Shulou(Shulou.com)06/03 Report--

This article mainly explains "how to understand the current limiting and degraded framework of Sentinel distributed system". The content of the article is simple and clear, and it is easy to learn and understand. please follow the editor's train of thought to study and learn "how to understand the current limiting and degraded framework of Sentinel distributed system".

(1) Overview

In the distributed system, many services exchange information through remote invocation, and the invocation failure will inevitably occur during the invocation. Sentinel can guarantee that in the case of a service problem, it will not cause the overall service failure, prevent the service avalanche and improve the availability of the distributed system.

Common fault tolerance methods are:

1. Timeout: set a relatively short timeout. If the call is not successful, the connection will be released in a very short time to avoid a large number of threads blocking and waiting.

2. Current limit: reject the request if you exceed the set threshold.

3. Circuit breaker: protect the overload of the service. When there is a service that cannot be called and requests accumulate, it can switch the service in time to prevent the collapse of the whole service.

The status of Sentinel is similar to that of Hystrix in SpringCloud. Sentinel takes traffic as the starting point to protect the stability of services from many dimensions, such as flow control, circuit breaker degradation, system load protection and so on.

(2) SpringCloudAlibaba integrated Sentinel

First, we download sentinel-dashboard-1.7.2.jar from sentinel's github official website.

Then start it through the jar command. The port defaults to 8080, and the ip+ port is accessed directly. This is the control background of sentinel, and the account password is sentinel.

Then introduce dependencies into the project

Com.alibaba.cloud spring-cloud-starter-alibaba-sentinel

In the configuration file, enter the background address, address and port of Sentinel to write your own. The port defaults to 8080.

Spring.cloud.sentinel.transport.dashboard=localhost:8080

After startup, you can see this application in the Sentinel background.

The API called by the sentinel console defaults to http://ip:8719/api. When a project that introduces sentinel dependency is started locally, an api will be exposed on port 8719 by default.

(3) flow control rules of sentinel

Wrote a simple request:

@ RestControllerpublic class TestController {@ GetMapping ("/ test") public String test () {return "test";}}

Next, we use this request to understand the flow control rules of sentinel. The so-called flow control rules are the control of the request.

Resource name: the default is the requested path

For source: Sentinel can limit the current for callers, enter the micro-service name, and specify which micro-service to limit the current. Default default (source-insensitive, all restrictions)

Threshold type: optional QPS and number of threads, which can be set to execute flow control policy.

Whether or not to cluster: whether your environment is clustered or not

Flow control mode:

1. Direct: directly control the resource. For example, when the / test access above reaches the threshold, the flow is limited.

2. Association: when the associated resources reach the threshold, the flow is limited.

Look at the picture, if the / test2 access reaches the threshold, the current limit / test

3. Link: only the traffic on the specified link is recorded (the traffic of the specified resource from the ingress resource, which can be limited if the threshold is reached). The name of this link can be obtained from the cluster link.

Flow control effect

1. Quick failure: direct failure

2. Warm Up: prefetch mode. According to the value of codeFactory (default 3), the QPS threshold is reached from the threshold / codeFactory after the prefetch time. For example, if the QPS is set to 90 and the preheating is set to 10 seconds, the initial threshold is 90 Universe 30, and it takes 10 seconds to reach 90.

3. Queue waiting: for example, if the threshold is set to 10 and the timeout is 500 milliseconds, when the 11th request arrives, it will not report an error directly, but wait for 500 milliseconds. If the threshold still exceeds 10, the current will be limited.

After setting the traffic control rules, keep refreshing to trigger to the threshold, and see the following prompt:

This prompt is not very friendly. You can customize the data information returned after current limit, which corresponds to five kinds of current limit exceptions:

Public class MyBlockException implements BlockExceptionHandler {@ Override public void handle (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, BlockException e) throws Exception {JSONObject object=new JSONObject (); if (e instanceof FlowException) {object.put ("status", "100th"); object.put ("message", "interface current limit"); object.put ("data", null) } else if (e instanceof DegradeException) {object.put ("status", "101l"); object.put ("message", "service degradation"); object.put ("data", null);} else if (e instanceof ParamFlowException) {object.put ("status", "102"); object.put (" message "," hot spot parameter current limit ") Object.put ("data", null);} else if (e instanceof SystemBlockException) {object.put ("status", "103"); object.put (" message "," trigger system protection "); object.put (" data ", null);} else if (e instanceof AuthorityException) {object.put (" status "," 104") Object.put ("message", "authorization rules fail"); object.put ("data", null);} httpServletResponse.setStatus (500); httpServletResponse.setCharacterEncoding ("utf-8"); httpServletResponse.setContentType (MediaType.APPLICATION_JSON_VALUE); new ObjectMapper (). WriteValue (httpServletResponse.getWriter (), object);}}

Five different types are defined in the code

(4) downgrade rules of sentinel

The downgrade rule refers to shutting down individual services during the peak period of application, so that we can have more resources to deal with important business, such as Singles' Day, we will find that some functions of Alipay will be temporarily shut down.

RT mode: average response time, when N requests continue to enter within 1s, if the average response time exceeds the threshold, then in the next time window, it is processed according to the downgrade logic (report a DegradeException error).

Exception ratio: you can enter a number of 0. 0 to 1. 0 to indicate the proportion of exceptions that occur. If this ratio is exceeded within a second, it will be processed according to the downgrade logic in the following time window.

Number of exceptions: when the number of exceptions in the resource for nearly one minute exceeds the threshold, it will be handled according to the degradation logic in the following time window.

(5) Hot spot rules of sentinel

The so-called hot spot rule is to restrict access to some frequently accessed data (hot spot data).

For example, take the product ID as a parameter to limit the number of visits to this product. The request to be restricted needs to be buried in the code.

@ GetMapping ("/ test3") @ SentinelResource (value = "test3", blockHandler = "handHotKey") public String test3 (@ RequestParam (value = "a", required = false) String a, @ RequestParam (value = "b", required = false) String b) {return "test3" + aqb;} public String handHotKey (String A1, String a2, BlockException e) {return "hotspot data limit";}

Set the hotspot rule, where the resource name is the value set in @ SentinelResource. The parameter index is used to limit the flow of the parameter. The threshold and window length means that if there are 2 requests for parameter 0 within 1 second, the flow will be limited. After the current limit, the blockHandler method set by yourself will be executed.

You can set parameter exceptions in advanced settings, that is, limit current according to the value of the setting parameter:

After this setting, if you access / test3?a=1, it will be controlled according to the threshold below.

(VI) system rules of Sentinel

Limit the current by monitoring some parameters of the system:

Load: this parameter can only be used on Linux or Unix-like machines. The 1-minute loadAverage of the system is used as an indicator. This value is generally set to the number of CPU cores * 2.5.

RT: system protection is triggered when the average RT of all ingress traffic on a single machine reaches a threshold, in milliseconds.

Number of concurrent threads: system protection is triggered when the number of concurrent threads of all ingress traffic on a single machine reaches a threshold.

Ingress QPS: system protection is triggered when the QPS of all ingress traffic on a single machine reaches the threshold.

CPU usage: system protection is triggered when the system CPU utilization exceeds the threshold.

(7) the authorization rules of Sentinel

Authorization rules can specify which requests can be accessed and which are not. First, let's look at how to configure:

The resource name is the request name. Some application names can be entered manually in the traffic control application. If it is a whitelist, these can be accessed. If it is a blacklist, the application set in the traffic control application cannot be accessed.

Then you need to get the request in the code:

@ Componentpublic class MyRequestOriginParser implements RequestOriginParser {@ Override public String parseOrigin (HttpServletRequest httpServletRequest) {String origin=httpServletRequest.getParameter ("origin"); if (origin==null) {throw new IllegalArgumentException ("origin parameter not specified");} return origin;}}

After the setting, all requests must be equipped with the parameter origin=XXX. Take the above configuration as an example, only requests from origin=javayz can be accessed. If you don't like the way the parameters are passed, you can pass them in your code with header instead, and the effect is the same.

(8) the principle of communication between Sentinel console and service

Using Sentinel requires the introduction of sentinel dependencies, where sentinel-transport-simple-http dependencies register microservices with SentinelDashboard. After the micro service is started, a series of api interfaces are automatically opened on port 8719, and we can also access these api interfaces through http://ip:8719/api. SentinelDashboard communicates with the micro service through these API.

This port 8719 can be modified in the configuration file:

Spring.cloud.sentinel.transport.port=8719 (IX) Protection rules of Sentinel

By default, all GetMapping and PostMapping requests in our code are protected by Sentinel, that is, they all pass through the Sentinel interceptor, but the interception can also be turned off manually.

Spring.cloud.sentinel.filter.enabled=false

In this way, sentinel will not be able to capture the request. But you can still use Sentinel in code.

@ GetMapping ("/ test4") public String test4 () {ContextUtil.enter ("test4", "abc"); Entry entry=null; try {entry= SphU.entry ("test4"); / / business code return "end of business processing";} catch (BlockException e) {e.printStackTrace (); / / a series of exception handling. Refer to MyBlockException / /. Return "trigger current limit";} catch (NullPointerException e) {/ / A pair of exceptions to monitor Tracer.trace (e); return "null pointer exception";} finally {if (entrypointer null) {entry.exit ();} ContextUtil.exit ();}}

Or you can use annotations to add burial points.

@ SentinelResource (value = "test3", blockHandler = "handHotKey")

After this configuration, the interception of the resource test3 is added. If the current limit policy is triggered, it will enter the handHotKey method of the current class, or configure blockHandlerClass, and it will enter the handHotKey method of the class configured by blockHandlerClass.

(10) RestTemplate integrates Sentinel

First of all, you need to enable RestTemplate support in the configuration file. The default is true.

Resttemplate.sentinel.enabled=true

Then add a Sentinel comment to the code where RestTemplate is injected into Bean:

@ SentinelRestTemplate (blockHandler = "fallback", blockHandlerClass = MyBlockHandlerClass.class) @ LoadBalanced / / load balancing @ Beanpublic RestTemplate restTemplate () {return new RestTemplate ();}

The current limit method called is as follows:

Public class MyBlockHandlerClass {public static SentinelClientHttpResponse block () {return new SentinelClientHttpResponse ("block info");}} (11) Feign Integration Sentinel

First of all, you need to enable support for Feign in the configuration file. The default is false:

Feign.sentinel.enabled=true

Then add the class fallback to the @ FeignClient annotation:

@ FeignClient (name = "nacos-discovery-provider", fallback = TestServiceFallback.class,configuration = FeignConfiguration.class) public interface TestService {@ GetMapping ("/ {name}") String index (@ PathVariable ("name") String string);} after the rule is finally set, the corresponding method in fallback is triggered to implement the persistence of public class TestServiceFallback implements TestService {@ Override public String index (String string) {return "fallback";}} (XII) Sentinel

Default mode:

In the previous introduction to Sentinel, you will find that the configuration in the Sentinel is lost after each restart of the microservice, because API pushes the rules into the client's memory and disappears after restart.

Pull mode:

After the rule is set in Sentinel Dashboard, it is pushed to the client and saved not only in memory, but also in the local file. The Pull pattern needs to be implemented through code, which can be directly reused:

@ Slf4jpublic class FileDataSourceInit implements InitFunc {@ Override public void init () throws Exception {String ruleDir=System.getProperty ("user.home") + "/ sentinel/rules"; log.info (ruleDir); / / current restriction rule path String flowRulePath = ruleDir + "/ flow-rule.json"; / / downgrade rule path String degradeRulePath = ruleDir + "/ degrade-rule.json" / / hotspot rule path String paramFlowRulePath = ruleDir+ "/ param-flow-rule.json"; / / system rule path String systemRulePath = ruleDir+ "/ system-rule.json"; / / permission rule path String authorityRulePath=ruleDir+ "/ authority-rule.json"; this.mkdirIfNotExists (ruleDir); this.createFileIfNotExists (flowRulePath); this.createFileIfNotExists (flowRulePath); this.createFileIfNotExists (flowRulePath) This.createFileIfNotExists (flowRulePath); this.createFileIfNotExists (flowRulePath); / / flow control rules, which can read data ReadableDataSource flowRuleRDS=new FileRefreshableDataSource (flowRulePath, flowRuleListParser); / / inject readable data sources into FlowRuleManager, and update the rules to cache FlowRuleManager.register2Property (flowRuleRDS.getProperty ()) when the file changes / / flow control rules: writable data source WritableDataSource flowRuleWDS=new FileWritableDataSource (flowRulePath, this::encodeJson); WritableDataSourceRegistry.registerFlowDataSource (flowRuleWDS); / / downgrade rule: readable data source ReadableDataSource degradeRuleRDS=new FileRefreshableDataSource (degradeRulePath, degradeRuleListParser); DegradeRuleManager.register2Property (degradeRuleRDS.getProperty ()) / / downgrade rule: writable data source WritableDataSource degradeRuleWDS=new FileWritableDataSource (flowRulePath, this::encodeJson); WritableDataSourceRegistry.registerDegradeDataSource (degradeRuleWDS); / / hotspot parameters: readable data source ReadableDataSource paramFlowRuleRDS=new FileRefreshableDataSource (paramFlowRulePath, paramFlowRuleListParser); ParamFlowRuleManager.register2Property (paramFlowRuleRDS.getProperty ()) / / hotspot parameters: writable data source WritableDataSource paramFlowRuleWDS=new FileWritableDataSource (paramFlowRulePath, this::encodeJson); ModifyParamFlowRulesCommandHandler.setWritableDataSource (paramFlowRuleWDS); / / system rules: readable data source ReadableDataSource systemRuleRDS=new FileRefreshableDataSource (systemRulePath, systemRuleListParser); SystemRuleManager.register2Property (systemRuleRDS.getProperty ()) / / system rules: writable data source WritableDataSource systemRuleWDS=new FileWritableDataSource (systemRulePath, this::encodeJson); WritableDataSourceRegistry.registerSystemDataSource (systemRuleWDS); / / authorization rules: readable data source ReadableDataSource authorityRuleRDS=new FileRefreshableDataSource (authorityRulePath, authorityRuleListParser); AuthorityRuleManager.register2Property (authorityRuleRDS.getProperty ()) WritableDataSource authorityRuleWDS=new FileWritableDataSource (authorityRulePath, this::encodeJson); WritableDataSourceRegistry.registerAuthorityDataSource (authorityRuleWDS);} private Converter flowRuleListParser=source- > JSON.parseObject (source, new TypeReference () {}); private Converter degradeRuleListParser=source- > JSON.parseObject (source, new TypeReference () {}) Private Converter systemRuleListParser=source- > JSON.parseObject (source, new TypeReference () {}); private Converter authorityRuleListParser=source- > JSON.parseObject (source, new TypeReference () {}); private Converter paramFlowRuleListParser=source- > JSON.parseObject (source, new TypeReference () {}); private void mkdirIfNotExists (String filePath) {File file=new File (filePath) If (! file.exists ()) {file.mkdirs ();}} private void createFileIfNotExists (String filePath) throws IOException {File file=new File (filePath); if (! file.exists ()) {file.createNewFile ();}} private String encodeJson (T) {return JSON.toJSONString (t);}}

Sentinel data persistence is achieved through the SPI mechanism, so you need to create a new folder META-INF/services under resource, and then create a new file com.alibaba.csp.sentinel.init.InitFunc

The fully qualified name of the above class is written in the file:

After the rule is generated, the json file will be generated under the path set in the code, and the previous configuration will not disappear after restart.

Push mode: the client listens to changes all the time by registering listeners, such as using Nacos, Zookeeper and other configuration centers, which ensures good real-time performance and consistency. Push mode is generally used in production environment. We use Nacos to implement

1. Add sentinel-datasource-nacos dependencies

Com.alibaba.csp sentinel-datasource-nacos

2. Configure persistent data sources

Spring.cloud.sentinel.datasource.ds1.nacos.server-addr=192.168.78.128:8848spring.cloud.sentinel.datasource.ds1.nacos.data-id=$ {spring.application.name} .jsonspring.cloud.sentinel.datasource.ds1.nacos.g roup-id=DEFAULT_GROUPspring.cloud.sentinel.datasource.ds1.nacos.data-type=jsonspring.cloud.sentinel.datasource.ds1.nacos.rule-type=flow

3. Add the configuration file manually in Nacos. The configuration file here is in the same format as the local configuration file.

[{"clusterMode": false, "controlBehavior": 0, "count": 2, "grade": 1, "limitApp": "default", "maxQueueingTimeMs": 500, "resource": "/ test", "strategy": 0, "warmUpPeriodSec": 10}]

Push mode still has some disadvantages. Nacos can synchronize to Sentinel after modifying configuration file, but it cannot be synchronized to Nacos after modifying configuration in Sentinel, so you need to synchronize data manually.

Thank you for your reading, the above is the content of "how to understand the current limiting and degraded framework of Sentinel distributed system". After the study of this article, I believe you have a deeper understanding of how to understand the current limiting and degraded framework of Sentinel distributed system, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.