On June 9, 2021, the Asia-Pacific Content Distribution Conference and CDN Summit was held in Beijing. Zhang Yiping, senior technical expert of Ali Cloud Edge cloud network, was invited to attend the conference and shared ali Cloud’s practice of building edge cloud all-station acceleration network system, which supported layered transmission acceleration of various application protocols based on edge cloud nodes. Provide a wide range of network acceleration infrastructure services for differentiated enterprise applications.
Zhang Yiping thinks: speed is a widely concerned business index in Internet business, speed produces value. In the scenario of video and interactive interaction, the video turn-on rate, playback lag rate, video clarity and interaction delay corresponding to speed directly affect user experience and retention. In financial and e-commerce transaction scenarios, the request response speed and success rate of each transaction are related to the operation of high-value business. In the scenario of all-station service interconnection, one-stop accelerated interconnection greatly improves service interconnection efficiency. From content acceleration to full station acceleration
Site-wide acceleration comes from content acceleration upgrades. Content acceleration is mainly static content acceleration, such as video on demand, file download. CDN improves user request efficiency and bandwidth carrying capacity through a large number of nodes, and realizes acceleration based on cache. In addition to video-on-demand, file download, static web pages and other services that can be cached for a long time, a large number of real-time services are emerging, which need to rely more on real network acceleration rather than the experience acceleration brought by the nearby static cache, such as online games, financial transactions, real-time audio and video communication, etc.
Unified routing scheduling based on edge cloud nodes is the key
The essence of route selection scheduling is to optimize global performance and cost based on differentiated customer services, scenarios, and resources. Resources are nodes and networks. A node contains CPU computing power, memory capacity, storage IO, and network IO. Business is long video, short video, download, live broadcast, financial transactions, edge rendering and so on; Scenarios include cache content (consuming storage capacity /I/O and network I/O), dynamic content (consuming network I/O and CPU computing power), and traffic calculation (consuming CPU computing power and memory capacity). Route selection scheduling can be understood as a process of real-time dynamic solution. On the premise of ensuring service quality, every type of resources can be consumed evenly as far as possible, especially the effective utilization of CPU computing power resources of edge cloud nodes.
Intelligent protocol stack is the basis of improving service quality
Match a more suitable transport protocol stack based on service, scenario, and environment differences to narrow the service differences of different resources. In the scenario of protocol stack optimization, it is divided into terminal link, intermediate link, and back source link.
1) Terminal link
Terminal oriented, make full use of data differences in terminal environment, drive matching the most suitable transmission algorithm. The differences in network environment, service type, time and other aspects of terminal access reflect different quality of service. Transport protocol matching is the most effective means to optimize quality and network cost at the same time.
2) Intermediate link and back link
Large-scale link convergence ensures optimal transmission quality and stability, allows partial cost sacrifice, and avoids public network transmission fluctuation and interference to achieve link disaster recovery.
Full link diagnosis is the cornerstone of fast fault location and recovery
Quickly detect and locate anomalies from a business perspective to improve the recovery speed and o&M efficiency. Detection can be divided into two types:
1) Passive detection
Including TCP marking data statistics, starting from layer 7 business, marking tracking based on Request/Response dimension of business layer, packet dyeing based on layer 7 business marking when layer 7 is transferred to layer 4, dyeing packet statistics and report of various gateways in the middle link, and finally anomaly diagnosis based on statistical data.
2) Active detection
With the help of a large number of terminals to feedback the service quality from the perspective of the end user, through the refined mutual detection of its own thousand nodes, linkage and automatic disposal of abnormal, in addition, the third-party broadcasting platform can be used to obtain the service quality assessment from the perspective of the third party.
Finally, the original three/four/seven layer independent quality detection is upgraded to three/four/seven layer through-correlation, forming the global perspective of accelerating the whole station and the whole link quality.
Build systematic security protection capabilities
When it comes to network security, the first thing that comes to mind is traffic attacks such as DDoS. As a basic capability, it must be possessed and belongs to resource-based capability. A single node does not have hundreds of GIGABytes of bandwidth reserve, so it is difficult to form effective anti-D capability. Aliyun has sufficient resource pools to prevent traffic attacks.
Zhang Yiping pointed out that in addition to resource side protection, it is also necessary to build security protection system, especially for dynamic content. Dynamic acceleration content has the characteristics of small request bandwidth and large business value. Compared with the most basic violent traffic attack, for dynamic content, more functions are crawler management and service brush prevention. For example, all kinds of prices and orders of e-commerce websites are a lot of dynamic content data, which will face crawler and order brushing, etc., and more protection needs to be done for these. Through establishing a complete set of security system of data analysis, do in-depth cooperation in business level, with the customer together to define what kind of dynamic request is normal, what is abnormal, and the abnormal request of different business what are the characteristics, how to respond to as far as possible to improve security ability and decrease of hitting probability;
The establishment of safety protection system needs to rely on the accumulation of offensive and defensive techniques and strategies, and this is the most valuable.
The core capability of network acceleration is also the foundation of edge cloud architecture. In each edge application scenario, the acceleration of the underlying network and interconnection between multi-clouds can help build the edge cloud ecosystem, standardize interfaces, collaborate across networks, and deploy services across clouds, providing broader and common infrastructure capabilities for upper-layer services.
At the end of the speech, Zhang Yiping expressed her views on future development: in the development of edge cloud ecology, scattered basic resource delivery will be more and more difficult to implement, scene application solution-type delivery will be the mainstream direction, open cooperation and win-win will be the main melody, looking forward to strengthening industrial cooperation and creating edge cloud ecology.