Introduction: The original microservice users needed to build a lot of components, including some technical frameworks for PaaS microservices, IaaS, K8s, observable components, etc. SAE provides a holistic solution for all of these aspects, allowing users to focus only on their own business systems, which significantly lowers the barrier to microservice technology.

The author | Chen tao

The benefits and pain points of microservices architecture

1. Background of microservices architecture

Back in the early days of the Internet, namely the web1.0 era, there were portal sites, single applications were the mainstream, and research and development teams were relatively small. The challenge was the complexity of technology and the lack of technical personnel.

In the Internet era of the new century, some large-scale applications, such as social networking and e-commerce, have emerged. The complexity of traffic and services has also increased significantly, and there have been hundreds or even thousands of R&D teams. After the expansion of r&d teams, collaboration has become a problem. SOA solutions are products of the Internet, and their core is distributed, split, and so on. However, because of the single point component like ESB, it is not well promoted. At that time, Alibaba launched HSF, open source Dubbo and other technologies, which were actually similar to a distributed solution. At that time, there was already the concept of microservice architecture.

The official name of microservice architecture was born in the era of mobile Internet, when life has been fully Internetized, a variety of life apps have emerged, and the complexity of netizens and traffic has been significantly enhanced compared with the Internet era of the new century. In addition, larger research and development teams have become mainstream. At this time, everyone has a higher pursuit of efficiency, not just a few giants need to have this technology. The introduction of microservices architecture and microservices technology, such as Spring Cloud, Dubbo and other frameworks, has greatly promoted microservices technology.

Now that we have entered the comprehensive digital age and the society is fully Internet, all kinds of units (including government and enterprises, and relatively traditional units) need strong RESEARCH and development capabilities. Traffic challenges, business complexity challenges, and the expansion of research and development teams have led to higher requirements for efficiency. At this time, the microservice architecture was further popularized and popularized.

After so many years of development, microservice architecture is an enduring technology, why it can have such sustainable development?

2. Advantages of microservices architecture

Let’s review the differences between microservice architecture and individual architecture and the core strengths of microservice architecture.

The core problem with single architecture is that there are too many conflicting domains, including shared code bases. Especially prone to conflict during development; The scale of the boundaries and modules is not clear, making the team less effective.

In the microservice architecture, the core lies in separation, including decoupled R&D state and decoupled deployment state, which greatly releases the r&d efficiency of the team. Simplicity is one reason why microservices architecture is sustainable.

3. Pain points in the micro-service era

According to the conservation of complexity law, we solve a problem, the problem will appear in another form, we need to solve again. As you can see, the era of microservices will introduce a lot of pain points, the core is stability. After some local calls are changed to remote calls, there may be a surge of stability points, including scheduling amplification, that is, some instability of the upper layer may be caused by some remote call problems at the bottom level, as well as the flow limiting degradation, call chain, etc.

The complexity of locating a problem in the era of microservices will also grow exponentially, and service governance may be required. In addition, without good design and foresight, there could be an explosion of microservice applications, including collaboration between developers and testers.

After years of development in microservices, the industry already has some solutions.

As shown above, if you want to better to play the micro service technology, in addition to develop their own business system, may be necessary to set up multiple systems, including the CI/CD, publishing systems, research and development process, the micro service component related tools, as well as the observability related real-time monitoring, alarm system, service management, call chain, etc., The IaaS resources for the o&M infrastructure are also required. In this day and age, in order to better operate and maintain IaaS resources, you may need to maintain a K8s cluster yourself.

Therefore, in this context, many enterprises will choose to build an operation and maintenance team, or middleware team, or some backend RESEARCH and development students part-time. But just think, how many companies are satisfied with the system they have built in-house? How much is the iterative efficiency of the system? Have you stepped on some open source pits? Have these pits been solved? These should be a constant pain point in the minds of ctos and architects of the enterprise.

Solutions for the Serverless era

1. Serverless Era

Serverless, which was first introduced in 2012, briefly reached a peak of influence in 2014 with the launch of a explosive product like Lambda. However, such a new thing, suddenly into the real, complex production environment, in fact, there are a lot of adaptation, including the need for improvement, so it may enter a low point in the next few years.

However, Serverless’s philosophy of “leaving simplicity to the user and complexity to the platform” is in the right direction. So in the open source community, including the industry, in fact, are continuing to carry out some Serverless exploration and development.

Aliyun launched Function Compute (FC) in 2017, and Serverless application engine SAE in 2018. In 2019 and the following years, Aliyun continued to invest in Serverless. Supports image deployment, reserved capacity, and microservice scenarios.

2. Serverless Market Overview

** In the latest Forrester Review in 2021, AliYun Serverless product capability is no. 1 in China, leading in the world, and Aliyun Serverless user share is no. 1 in China. ** This side shows that AliYun Serverless has more and more entered into the real production environment of enterprises, and more and more enterprises recognize Serverless and the capability and value of Aliyun Serverless.

3. SAE solutions

It can be seen that under the traditional microservices architecture, enterprises need to develop a lot of solutions to make good use of microservices related technologies. So in the Serverless era, what is the solution in THE SAE product?

As you can see, SAE takes Serverless to the extreme, not only hosting IaaS resources, including the upper-layer K8s, but also integrating white-screen PaaS and enterprise microservice-related and observable related suites. These are well integrated within the overall SAE solution, giving users an out-of-the-box microservices solution that makes it easy for enterprises and developers to use microservices.

1. 0 threshold PaaS

As can be seen in the figure, THE top layer of SAE provides users with a white screen operating system, whose design concept is very in line with the general PaaS systems of enterprises, including the release system or some open source PaaS systems, which greatly reduces the threshold for enterprises to start SAE, or even zero threshold. Including that it also incorporates some of Alibaba’s best releases, namely the release of three batting axes — observable, grayscale and rollback.

It also provides some enterprise-level capability enhancements, including namespace environment isolation, fine-grained permission control, and more. As you can see from the figure, in an enterprise, if there are two modules that are relatively independent of each other, it is possible to isolate them by namespace processes.

2. Enhanced microservices governance

In terms of microservice governance enhancement, especially in The Java language, SAE adopts an agent, which is non-intrusive, non-aware and zero-upgrade for users. Moreover, the agent is fully compatible with open source, enabling users to almost no modification. You can use lossless lower limits, API management, current-limiting degradation, link tracing, and so on.

3, front and rear end full link gray scale

Here expand two capabilities, the first capability is front and rear end full link grayscale. With the aforementioned Agent technology, the SAE provides a full link from the Web request to the gateway to the Consumer to the provide, enabling users to implement a grayscale publishing scenario with a simple white-screen configuration. And if the enterprise needs to build such technology, the complexity of this should be very clear to everyone.

4. Cloud coordination on The CloudToolkit

The second capability is CloudToolkit’s end-to-end cloud coordination. As we all know, the number of applications in the microservice scenario presents an explosion trend. If so many applications need to be developed locally and started, how can we safely and conveniently connect a service on the cloud? Now, with the help of CloudToolkit, users can easily break through the cloud environment locally and conduct end-to-end cloud coordination, which greatly reduces the threshold of development and testing.

5. Powerful application monitoring & diagnosis

In the case of microservices, because of the rapid divergence of microservices and the extreme growth of call links, it is very complicated to locate the problem under the problematic scenario. SAE integrates various observable products of Alicloud, including Prometheus, IaaS, SLS, basic monitoring, etc., and provides rich solutions in Tracing, Logging, Metrics, etc., including query of requested links, indicator analysis of commonly used diagnostic scenarios. Basic monitoring, real-time logging, event notifications, etc., can greatly reduce some of the daily locating problems of enterprises in the micro service desk operation scenario.

SAE technical principles and construction of extreme elasticity

The three sections, zero-threshold PaaS, Enterprise microservices Suite, and Observables, have already been explained. Now it’s time to introduce one of Serverless’s core modules, which is building o&M free and resilient capabilities at the IaaS level.

1. SAE Business Architecture

In this SAE business architecture diagram, it is relatively clear that IaaS resources, including storage, network, and so on, do not need to be cared about by users. In addition, THE K8s is hosted by SAE as a component of the PaaS layer, so users do not need to operate and maintain the K8s themselves. On top of the K8s layer, SAE provides enhanced capabilities for microservices governance, application lifecycle management, and more. In addition, the resilience of SAE is up to 15 seconds, which can help developers cope with sudden traffic in many enterprise scenarios. In addition, through multiple sets of environments and some best practices, a cost reduction and efficiency increase can be achieved.

2. SAE technology architecture

So how does SAE build an IaaS and K8s resource that is o&M free and, for users, equivalent to no hosting?

As can be seen in the figure above, SAE actually uses a secure container technology at the bottom. Compared to Docker, secure container is equivalent to providing a virtual machine level security solution. In the RunC scenario, since the shared kernel is actually on the public cloud product, user A may penetrate into a container of user B, causing some security risks. The use of secure container technology, which is virtual machine related security technology, achieves a production level of security isolation, including secure container also into the K8s and container ecology. In this way, the combination of safe container and container ecology has achieved a better balance of safety and efficiency.

In addition, in terms of storage and network isolation, SAE not only needs to consider the network isolation on traditional K8s, but also needs to consider the public cloud products. Most users have a lot of storage resources and network resources on the public cloud, which also need to be broken through.

SAE uses the ENI card technology of cloud products to direct the ENI card into the security sandbox, enabling users to not only isolate a computing layer, but also to open up the network layer.

It can be seen that the mainstream security container technology now includes Kata, Firecracker, gVisor, etc. In SAE, the earliest and most mature Kata technology is adopted to achieve a computed safe isolation. In addition, the safety container not only implements a safety isolation, but also a performance isolation and fault isolation.

For example, in the RunC shared kernel scenario, a user’s Container causes some kernel failures, which may directly affect the physical machine. There is no risk of this in SAE based on the use of secure containers, and it will only affect that one secure container at most.

3. Extreme elasticity and extreme cost

As you can see in the figure below, if the elastic efficiency reaches an extreme, the cost to the user can also reach an extreme. By comparing the left and right graphs, you can understand one effect that elasticity can have on user costs.

1. SAE Extreme Resilience construction: deployment & restart

What does SAE do in terms of resilience? It can be seen that the creation process of a Pod in traditional K8s requires scheduling, creating init Container, pulling user image, creating user container, starting user container, application running, etc. Although it conforms to the design concept and specification of K8s, in the production environment, For some of the need for relatively efficient scenarios, in fact, it does not meet the requirements of the enterprise. With the help of the in-place upgrade strategy of CloneSet component in Alibaba open source, SAE does not need to rebuild the whole Pod, but only needs to rebuild the container in it, eliminating the process of scheduling and the creation of innt containr, and the deployment efficiency has been improved by 42%.

2. SAE Ultimate elastic construction: elastic capacity expansion

The SAE also implements a parallel scheduling in the mirror warm-up scenario. As you can see, in the standard scenario, scheduling to the user pull mirror is a serial process. An optimization is that when the POD recognizes that it is about to call into a single physical machine, it will start pulling the user’s image in parallel, which also achieves an elastic efficiency increase of 30%.

3. SAE Extreme Resilience construction: Java startup acceleration

So in the launch phase, we also did some flexibility and efficiency improvements. For example, Java applications in Serverless scenarios have actually been slow to start the pain point, the core is that Java needs to be loaded one by one. In some enterprise applications, this must be a relatively slow process for loading thousands of classes.

SAE implemented App CDS technology in combination with Alibaba’s open source Dragonwell, which will load the class into a compressed package when the application is first started. The subsequent application loading only needs to load the compressed package, which eliminates the need to load a large number of classes serialized. A 45% increase in deployment efficiency was achieved.

4. SAE Ultimate elastic construction

Finally, in the application running state, we also did some elastic enhancements. Microservice applications often need to be configured with a large number of threads, which are usually one-to-one counterparts to the underlying Linux threads. In high concurrency scenarios, there is a significant thread switching overhead. SAE combines alibaba’s open source Dragonwell and WISP thread technology, which matches hundreds of threads at the top to dozens of threads at the bottom, greatly reducing the overhead of thread switching.

The figure above shows one of our pressure measurements. The red line is the use of Dragonwell, WISP technology and you can see a 20% improvement in performance.

These are the technical principles and effects of SAE in Serverless, IaaS hosting and K8s hosting, as well as the construction of elastic efficiency.

Summary and Outlook

The original microservice users needed to build a lot of components, including some technical frameworks for PaaS microservices, IaaS, K8s, observable components, etc. SAE provides a holistic solution for all of these aspects, allowing users to focus only on their own business systems, which significantly lowers the barrier to microservice technology.

SAE continues to build capabilities for each module. Include:

  • On the zero-threshold PaaS side, microservices will continue to do some cloud product integration, including CICD toolchain. There will also be enterprise-level capability enhancements, such as approval flow.
  • We also provide more and more resilience, resilience metrics, resilience efficiency in the Serverless oH-free, extreme resilience, and these will continue to be built. Flexibility solutions such as AI prediction will also be provided to reduce the mental burden of setting resilience metrics.
  • In terms of the microservice ecosystem, we will also do more integration with the enterprise suite of microservices to further reduce the barriers to microservice technology, such as chaos engineering and remote debugging enhancements.

Finally, in terms of observability, SAE is equivalent to operating and maintaining the user’s application. Observability is also a very important capability for the SAE itself or for the platform itself, where we are constantly monitoring and alerting, including contingency and grayscale construction. Users will also need to host their applications on the SAE, which will require the product to lower the barrier of access for users, followed by application platters, event centers, and so on.

The original link

This article is ali Cloud original content, shall not be reproduced without permission.