I have been working in the foreword for several years, and I have accumulated my own experience and thinking no matter what I have encountered or smelled. Of course, the blogger does not have much contact with the lofty distributed architecture practice, which is relatively fragmentary and can be supplemented at any time. As the saying goes, Rome wasn’t built in a day, nor was Rome built in a day, and for us developers, a good architecture wasn’t built overnight.
preface
I have been working for several years, and I have accumulated my own experience and thinking, no matter what I encounter or smell. Of course, I have not had much contact with the lofty distributed architecture practice, which is relatively fragmentary and can be supplemented at any time. As the saying goes, Rome wasn’t built in a day, nor was Rome built in a day, and for us developers, a good architecture wasn’t built overnight.
The initial set up
In the beginning, it was just a matter of putting together various frameworks and throwing them into a Tomcat container. At this time, our files, databases, and applications were all on the same server.
Service separation
With the online of the system, the number of users will gradually rise, it is obvious that a server can not meet the load of the system, at this time we have to make preparations in advance when the server is not overloaded.
Since we are a single architecture, optimizing the architecture is not practical in the short term, adding machines is a good choice. At this point, we may want to deploy the application and database services separately, and if possible, the file server separately.
The reverse proxy
In order to increase the service processing power, we add a proxy server in front of the Tomcat container. I usually use Nginx, but if you are more familiar with Apache, you are welcome.
The user’s request is sent to the reverse proxy, which then forwards the request to the back-end server.
Nginx is a Web server that handles static HTML, CSS, and JS requests, whereas Tomcat is a Web container that handles JSP requests. Tomcat also supports HTML, but not as well as Nginx.
The advantages of reverse proxy are as follows:
- Hide the real back-end services
- Load balancing cluster
- High availability cluster
- Cache static content for static separation
- Safety limit flow
- Static file compression
- Resolve cross-domain problems with multiple services
- Merge static requests (deprecated since HTTP/2.0)
- A firewall
- SSL and http2
Dynamic and static separation
Based on the above Nginx reverse proxy, we can also achieve static and static separation, such as HTML, CSS, JS and other requests to Nginx processing, dynamic requests are distributed to the back-end Tomcat processing.
The Nginx upgrade to 1.9.5+ can start the HTTP/2.0 era and speed up web access.
Of course, if the company is not short of money, CDN is also a good choice.
Service split
In this era of distributed micro-services, we don’t have to step on too many pits, it is easy to split. There are already relatively mature technologies on the market, such as Ali open source Dubbo(officially stated that it has started to maintain) and Spring Cloud of The Spring family. Of course, the specific implementation should be well controlled both in terms of technology and business.
Dubbo
SpringCloud
- Service discovery — Netflix Eureka
- Customer service load balancing – Netflix Ribbon
- Circuit breaker — Netflix Hystrix
- Service Gateway — Netflix Zuul
- Distributed configuration — Spring Cloud Config
Microservices and lightweight communication
- Synchronous and asynchronous communication
- Remote Calling RPC
- REST
- The message queue
Continuous integration deployment
With the continuous integration deployment that follows the service split, you may use the following tools: Docker, Jenkins, Git, Maven.
The picture is from the network, and the basic topology is as follows:
The entire continuous integration platform architecture evolves as shown below:
Service cluster
Linux clusters are divided into three main categories (high availability clusters, load balancing clusters, and scientific computing clusters). In fact, one of the most common things we encounter in production is load balancing clusters.
Load balancing
- DNS load balancing, general domain registrar’s DNS server does not support, but bloggers with Ali cloud resolution has supported
- Layer 4 load balancers (F5 and LVS) work over TCP
- Layer 7 load balancer (Nginx and HaProxy) works under Http protocol
Distributed session
As we all know, services are generally classified as stateful and stateless, and distributed SESsoion is for stateful services.
Several ways to implement distributed Session
- Database based Session sharing
- Session replication mechanism based on Resin/Tomcat Web container itself
- Session sharing based on OSCache, Redis, and memcached.
- Session sharing based on cookies
Several management modes of distributed Session
Session Replication Management (Session Replication)
- Overview: Broadcast Session data on one machine to other machines in the cluster
- Usage scenario: There are fewer machines and less network traffic
- Advantages: Simple implementation, small configuration, and user access is not affected when a machine on the network goes Down
- Disadvantages: broadcast copy to other machines when there is a certain amount of network overhead
Session Sticky management mode
- Description: Sticky Session. After a user accesses a machine in the cluster, all subsequent requests are forcibly assigned to this machine
- Usage scenario: The number of machines is moderate and the stability requirement is not very strict
- Advantages: Simple implementation, convenient configuration, no extra network overhead
- Disadvantages: When a machine on the network goes Down, the user Session is lost, which may cause a single point of failure
Centralized cache management
- Description: A Session is stored on a machine in a distributed cache cluster, and the Session information is retrieved from the cache when users access different nodes
- Application scenario: The cluster has a large number of machines and a complex network environment
- Advantages: Good reliability
- Disadvantages: complex implementation, stability depends on the stability of the cache, Session information into the cache to have a reasonable policy to write
Currently used in production
- MemCache Management Session Implementation Based on Tomcat configuration
- Implementation based on OsCache and Shiro Multicast (Network influence)
- Spring-session + Redis (best)
Load Balancing Policy
The advantages and disadvantages of load balancing strategy and the implementation of the degree of difficulty are two key factors: load balancing algorithm, network system status detection mode and ability.
1. Rr polling scheduling algorithm. As the name implies, polling distribution requests.
Advantages: Simple implementation
Disadvantages: Does not consider the processing power of each server
2. WRR weighted scheduling algorithm. We assign weight to each server, and the load-balancing scheduler schedules the server according to the weight. The number of times the server is called is proportional to the weight.
Advantages: Different server processing capacity is taken into account
3. Sh original address hash: extract the user IP, obtain a key according to the hash function, and check the corresponding value according to the static mapping table, that is, the IP address of the target server. If the target machine is overloaded, it returns null.
4. Dh target address hash: Same as above, except that the TARGET IP address is extracted for hashing.
Advantages: Both algorithms can enable the same user to access the same server.
5, LC least connection. Priority is given to forwarding requests to servers with fewer connections.
Advantages: The load is more evenly distributed among servers in the cluster.
6, WLC weighted least connection. Add weights to each server based on LC. The algorithm is :(number of active connections *256+ number of inactive connections)÷ weight, the server with the smallest calculated value will be selected first.
Advantages: Requests can be allocated based on server capacity.
7, sed minimum expected delay. Sed is similar to WLC except that the number of inactive connections is not considered. The algorithm is :(active connection number +1)*256÷ weight, the server with the same calculated value is preferentially selected.
8. Nq never waits in line. Improved SED algorithm. If the number of connections to a server is 0, the equalizer will forward the request directly to it, without going through sed calculation.
9. LBLC is based on local minimum connections. According to the destination IP address of the request, the equalizer finds out the server whose IP address is used recently and forwards the request to the server. If the server is overloaded, the least number of connections algorithm is adopted.
LBLCR minimum local based connections with replication. According to the destination IP address of the request, the equalizer finds out the server group recently used by the IP address, which is not a specific server. Then, the equalizer uses the minimum number of connections to select a specific server from the group and forwards the request to the server. If the server is overloaded, then according to the least number of connections algorithm, in the cluster of servers not in the local server group, find a server to join the local server group, and then forward the request to it.
Reading and writing separation
MySQL master-slave configuration, read-write separation and introduction of middleware, open source MyCat, Ali’s DRDS are good choices.
If the high availability requirements are relatively high, but there is no corresponding technical support, it is recommended to use Ali Cloud RDS or Redis related database, save trouble, effort and money.
The full text retrieval
If you have search business requirements, it’s also a good choice to introduce Solr or ElasticSearch, rather than trying to cram everything into a relational database.
Cache optimization
Caching was introduced to take the pressure off back-end database services and prevent them from “going out of business.”
Common cache services include Ehcache, OsCache, MemCache and Redis. Of course, these are mainstream cache technologies that can stand the test, especially Redis has been applied in distributed cluster services on a large scale, and has proved its superior performance.
The message queue
Asynchronous notification: logical operations such as SMS authentication and email authentication that are not real-time feedback.
Traffic clipping: This should be a common scenario in message queues. It is commonly used in split-kill or group robbery activities.
Log processing: Logging is essential in the system, but how to deal with the high concurrency of the log is a technical task, if not careful, may overwhelm the entire service. ELK, the open source log we use at work, has a Kafka or redis in the middle (the difference between a crowd pouring in and a queue queuing in).
Messaging: point-to-point communication (person-to-person) or publish-subscribe mode (chat room).
The log service
The ELK open source log group mentioned in message queues is a good choice for small and medium sized startups.
Security optimization
All of the above can go to zero without security.
- Ali Cloud VPN virtual private network and security group configuration
- If you want to build an equipment room by yourself, configure firewall security policies
- If there are no special requirements for accessing related services, such as MySQL, Redis, and Solr, use Intranet access and set authentication
- Try to use proxy server, do not open too many ports
- HTTPS with HTTP/2.0 is also a good choice
The original link