Shulou(Shulou.com)06/02 Report--

This article mainly explains "what is the work flow of Sentinel". Interested friends may wish to have a look at it. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn "what is the workflow of Sentinel?"

Sentinel calculates that QPS uses time window + Bucket, and reuses Bucket cyclically to reduce memory consumption. When counting QPS, it uses the current timestamp to locate Bucket, and uses LongAdder to count the number of successful requests and failures in the time window. The total time consuming optimizes the concurrent lock, and avoids using System to obtain the current time every time by increasing the timestamp of scheduled tasks. You can see the efforts made by Sentinel in terms of performance, and Sentinel tries its best to minimize its impact on applications.

For each resource (interface), Sentinel creates an Bucket array with a time window of 1 second within one minute and an Bucket array with 500ms as the time window within one second, and wraps the two arrays as a Node to count the request data of the API. Each Bucket records the total number of requests, the total number of failures, the total time spent (the average time spent by the total time spent), and the total number of requests that have been restricted or fused in a time window.

Therefore, the memory consumed by Sentinel is at least the total number of resources multiplied by the amount of memory consumed by the Node corresponding to each resource, and the amount of memory consumed by each Node is the memory occupied by an Bucket array of size 2 and an Bucket array of size 60.

Sentinel Workflow Source Code Analysis

Sentinel reduces the memory consumption by reusing Bucket and reduces the performance consumption of concurrent statistics by using LongAdder. In addition to these, Sentinel realizes the functions of statistics, current limiting, fuse degradation and so on through the responsibility chain mode to achieve local lock-free.

Basic use of Sentinel:

The functions of Sentinel, such as statistics, current limiting and circuit breaker degradation, are performed by ProcessorSlot one by one. For example, the total number of requests and failures in the current time window of resources are counted by StatisticSlot, and FlowSlot is used to determine whether the current request requires current limit and DegradeSlot to determine whether the current request requires circuit breaker degradation.

These ProcessorSlot are packaged into a linked list in strict order, such as StatisticSlot before FlowSlot and FlowSlot before DegradeSlot.

The entry method of ProcessorSlot is called when the client receives the client request or before the client sends the request to the server, while the exit method is called when the server finishes processing the request (including abnormal completion) or when the client sends the request. Each ProcessorSlot passes a signal down through either the fireEntry method or the fireExit method.

Friends who have seen the Netty source code should be no stranger to the use of this design pattern. Netty also wraps the Handler handling requests into linked lists through the chain of responsibility pattern to achieve local serial processing requests. However, there are some differences between Sentinel's ProcessorSlot and Netty's Handler. ProcessorSlot's exit method is not passed from back to front like Netty.

The Shiro that we are familiar with is also realized through the responsibility chain (filter), so it is not difficult to understand that Sentinel achieves current limiting and circuit breaker. Without considering the current limit of the cluster. When the entry method of SphU is called, it will go through at least three ProcessorSlot: StatisticSlot, FlowSlot, and DegradeSlot. The sequence diagram is as follows.

When the entry method of StatisticSlot is called, StatisticSlot gets the Node of the resource according to the resource, gets the Bucket of the current time window from Node according to the current timestamp, and then increases the total number of requests for Bucket by 1. StatisticSlot catches an exception in the entry method. If the downstream ProcessorSlot throws an exception as a subclass of BlockException or BlockException, the total current limit of Bucket will be increased by 1, otherwise the total number of exceptions of Bucket will be increased by 1.

When the entry method of FlowSlot is called, check whether the current limit rule configured for the current resource meets the current limit condition, and throw a BlockException exception if the condition is met, indicating that the current request is restricted. Because Sentinel supports cluster current limit, the implementation of current limit is complicated, so we won't discuss it for the time being. If it is a single-node current limit, the realization is similar to the realization of fuse degradation. This paper only introduces the realization of fuse degradation.

When the entry method of DegradeSlot is called, check whether the circuit breaker degradation rule configured for the current resource meets the condition, and if the condition is met, a DegradeException exception is thrown, indicating that the current request has been broken.

Source code analysis of Sentinel fuse downgrade

Sentinel creates a Node for each resource (ResourceWrapper) to count the request data (total number of requests, total number of exceptions, total number of current restrictions or circuit breakers, total time spent) to support current limiting and circuit breaker degradation.

The name of ResourceWrapper is the name of the resource, and it can also be understood as the interface url, but this understanding is incorrect. The resource name is also used when we configure current-limiting rules or circuit breaker degradation rules.

The entryType of ResourceWrapper is the traffic type. Available values are IN and OUT,IN to indicate the inflow type, that is, the server receives the client request; OUT is the outflow type, that is, the client initiates a request to the server.

The resourceType of ResourceWrapper is a resource type, indicating whether it is Servlet or RPC, API gateway, database, and so on. It can be seen that Sentinel also supports access to the database current limit, circuit breaker.

The circuit breaker degradation feature provided by Sentinel can be used not only on the client side, but also on the server side, but it is generally placed on the client side for the circuit breaker degradation of resources with a traffic type of OUT, to ensure that it is not affected by the server or dragged down by the server.

To determine whether the fuse degradation function of Sentinel can be executed on the server side, we can read the source code of DegradeSlot to see whether it is limited to take effect only when the traffic type is EntryType.OUT.

When the entry method of DegradeSlot is called, DegradeSlot calls the checkDegrade method of DegradeRuleManager to check whether the current request satisfies a circuit breaker degradation rule.

When learning how to use Sentinel to implement fuse degradation, we used DegradeRuleManager to load our configured fuse degradation rules, so DegradeSlot left the check logic to DegradeRuleManager to complete.

DegradeRuleManager first obtains the configured circuit breaker degradation rules based on the resource name, because we can configure multiple circuit breaker degradation rules for the same resource, so the return will be a collection. Then iterate through the circuit breaker degradation rule and call the passCheck method of DegradeRule to pass the logic to check whether the circuit breaker needs to be triggered to DegradeRule. If multiple circuit breaker degradation rules are configured for a resource, a circuit breaker will be triggered as long as one of the circuit breaker degradation rules satisfies the condition.

The source code of the passCheck method for DegradeRule is as follows.

From the source code of DegradeRule's passCheck method, we do not find any restriction that the trigger of fuse degradation takes effect only if the traffic type is EntryType.OUT. Therefore, fuse degradation can be used not only on the client side, but also on the server side.

Three kinds of circuit breaker downgrade strategies are supported:

1. Average response time (DEGRADE_GRADE_RT)

2. Abnormal proportion (DEGRADE_GRADE_EXCEPTION_RATIO)

3. The number of exceptions (DEGRADE_GRADE_EXCEPTION_COUNT).

The official document adds a note on the use of the DEGRADE_GRADE_EXCEPTION_COUNT strategy: note that since the statistical time window is at the level of minutes, if the timeWindow is less than 60s, you may still enter the circuit breaker state after ending the circuit breaker state.

This sentence is not difficult to understand, and the answer can be found from the source code of DegradeRule's passCheck method, as shown in the following figure.

At this point, I believe you have a deeper understanding of "what is the work flow of Sentinel". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.