela. Ngokuvamile lena imizuzu embalwa. Ngemva kokuba isihambile, onjiniyela abasemsebenzini badinga isikhathi sokuphinda bahlole ukusebenza kwayo, babone inkinga yendawo bese beyicisha indawo eyinkinga. Okusho ukuthi, esimweni esihle kakhulu, ukwelapha inkinga kuthatha imizuzu emi-5, esimweni esibi kakhulu, imizuzu engu-20, uma kungabonakali ngokushesha lapho ukulahlekelwa kwenzeka khona. Kuyacaca ukuthi sonke lesi sikhathi - imizuzu emi-5 noma engu-20 - izinsizakalo zethu zizoqhubeka nokuhlupheka, okungenzeka ukuthi akukuhle.
Yini ngempela ongathanda ukuyithola? Sinezindlela eziningi kakhulu. Futhi izinkinga zivela ngokuqondile ngoba ukugeleza kwe-TCP okuneshwa kuyaqhubeka nokusebenzisa umzila ofanayo. Sidinga okuthile okuzosivumela ukuthi sisebenzise imizila eminingi ngaphakathi koxhumano olulodwa lwe-TCP. Kungase kubonakale sengathi sinesixazululo. Kukhona i-TCP, ebizwa nge-multipath TCP, okungukuthi, i-TCP yezindlela eziningi. Yiqiniso, yenzelwe umsebenzi ohluke ngokuphelele - wama-smartphone anamadivayisi amaningana enethiwekhi. Ukwandisa ukudlulisa noma ukwenza imodi eyinhloko/eyisipele, kwasungulwa indlela edala imicu eminingi (amaseshini) ngokusobala kuhlelo lokusebenza futhi ikuvumela ukuthi ushintshe phakathi kwayo uma kwenzeka yehluleka. Noma, njengoba ngishilo, khulisa i-streak.
Kodwa kukhona i-nuance lapha. Ukuze siqonde ukuthi kuyini, kuzodingeka sibheke ukuthi imicu isungulwa kanjani.
Imicu ifakwa ngokulandelana. Intambo yokuqala ifakwa kuqala. Imicu elandelayo ibe-ke isethwa kusetshenziswa ikhukhi osekuvunyelwene ngayo kakade kulolo chungechunge. Nansi inkinga.
Inkinga yukuthi uma intambo yokuqala ingazisunguli, intambo yesibili neyesithathu ayisoze yavela. Okusho ukuthi, i-multipath TCP ayixazululi ukulahlekelwa kwephakethe le-SYN ekugelezeni kokuqala. Futhi uma i-SYN ilahleka, i-TCP ye-multipath iphenduka ibe yi-TCP evamile. Lokhu kusho ukuthi endaweni yesikhungo sedatha ngeke kusisize ukuxazulula inkinga yokulahlekelwa efekthri futhi sifunde ukusebenzisa izindlela eziningi uma kwenzeka ukwehluleka.
Yini engasisiza? Abanye benu sebevele baqagela esihlokweni ukuthi inkambu ebalulekile endabeni yethu eqhubekayo kuzoba inkambu yesihloko selebula egelezayo ye-IPv6. Ngempela, lena inkambu evela ku-v6, ayikho ku-v4, ithatha ama-bits angu-20, futhi kube nokuphikisana ngokusetshenziswa kwayo isikhathi eside. Lokhu kuyathakazelisa kakhulu - kwakukhona izingxabano, okuthile kwalungiswa ngaphakathi kwe-RFC, futhi ngesikhathi esifanayo ukuqaliswa kwavela ku-kernel ye-Linux, engazange ibhalwe noma kuphi.
Ngiyakumema ukuthi uhambe nami ophenyweni oluncane. Ake sibheke ukuthi bekwenzekani ku-Linux kernel eminyakeni embalwa edlule.
unyaka ka-2014. Unjiniyela wenkampani eyodwa enkulu nehlonishwayo wengeza ekusebenzeni kwe-Linux kernel ukuncika kwevelu yelebula yokugeleza ku-hashi yesokhethi. Bebezama ukulungisa ini lapha? Lokhu kuhlobene ne-RFC 6438, edingide udaba olulandelayo. Ngaphakathi kwesikhungo sedatha, i-IPv4 ivamise ukufakwa kumaphakethe e-IPv6, ngoba imboni ngokwayo iyi-IPv6, kodwa i-IPv4 kufanele ngandlela thize inikezwe ngaphandle. Isikhathi eside kube nezinkinga ngokushintsha okungakwazi ukubheka ngaphansi kwezihloko ezimbili ze-IP ukuze ufike ku-TCP noma ku-UDP futhi uthole src_ports, dst_ports lapho. Kuvele ukuthi i-hashi, uma ubheka izihloko ezimbili zokuqala ze-IP, zicishe zalungiswa. Ukuze ugweme lokhu, ukuze ukulinganisa kwalesi thrafikhi esivalekile kusebenze kahle, kwahlongozwa ukuthi kwengezwe i-hashi yephakethe elihlanganisiwe le-5-tuple kunani lenkambu yelebula yokugeleza. Cishe into efanayo yenziwa kwezinye izinhlelo zokuhlanganisa, ze-UDP, ze-GRE, lezi zamuva zasebenzisa inkambu ye-GRE Key. Ngandlela thize, imigomo lapha icacile. Futhi okungenani ngaleso sikhathi ngokuhamba kwesikhathi zaziwusizo.
Ngo-2015, isiqephu esisha sivela kunjiniyela ofanayo ohlonishwayo. Uthakazelisa kakhulu. Isho lokhu okulandelayo - sizoshintsha i-hashi uma kwenzeka kuba nomcimbi ongemuhle womzila. Uyini umcimbi womzila ongemuhle? Lona i-RTO esixoxile ngayo ekuqaleni, okungukuthi, ukulahlekelwa umsila wefasitela kuyisenzakalo esibi ngempela. Yiqiniso, kunzima ukuqagela ukuthi yilokho.
2016, enye inkampani enedumela elihle, nayo enkulu. Iqaqa izinduku zokugcina futhi ikwenze ukuthi i-hashi, ebesiyenze ngokungahleliwe ngaphambilini, manje ishintshe ekudluliselweni kabusha kwe-SYN ngakunye nangemva kokuvala ngakunye kwe-RTO. Futhi kule ncwadi, ngokokuqala ngqΓ‘ nokokugcina, kushiwo umgomo omkhulu - ukuqinisekisa ukuthi ithrafikhi uma kwenzeka ukulahleka noma ukuminyana kwesiteshi kunamandla okuhanjiswa kabusha kancane futhi kusetshenziswe izindlela eziningi. Yiqiniso, ngemva kwalokhu kwakunezincwadi eziningi, ungazithola kalula.
Nakuba cha, awukwazi, ngoba akukaze kube khona ukushicilelwa okukodwa ngalesi sihloko. Kodwa siyazi!
Futhi uma ungaqondi ngokugcwele okwenziwe, ngizokutshela manje.
Kwenziwani, yimuphi umsebenzi owengeziwe ku-Linux kernel? i-txhash iyashintsha ibe yinani elingahleliwe ngemva komcimbi ngamunye we-RTO. Lona umphumela omubi kakhulu womzila. I-hashi incike kule tshash, futhi ilebula yokugeleza incike ku-skb hashi. Kunezibalo ezithile zokusebenza lapha; yonke imininingwane ayikwazi ukubekwa kusilayidi esisodwa. Uma kukhona ofuna ukwazi, ungadlula ikhodi ye-kernel futhi uhlole.
Yini ebalulekile lapha? Inani lenkambu yelebula yokugeleza lishintsha libe inombolo engahleliwe ngemva kwe-RTO ngayinye. Ingabe lokhu kukuthinta kanjani ukusakaza kwethu kwe-TCP ngeshwa?
Uma kwenzeka i-SACK, akukho okushintshayo ngoba sizama ukuthumela kabusha iphakethe elaziwayo elilahlekile. Kuze kube manje kuhle kakhulu.
Kodwa endabeni ye-RTO, inqobo nje uma sengeze ilebula yokugeleza kumsebenzi we-hash ku-ToR, ithrafikhi ingase ithathe umzila ohlukile. Futhi lapho imizila eminingi, makhulu amathuba okuthi izothola indlela engathinteki ukwehluleka kudivayisi ethile.
Kusele inkinga eyodwa - i-RTO. Yebo, kukhona omunye umzila, kodwa isikhathi esiningi sichithwa kulokhu. 200 ms kuningi. Umzuzwana awusendle ngokuphelele. Ngaphambilini, ngike ngakhuluma ngokuvala isikhathi lapho amasevisi alungiswayo. Ngakho-ke, okwesibili yisikhathi sokuvala, esivame ukulungiselelwa isevisi ezingeni lesicelo, futhi kulokhu insiza izoba ilungile ngokuqhathaniswa. Ngaphezu kwalokho, ngiyaphinda, i-RTT yangempela ngaphakathi kwesikhungo sedatha yesimanje ingama-millisecond angu-1.
Yini ongayenza ngokuvala isikhathi kwe-RTO? Isikhathi sokuvala, esinesibopho se-RTO uma kwenzeka ukulahleka kwamaphakethe wedatha, singalungiselelwa kalula ukusuka esikhaleni somsebenzisi: kukhona insiza ye-IP, futhi enye yemingcele yayo iqukethe i-rto_min efanayo. Uma kucatshangelwa ukuthi i-RTO, vele, idinga ukulungiswa hhayi emhlabeni jikelele, kodwa ngeziqalo ezinikeziwe, indlela enjalo ibukeka isebenza ngempela.
Yiqiniso, nge-SYN_RTO yonke into imbi kakhulu. Kubethelwe phansi ngokwemvelo. I-kernel inenani elinqunyiwe lesekhondi elingu-1, futhi yilokho. Awukwazi ukufinyelela lapho usuka esikhaleni somsebenzisi. Yinye kuphela indlela.
I-eBPF iyasiza. Ukukubeka kalula, lezi zinhlelo ezincane ze-C. Zingafakwa ezingwegweni ezindaweni ezahlukene ekuqhutshweni kwe-kernel stack kanye ne-TCP stack, ongashintsha ngayo inombolo enkulu kakhulu yezilungiselelo. Ngokuvamile, i-eBPF iwumkhuba wesikhathi eside. Esikhundleni sokusika inqwaba yamapharamitha e-sysctl nokwandisa insiza ye-IP, ukunyakaza kuqhubekela ku-eBPF futhi kwandise ukusebenza kwayo. Usebenzisa i-eBPF, ungakwazi ukushintsha ngokuguqukayo izilawuli zokuminyana nezinye izilungiselelo ze-TCP.
Kodwa kubalulekile kithi ukuthi ingasetshenziswa ukushintsha amanani e-SYN_RTO. Ngaphezu kwalokho, kunesibonelo esithunyelwe esidlangalaleni: . Kwenziwani lapha? Isibonelo siyasebenza, kodwa ngokwaso sinzima kakhulu. Lapha kucatshangwa ukuthi ngaphakathi kwesikhungo sedatha siqhathanisa amabhithi okuqala angu-44; uma afana, khona-ke singaphakathi kwesikhungo sedatha. Futhi kulesi simo sishintsha SYN_RTO inani lokuvala libe ngu-4ms. Umsebenzi ofanayo ungenziwa ngobuhle kakhulu. Kodwa lesi sibonelo esilula sibonisa ukuthi lokhu a) kungenzeka; b) kulula.
Yini esesiyazi? Iqiniso lokuthi ukwakheka kwendiza kuvumela ukukalwa, kuvele kube usizo kakhulu kithi uma sinika amandla ilebula lokugeleza ku-ToR futhi sithola amandla okugeleza ezindaweni eziyinkinga. Indlela engcono kakhulu yokunciphisa amanani e-RTO kanye ne-SYN-RTO ukusebenzisa izinhlelo ze-eBPF. Umbuzo usamile: ingabe kuphephile ukusebenzisa ilebula yokugeleza ukulinganisa? Futhi kukhona i-nuance lapha.
Ake sithi unesevisi kunethiwekhi yakho ehlala kunoma yikuphi ukusakaza. Ngeshwa, anginaso isikhathi sokungena emininingwaneni mayelana nokuthi i-anycast iyini, kodwa iyisevisi esabalalisiwe enamaseva aphathekayo ahlukene afinyeleleka ngekheli le-IP elifanayo. Futhi nansi inkinga engaba khona: umcimbi we-RTO awukwazi ukwenzeka kuphela lapho ithrafikhi idlula ngendwangu. Kungase futhi kwenzeke ezingeni lebhafa le-ToR: uma kwenzeka isigameko esingesihle, singenzeka nakusokhaya lapho umsingathi echitha okuthile. Uma kwenzeka umcimbi we-RTO futhi ishintsha ilebula yokugeleza. Kulokhu, ithrafikhi ingaya kwesinye isenzakalo sanoma yikuphi ukusakaza. Ake sicabange ukuthi lena i- anycast esezingeni eliphezulu, iqukethe isimo sokuxhuma - kungaba i-L3 Balancer noma enye isevisi. Bese kuphakama inkinga, ngoba ngemva kwe-RTO uxhumano lwe-TCP lufika kuseva, engazi lutho ngalokhu kuxhumana kwe-TCP. Futhi uma singenakho ukwabelana kwezwe phakathi kwamaseva asakazwayo, ithrafikhi enjalo izokwehliswa futhi uxhumo lwe-TCP luzophuka.
Yini ongayenza lapha? Ngaphakathi kwendawo yakho elawulwayo, lapho unika amandla ukulinganisa kwelebula eligelezayo, udinga ukurekhoda inani lelebula yokugeleza lapho ufinyelela noma yiziphi iziphakeli zokusakaza. Indlela elula ukwenza lokhu ngohlelo olufanayo lwe-eBPF. Kodwa nali iphuzu elibaluleke kakhulu - yini okufanele uyenze uma ungasebenzi inethiwekhi yesikhungo sedatha, kodwa ungumqhubi we-telecom? Lokhu kuyinkinga yakho futhi: ukuqala ngezinguqulo ezithile zeJuniper ne-Arista, zifaka ilebula lokugeleza emisebenzini yazo ye-hashi ngokuzenzakalelayo - ngokungananazi, ngesizathu esingacacile kimi. Lokhu kungase kubangele ukuthi ulahle uxhumano lwe-TCP kubasebenzisi abadlula kunethiwekhi yakho. Ngakho-ke ngincoma kakhulu ukuthi uhlole izilungiselelo zakho zamarutha lapha.
Ngandlela thize, kubonakala kimi ukuthi sesikulungele ukuqhubekela phambili ekuhlolweni.
Lapho sivumela ilebula yokugeleza ku-ToR, silungiselela umenzeli we-eBPF, manje osehlala kubasingathi, sinqume ukungalindi ukwehluleka okukhulu okulandelayo, kodwa senze ukuqhuma okulawulwayo. Sithathe i-ToR, enama-uplink amane, futhi setha amaconsi kwenye yazo. Badweba umthetho bathi - manje ulahlekelwa wonke amaphakethe. Njengoba ubona ngakwesobunxele, sinokuqapha kwephakethe ngalinye, okwehlile ku-75%, okungukuthi, ama-25% amaphakethe alahlekile. Ngakwesokudla kukhona amagrafu ezinsizakalo eziphila ngemuva kwale ToR. Empeleni, lawa amagrafu wethrafikhi wezindawo zokusebenzelana namaseva ngaphakathi kwendawo yokubeka. Njengoba ubona, bacwila ngisho ngaphansi. Kungani behla - hhayi ngo-25%, kodwa kwezinye izikhathi izikhathi ezingu-3-4? Uma uxhumo lwe-TCP luneshwa, luyaqhubeka nokuzama ukufinyelela lapho kuhlukana khona okuphukile. Lokhu kubhebhethekiswa ukuziphatha okuvamile kwesevisi ngaphakathi kwe-DC - ngesicelo somsebenzisi oyedwa, izicelo ezingu-N eziya kumasevisi angaphakathi ziyenziwa, futhi impendulo izoya kumsebenzisi uma yonke imithombo yedatha iphendula, noma lapho kuphelelwa isikhathi esicelweni. ileveli, esadinga ukulungiswa. Okusho ukuthi, yonke into imbi kakhulu.
Manje isilingo esifanayo, kodwa ngenani lelebula lokugeleza elinikwe amandla. Njengoba ubona, ngakwesobunxele ukuqapha kwethu inqwaba kwehle ngo-25%. Lokhu kulungile ngokuphelele, ngoba ayazi lutho mayelana nokuthunyelwa kabusha, ithumela amaphakethe futhi imane ibala isilinganiso senani lamaphakethe adilivwe nalahlekile.
Futhi ngakwesokudla uhlelo lwenkonzo. Ngeke uthole umthelela wejoyinti eliyinkinga lapha. Kulawo ma-millisecond afanayo, ithrafikhi yageleza isuka endaweni yenkinga yaya kuma-uplink amathathu asele angazange athintwe inkinga. Sinenethiwekhi eziphilisayo.
Lesi isilayidi sami sokugcina, isikhathi sokufingqa. Manje, ngithemba ukuthi uyazi ukuthi ungakha kanjani inethiwekhi yesikhungo sedatha eziphilisayo. Ngeke udinge ukuthi udlule kungobo yomlando ye-Linux kernel futhi ubheke ama-patches akhethekile lapho; uyazi ukuthi ilebula ye-Flow kuleli cala iyayixazulula inkinga, kodwa udinga ukusondela kulo mshini ngokucophelela. Futhi ngiyagcizelela futhi ukuthi uma ungu-opharetha we-telecom, akufanele usebenzise ilebula yokugeleza njengomsebenzi we-hash, ngaphandle kwalokho uzophazamisa izikhathi zabasebenzisi bakho.
Onjiniyela benethiwekhi kufanele bashintshe umqondo: inethiwekhi ayiqali nge-ToR, hhayi ngedivayisi yenethiwekhi, kodwa ngomsingathi. Isibonelo esimangalisayo yindlela esisebenzisa ngayo i-eBPF kokubili ukuze siguqule i-RTO futhi silungise ilebula yokugeleza kumasevisi asakaza.
Imishini yelebula yokugeleza ngokuqinisekile ifanele ezinye izinhlelo zokusebenza ngaphakathi kwesegimenti yokulawula elawulwayo. Lokhu kungaba ithrafikhi phakathi kwezikhungo zedatha, noma ungasebenzisa izinsimbi ezinjalo ngendlela ekhethekile ukuze ulawule ithrafikhi ephumayo. Kodwa ngizokutshela ngalokhu, ngethemba, ngokuzayo. Ngiyabonga kakhulu ngokunaka kwakho.
Source: www.habr.com