1. The concept

resources

This can be anything in a Java application, as long as the code defined through the Sentinel API is a resource that can be protected by Sentinel, for example, a service provided by the application, or another application called by the application, or even a piece of code. In most cases, resources can be identified using method signatures, urls, and even service names as resource names.

The rules

The rules set around the real-time status of resources can include flow control rules, fuse degrade rules, and system protection rules. All rules can be dynamically adjusted in real time.

2. Flow control

Free choice of control Angle, and flexible combination, so as to achieve the desired effect.

  • Resource invocation relationships. For example, resource invocation links and relationships between resources;
  • Operating indicators. For example: QPS, thread pool, system load, etc.
  • The effect of control. For example, direct current limiting, cold start, and queuing.

3. Fuse downgrade

Sentinel and Hystrix share the same principle: when a resource in the call link is unstable, such as timeout, and the proportion of exceptions increases, the call to this resource is restricted and the request fails quickly to avoid affecting other resources, resulting in an avalanche effect.

3.1. Design concept

Sentinel and Hystrix have taken radically different approaches to their limitations. Hystrix uses thread pools to isolate dependencies (resources). The benefit is the most complete isolation between resources. The disadvantage is that in addition to the increased cost of thread switching, there is also a need to allocate thread pool sizes for each resource up front. Sentinel approaches this problem in two ways:

Limit by the number of concurrent threads

Unlike the resource pool isolation approach, Sentinel reduces the impact of unstable resources on other resources by limiting the number of concurrent threads for resources. Not only is there no thread switching wastage, you don’t need to pre-allocate the size of the thread pool. When a resource is unstable, such as timeout, the direct impact on the resource is the gradual accumulation of threads. When the number of threads accumulates to a certain number on a particular resource, new requests for that resource are rejected. The stacked thread completes its task before continuing to receive requests.

Degrade resources by response time

In addition to controlling the number of concurrent threads, Sentinel can quickly degrade unstable resources through response time. If the response time of a dependent resource is too long, all access to the resource is denied until the specified time window expires.

4. Load protection

Sentinel also provides adaptive protection at the system dimension. Avalanche prevention is an important part of system protection. When system load is high, if you continue to let requests in, the system may crash and fail to respond. In a clustered environment, the network load balancer will forward the traffic that should be carried by this machine to other machines. If other machines are also in an edge state, the increased traffic will cause that machine to crash and the cluster to become unavailable. Sentinel provides a protection mechanism to balance incoming traffic with the load of the system and ensure that the system can handle the most requests within its capacity.

5. Working mechanism

  • Provide adaptive or display apis for mainstream frameworks to define resources that need to be protected, and provide facilities to perform real-time statistics on resources and call link analysis.
  • Traffic is controlled based on preset rules and real-time resource statistics. Sentinel provides an open interface for defining and changing rules.
  • Sentinel provides real-time monitoring of the current system status.

6. Main process of work

A resource corresponds to a resource name and an Entry. Entry can be created automatically by adapting to a mainstream framework, or explicitly by annotating or calling an API. A series of slot chains are created for each Entry. These slots have different responsibilities, such as:

  • NodeSelectorSlotCollect the paths of resources and store the call paths of these resources in a tree structure for limiting traffic degradation based on the call paths.
  • ClusterBuilderSlotThe statistics for storage resources and caller information, such as RT, QPS, thread count, etc., will be used as the basis for multi-dimensional traffic limiting and degradation.
  • StatisticSlotIt is used to record and collect statistics about runtime indicators at different latitudes.
  • FlowSlotIs used to control traffic according to preset traffic limiting rules and slot statistics.
  • AuthoritySlotAccording to the configured blacklist and whitelist and call source information, to do blacklist and whitelist control.
  • DegradeSlotCircuit breakers are demoted using statistics and preset rules.
  • SystemSlotThe total incoming traffic is controlled by the system state, such as load1.

Sentinel extends ProcessorSlot as an SPI interface (SlotChainBuilder as an SPI prior to version 1.7.2), making SlotChain extensible. Custom slots can be added to Sentinel by adding custom slots and ordering them.

7. Slot

7.1. NodeSelectorSlot

Collect the paths of resources and store the call paths of these resources in a tree structure for limiting traffic degradation based on the call paths.

ContextUtil.enter("entrance1", "appA"); Entry nodeA = SphU.entry("nodeA"); if (nodeA ! = null) { nodeA.exit(); } ContextUtil.exit();Copy the code

A context named entrance1 is created with contextutil.enter (), specifying the call initiator as appA; A token is then requested via sphu.entry (), and if this method executes successfully without throwing blockexceptions, the token request is successful.

In-memory structure

         machine-root
          /     
         /
  EntranceNode1
       /
      /   
DefaultNode(nodeA)
Copy the code

Note: Each DefaultNode is identified by the resource ID and input name. A resource ID can have multiple entries for DefaultNode.

ContextUtil.enter("entrance1", "appA"); Entry nodeA = SphU.entry("nodeA"); if (nodeA ! = null) { nodeA.exit(); } ContextUtil.exit(); ContextUtil.enter("entrance2", "appA"); nodeA = SphU.entry("nodeA"); if (nodeA ! = null) { nodeA.exit(); } ContextUtil.exit();Copy the code

In-memory structure

              machine-root
         /         \
        /           \
 EntranceNode1   EntranceNode2
      /               \
     /                 \
DefaultNode(nodeA)   DefaultNode(nodeA)
Copy the code

The above structure by calling the curl http://localhost:8719/tree? Type =root

EntranceNode: machine-root(t:0 pq:1 bq:0 tq:1 rt:0 prq:1 1mp:0 1mb:0 1mt:0)
-EntranceNode1: Entrance1(t:0 pq:1 bq:0 tq:1 rt:0 prq:1 1mp:0 1mb:0 1mt:0)
--nodeA(t:0 pq:1 bq:0 tq:1 rt:0 prq:1 1mp:0 1mb:0 1mt:0)
-EntranceNode2: Entrance1(t:0 pq:1 bq:0 tq:1 rt:0 prq:1 1mp:0 1mb:0 1mt:0)
--nodeA(t:0 pq:1 bq:0 tq:1 rt:0 prq:1 1mp:0 1mb:0 1mt:0)
t:threadNum  pq:passQps  bq:blockedQps  tq:totalQps  rt:averageRt  prq: passRequestQps 1mp:1m-passed 1mb:1m-blocked 1mt:1m-total
Copy the code

7.2. ClusterBuilderSlot

ClusterNode for building resources and invoking source nodes. ClusterNode keeps resource running statistics (response time, QPS, number of blocks, threads, exceptions, etc.) as well as a list of original caller statistics. The name of the source caller is marked by Origin in contextutil.Enter (contextName, Origin). By the following command to view different caller access a resource: curl http://localhost:8719/origin? Id = caller:

id: nodeA
idx origin  threadNum passedQps blockedQps totalQps aRt   1m-passed 1m-blocked 1m-total 
1   caller1 0         0         0          0        0     0         0          0        
2   caller2 0         0         0          0        0     0         0          0
Copy the code

7.3. StatisticSlot

StatisticSlot is one of Sentinel’s core functional slots for real-time call statistics.

  • clusterNodeRuntime statistics of ClusterNodes with unique resource identifiers.
  • originBased on statistics from different callers.
  • defaultnodeRuntime statistics by context entry name and resource ID.
  • Entry statistics.

Sentinel uses high-performance sliding window data structure LeapArray to count real-time second-level index data, which can well support high concurrency scenarios with more writes than reads.

7.4. FlowSlot

FlowSlot takes effect in a fixed sequence based on preset resource statistics. If a resource corresponds to two or more flow control rules, the rules are checked in the following order until they are passed or one rule takes effect:

  • Specifies the rules that apply, that is, flow limiting for the caller.
  • Rule that calls other.
  • Rule that invokes default.

7.5. DegradeSlot

The survival of a resource depends on its average response time (RT) and abnormal rates to determine whether it is felled in the next three months.

7.6. SystemSlot

SystemSlot dynamically allocates calls to entry resources based on the overall situation of the current system. The principle is to achieve a dynamic balance between the flow at the entrance and the expected capacity of the current system.

Note: System rules apply only to incoming traffic (call type entrytype.in), not to outgoing traffic. Sphu.entry (res, entryType) specifies the call type. If this is not specified, the default is entryType.out.

Examples of 8.

The core library (Java client) does not depend on any framework/library, depends on JDK7 or above operating environment, support Dubbo, Spring Cloud and other frameworks. The Dashboard is responsible for managing push rules, monitoring and managing machine information.

8.1. Rely on

< the dependency > < groupId > com. Alibaba. CSP < / groupId > < artifactId > sentinel - core < / artifactId > < version >, version 1.8.1 < / version > </dependency>Copy the code

8.2. Define resources

Resource is one of the core concepts in Sentinel. The most common resources are Java methods in our code. Of course, you can define your resources more flexibly, for example, by enclosing code that needs to control traffic with Sentinel API sphu.entry (“HelloWorld”) and entry.exit(). In the following example, we call system.out.println (” Hello world”); As a resource (protected logic), wrapped in an API. The reference code is as follows:

Public static void main(String[] args) {initFlowRules(); While (true) {// As of version 1.5.0, you can directly use the try-with-resources feature try(Entry = sphu.entry ("HelloWorld")) {// Protected logic System.out.println("hello world"); } catch (BlockException ex) {// Process the flow controlled logic system.out.println ("blocked!" ); }}}Copy the code

Annotation support

@sentinelResource ("HelloWorld") public void HelloWorld () {system.out.println ("Hello world"); }Copy the code

The helloWorld() method becomes a resource.

Note: The annotation support module needs to be used with Spring AOP or AspectJ.

8.3. Define rules

Use flow control rules to specify the number of requests that the resource is allowed to pass. For example, the following code defines a maximum of 20 requests per second for the resource HelloWorld.

private static void initFlowRules(){
    List<FlowRule> rules = new ArrayList<>();
    FlowRule rule = new FlowRule();
    rule.setResource("HelloWorld");
    rule.setGrade(RuleConstant.FLOW_GRADE_QPS);
    // Set limit QPS to 20.
    rule.setCount(20);
    rules.add(rule);
    FlowRuleManager.loadRules(rules);
}
Copy the code

8.4. Check the effect

CSP /${appName}-metrics.log. XXX

|--timestamp-|------date time----|--resource-|p |block|s |e|rt
1529998904000|2018-06-26 15:41:44|hello world|20|0    |20|0|0
1529998905000|2018-06-26 15:41:45|hello world|20|5579 |20|0|728
1529998906000|2018-06-26 15:41:46|hello world|20|15698|20|0|0
1529998907000|2018-06-26 15:41:47|hello world|20|19262|20|0|0
1529998908000|2018-06-26 15:41:48|hello world|20|19502|20|0|0
1529998909000|2018-06-26 15:41:49|hello world|20|18386|20|0|0
Copy the code

Where P represents the passed request, block represents the blocked request, S represents the number of requests successfully executed, E represents the user-defined exception, and RT represents the average response time. The program stably prints “Hello World” 20 times per second, the same threshold set in the rules.

8.5. Start the console

Download the console JAR package and start it locally. The client introduces the Transport module to communicate with the Sentinel console.

Client dependencies

<dependency> <groupId>com.alibaba.csp</groupId> <artifactId>sentinel-transport-simple-http</artifactId> The < version >, version 1.8.1 < / version > < / dependency >Copy the code

Started to join the JVM parameter – Dcsp. Sentinel. Dashboard. Server = consoleIp: specified console port address and port. Ensure access to the application. After completing the above steps, you can see the corresponding application on the Sentinel console.

9. User’s manual

Sentinelguard. IO/useful – cn/docs /…