Internet companies often use micro-service layered architecture.
Voiceover:
Why service? For more information, see Problems Solved by Services.
With the increasing data volume and throughput, the business becomes more and more complex, and the number of services will increase and the level will become more and more detailed. In addition to the data service layer, various hierarchies such as business service layer and front-end separation will also be derived.
Voiceover:
For more information about layering, please refer to the evolution of Internet layered architecture.
Constantly discovering the main contradiction, pulling away from the main contradiction, solving the main contradiction, the architecture naturally evolved, micro-service architecture, what will be the potential main contradiction?
When micro-service architecture is introduced, an RPC framework is usually introduced to complete the whole RPC calling process.
As shown in the pink part above, RPC is divided into:
Voiceover:
Inseparable micro-service architecture, inseparable RPC details.
Not only microservices, MQ is also a similar architecture:
As shown in the pink part of the above figure, MQ is divided into:
Voiceover:
MQ, Internet architecture decoupling artifact.
The framework is only the first step, and more and more RPC and microservice related functions will be added.
For example: load balancing
If you want to extend multiple load balancing schemes, for example:
RPC- client needs to be upgraded.
For example: data collection
If we want to collect the processing time of RPC interface to realize unified monitoring and alarm, we need to upgrade RPC-client.
Voice-over, processing time is divided into:
Customer perspective processing time
Processing time of server perspective
If you want to collect the latter, you should also modify and report RPC-server.
Another example: service discovery
The service adds an instance and informs the configuration center, and the configuration center informs the registered RPC-client to send traffic to the newly started service instance, thus completing the expansion quickly.
Another example: call chain tracking
Both RPC-client and RPC-server need to be upgraded if the link call chain is to be tracked completely. The following functions: load balancing data collection service discovery call chain tracking ... are actually not business functions, so Internet companies generally have a technical department similar to the "architecture department" to develop and upgrade related functions, while the technical department of the business line directly uses relevant frameworks, tools and platforms to enjoy the convenience brought by various "black technologies".
Perfect! ! ! The ideal is full, but the reality is skinny, because:
Often face the following problems:
Voiceover:
Brother, how long does it take for your company to promote a new technology product?
Is there any way to solve these couplings and these common pain points?
One idea is to divide the service into two processes and decouple them.
Voiceover:
Many infrastructures, such as load balancing, monitoring and alarm, service discovery and governance, call chain, etc. , all implemented at this level.
In this way, "business belongs to business, technology belongs to technology" and complete decoupling is achieved. If all nodes are decoupled, the whole architecture will evolve into:
The whole service cluster has become a grid, which is the origin of Service Mesh service grid.
If we want to talk about ServiceMesh, we have to mention Istio, which is the most popular practice in ServiceMesh at present. Today, let's talk about what Istio does.
Schreiber: You can't fall behind.
What is Istio?
Istio is the product of ServiceMesh, and some key descriptions of it are as follows:
Voiceover:
Istio helps you connect, protect, control and observe microservices.
Voiceover:
I admire it. It's hard to put ten together. In fact, SM can provide more basic service functions.
Voiceover:
Still talking about decoupling.
How does Istio official website brag about himself?
Voiceover:
Another way to ask this question is "Why use Istio?" .
Istio is awesome. If you want to implement ServiceMesh, you must use Istio because:
Voiceover:
Can you believe it?
What are the core features of Istio?
Istio highlights five key features it provides:
Voiceover:
Circuit breaker, timeout, retry, high availability, multi-routing rules, AB test, gray release, traffic percentage distribution, etc.
Istio's boasting and features are very attractive to many foreign companies that provide intranet services through RESTful, but compared with the domestic micro-service architecture, it may not be able to achieve a good win-over effect:
(1) RPC frameworks in China are basically TCP, and multi-protocol support is not necessarily necessary;
(2) In the 2)RPC framework, routing, retry, failover, load balancing and high availability are the most basic;
(3) Traffic control, speed limit and quota management are the contents of service governance, which are icing on the cake in the early stage of micro-service architecture;
(4) Automatic measurement, data acquisition at the entrance and exit of the system, call tracking and observable and controllable background are really the most attractive;
(5) Service-to-service authentication. Micro-service is basically intranet access, which is just the icing on the cake in the early stage of architecture;
Another lace, why is the agent called sidecar agent?
Istio is so awesome, what is its core architecture?
Regarding the architecture design of Istio, official website used this sentence:
Logically speaking, Istio is divided into:
These two words are the core of Istio architecture, but they are also the most misleading places.
Data plane and control plane were not first put forward by ServiceMesh and Istio, they are mature concepts in computer network and message routing and forwarding:
Schreiber: The above two pictures show the architecture of the router.
Its design principle is:
Voiceover:
Istio's architectural core is very similar to that of a router:
(1) efficient forwarding;
(2) receiving and executing the strategy from the mixer;
(1) Manage and configure side car agents;
(2) implement the strategy and collect data from the side car agent through the mixer;
Voiceover:
(1)sidecar proxy, the original text is envoy, and the latter text envoy means agent;
(2) mixer, not sure how to translate. Some articles are called "mixer", which is directly called mixer;
(3)pilot, galley, citadel, dare not translate into pilot, kitchens, forts, and the following words are directly used in English;
As shown in the architecture diagram, there are five core components in the two-tier architecture.
The core responsibility of the special envoy is efficient forwarding. More specifically, it has the following functions:
(1) service discovery
(2) Load balancing
(3) Safe transmission
(4) Multi-protocol support, such as HTTP/2 and gRPC.
(5) Circuit breaker
(6) health examination
(7) Percentage shunt routing
(8) Fault injection
(9) System measurement
Most functions are available in the RPC framework, or are relatively easy to understand. This paper mainly introduces the circuit breaker and fault injection.
It is a design idea of service self-protection or degradation in software architecture design.
For example, when the system detects that an interface has a large number of timeouts, the circuit breaker strategy can terminate the call to the interface (the circuit breaker is disconnected) and try the call again after a period of time. If the interface no longer times out, it will slowly resume the call (the circuit breaker is closed).
It is a method of deliberately introducing faults in software architecture design to expand the test coverage and ensure the robustness of the system. Mainly used for testing.
Most internet companies in China do not consider fault injection in architecture design, but often use it in the development and debugging of operating system kernel and router, which can be used to simulate some very difficult anomalies such as memory allocation failure and disk IO error to ensure test coverage.
Some of Mixer's core competencies are:
(1) cross-platform, as an adapter for other components, to realize the cross-platform capability of Istio;
(2) communicate with the special envoy and make real-time strategies.
(3) Communicate with special envoys and collect all kinds of data.
The core of Mixer design is "plug-in", which enables Istio to adapt to various complex host environments and back-end infrastructure.
As a very important control plane component, the pilot's core competence is:
(1) Provide service discovery capability for special envoys;
(2) Provide Envoy with various intelligent routing management capabilities, such as A/B testing and gray scale publishing;
(3) Provide special envoys with various flexible management capabilities, such as timeout, retry and disconnection strategies;
The core of Pilot's design is "standardization", which transforms various flow control commands into configurations that can be recognized by envoys, and spreads these commands to all envoys at runtime. The advantage of Pilot abstracting these functions into a common configuration is that all envoys who meet this standard can connect to Pilot.
The subtext is that any third party can implement its own agent and integrate with Pilot as long as it meets the relevant API standards.
Citadel component, providing end-user authentication and service-to-service access control. In short, this is a security-related component.
Gary component is the component of configuration acquisition, verification, processing and distribution, and adopts "decoupling" design to decouple "acquiring user configuration from bottom platform (such as K8S)" from Istio.
Istio adopts two-tier architecture and five modules to decouple microservice mesh:
Data plane, mainly responsible for efficient forwarding
(1) envoy module: agent; ;
(2) mixer module: adapter; Support cross-platform and standardized API
(3) Test module: control and configure most of the special envoy's strategies;
(4)citadel module: safety related;
(5) Kitchen module: decoupled from the bottom platform (such as K8s);
Separation of realization and control, classic architecture design method, understand?
Ideas are more important than conclusions.