SpringCloud Alibaba Sentinel realizes fusing and current limiting

Website:Github.com/alibaba/sen…

Chinese website: github.com/alibaba/Sen…

What is Sentinel?

With the popularity of microservices, stability between services becomes increasingly important. Sentinel takes flow as the entry point to protect the stability of service from multiple dimensions such as flow control, fusing downgrading and system load protection.Sentinel has the following characteristics:

  • Rich application scenarios: Sentinel has undertaken the core scenarios of Alibaba’s double Eleven traffic drive in the past 10 years, such as SEC killing (i.e. burst traffic control within the range of system capacity), message peaking and valley filling, cluster flow control, real-time fusing of unavailable downstream applications, etc.
  • Complete real-time monitoring: Sentinel also provides real-time monitoring capabilities. From the console, you can see a summary of the performance of a single machine-by-second data, or even a cluster of less than 500 machines, for accessing the application.
  • Extensive Open source ecosystem: Sentinel provides out-of-the-box integration modules with other open source frameworks/libraries, such as Spring Cloud, Dubbo, and gRPC. You can quickly access Sentinel by introducing the appropriate dependencies and simple configuration.
  • Sophisticated SPI extension points: Sentinel provides an easy-to-use, sophisticated SPI extension interface. You can quickly customize the logic by implementing an extension interface. For example, customize rule management and adapt dynamic data sources.

Key features of Sentinel:

Sentinel is divided into two parts:
  • The core library (Java client) is independent of any framework/library, can run in all Java runtime environments, and has good support for frameworks such as Dubbo/Spring Cloud.
  • The Console (Dashboard) is based on Spring Boot and can be packaged to run directly without the need for additional application containers such as Tomcat.

Docker installation Sentinel

Docker pull bladex/ sentinel-Dashboard # Run sentinel8858Docker run --name sentinel -d -p8858:8858Bladex/Sentinel-Dashboard # also started nacOS and mysqlCopy the code

Visit: http://120.92.164.250:8858/#/login

Both the account and password are Sentinel

demo
  1. Create a new module cloudBaba-Sentinel-Service8401
  2. pom
<dependencies> <! -- SpringCloud ailibaba nacos--> <dependency> <groupId>com.alibaba.cloud</groupId> <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId> </dependency> <! <dependency> <groupId> com.baba.csp </groupId> <artifactId>sentinel-datasource-nacos</artifactId> </dependency> <! -- SpringCloud ailibaba sentinel--> <dependency> <groupId>com.alibaba.cloud</groupId> <artifactId>spring-cloud-starter-alibaba-sentinel</artifactId> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-openfeign</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <! -- monitoring --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId> Spring-boot-starter -actuator</artifactId> </dependency> <! > <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-devtools</artifactId> <scope>runtime</scope> <optional>true</optional>
    </dependency>
    <dependency>
        <groupId>org.projectlombok</groupId>
        <artifactId>lombok</artifactId>
        <optional>true</optional>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
</dependencies>

Copy the code
  1. yml
server:
  port: 8401spring: application: name: cloudalibaba-sentinal-service cloud: nacos: discovery: Select * from localhost where localhost = 'localhost' where localhost = 'localhost';120.92164.250.:8848Sentinel: transport: # config Sentin dashboard120.92164.250.:8858# the default8719Port, if occupied will automatically from8719Port +1Scan until an unoccupied port is found:8719
        

management:
  endpoints:
    web:
      exposure:
        include: The '*'

Copy the code
  1. Start the class
@EnableDiscoveryClient
@SpringBootApplication
public class MainApp8401 {

    public static void main(String[] args) { SpringApplication.run(MainApp8401.class, args); }}Copy the code
  1. Test, start 8401, then refresh the sentinel background page (because sentinel adopts lazy load policy, it needs to call the service before it is displayed in the background)

Type in your browser and refresh the Sentinel background page:

http://localhost:8401/testA http://localhost:8401/testB

Types of rules

All Sentinel rules can be dynamically queried and modified in memory, and the changes take effect immediately. Sentinel also provides apis that allow you to customize your own rules policies.

Sentinel supports the following rules: flow control rules, fuse degrade rules, system protection rules, source access control rules, and hotspot parameter rules.

Flow Rules

A resource can have multiple traffic limiting rules at the same time. The rules are checked one by one.

If the number of requests per second exceeds 1, traffic limiting occurs.

A threshold type

QPS vs. thread count

: QPS(number of requests per second) : When the NUMBER of QPS calling the API reaches the threshold, flow limiting is performed

QPS is directly blocked out, and the number of threads is how many threads are processing, after put in, some threads are idle to process the request, none is idle, limiting the flow

QPS flow control

Direct: Fail quickly

Association: When the associated resource reaches the threshold, the system limits the flow of itself. When resource B associated with A reaches the threshold, the system limits the flow of itself

Link: Sentinel allows you to limit the flow of resources based only on statistics of an entry.

  • When the QPS exceeds a certain threshold, measures are taken to control the flow. Flow control effects include the following: direct rejection, Warm Up, uniform queuing. ControlBehavior field in FlowRule.

  • Note: If you use flow control effects other than direct rejection, the call relational traffic limiting strategy is ignored.

Direct refused to

  • Ruleconstant. CONTROL_BEHAVIOR_DEFAULT is the default traffic control mode. When QPS exceeds the threshold of any rule, new requests are rejected by throwing a FlowException. This method is suitable for situations where the processing capacity of the system is clearly known, such as when the exact water level of the system is determined by pressure measurement.

Warm Up

  • Warm Up (ruleconstant. CONTROL_BEHAVIOR_WARM_UP) : indicates the warmup/cold startup mode. When the system has been at a low water level for a long time, when the flow suddenly increases, directly pulling the system to a high water level can suddenly overwhelm the system. Through the “cold start”, the flow slowly increases to the upper limit of the threshold in a certain period of time, giving the cold system a time to warm up, preventing the cold system from being overwhelmed.

In line at a constant speed

  • In uniform queuing mode, RuleConstant.CONTROL_BEHAVIOR_RATE_LIMITER strictly controls the interval for passing requests, that is, requests pass at an even speed. This is based on the leak-bucket algorithm

Drop rules

  • RT: (average response time, second level) If the average response time exceeds the threshold and the request passes within the time window >=5, the degradation window period will be triggered and the circuit breaker will be closed after both conditions are met
  • Abnormal ratio: (second level) QPS >=5 and abnormal ratio (second level statistics) exceeds the threshold, triggering downgrade; When the time window ends, close the downgrade
  • Abnormal number :(minute statistics) when the threshold is exceeded, downgrade is triggered; When the time window ends, close the downgrade

Rules of the system

System protection rules are controlled from the entry flow of the application level. Application indicators are monitored from the load of a single machine, CPU usage, average RT, entry QPS and the number of concurrent threads, so that the system can run as fast as possible in the maximum throughput and ensure the overall stability of the system

System protection rules apply global latitude, not resource latitude, and apply only to inbound traffic. Inbound traffic refers to the traffic entering the application, such as Web services or requests received by the Dubbo server.

The system supports the following modes

  • Load adaptive: the Load 1 of the system serves as the heuristic indicator, and fine adaptive system protection. System protection is triggered when load1 exceeds the inspired value and the current concurrency exceeds the estimated system capacity
  • CPU usage: When the CPU usage exceeds the threshold, system protection is triggered
  • Average RT: Triggered when the average RT of all inlet flows on a single machine reaches a threshold, in milliseconds
  • Number of concurrent threads: System protection is triggered when the number of concurrent threads for all inlet traffic on a single machine reaches a threshold
  • Inlet QPS: System protection is triggered when the QPS of all inlet flows on a single machine reaches the threshold

For the system:

Hotspot key traffic limiting

What is a hotspot: A hotspot is frequently accessed data. In most cases, we want to collect statistics on the Top Key data that is accessed most frequently in a certain hotspot data and restrict its access:

Such as:

  • The item ID is used as a parameter to limit the ID of the most commonly purchased item over a period of time
  • The item ID is used as a parameter to limit the user IDS that are frequently accessed over a period of time

Methods:

    @GetMapping("/testB")
    @SentinelResource(value = "testHotKey",blockHandler = "deal_testHotKey")
    public String testB(a) {
        return "----testB";
    }


    // The bottom line
    public String deal_testHotKey(String p1, String p2, BlockException exception) {
        // The default hint for sentinel is Blocked by sentinel (flow limiting).
        return "-- deal_testHotKey, o (╥ man ╥) o";
    }
Copy the code

Set the current limit to 1 second

The service fuse is degraded

  • In addition to flow control, fusing downgrading of unstable resources in call links is also one of the important measures to ensure high availability. A service often calls another module, perhaps another remote service, a database, a third-party API, and so on. For example, when making a payment, you may need to remotely call the API provided by UnionPay. Querying the price of an item may require a database query. However, the stability of the dependent service is not guaranteed. If the dependent service is unstable and the response time of the request is longer, the response time of the method that invokes the service is also longer, threads pile up, and eventually the business’s own thread pool may be exhausted and the service itself becomes unavailable.

@SentineResource

  1. Traffic limiting by resource name
@RestController
public class RateLimitController {

    @GetMapping("/byResource")
    @SentinelResource(value = "byResource",blockHandler = "handleException")
    public CommonResult byResource(a) {
        return  new CommonResult(200."Limiting traffic by resource Name".new Payment(2020L."serial001"));
    }

	// The bottom line
    public CommonResult handleException(BlockException exception) {
        return  new CommonResult(444,exception.getClass().getCanonicalName() + "\t service unavailable"); }}Copy the code

  1. Traffic limiting by URL address
  @GetMapping("/rateLimit/byUrl")
    @SentinelResource(value = "byUrl",blockHandler = "handleException")	
    public CommonResult byUrl(a) {
        return  new CommonResult(200."Flow limiting test by byUrl".new Payment(2020L."serial002"));
    }
Copy the code

  1. Custom traffic limiting

Add custom classes

public class CustomerBlockHandler {

    public static CommonResult handlerException(BlockException exception) {
        return  new CommonResult(444."Glogal handlerException ---- 1 according to custom flow limiting tests");
    }

    public static CommonResult handlerException2(BlockException exception) {
        return  new CommonResult(444."Glogal handlerException ---- 2 according to custom flow limiting tests"); }}Copy the code

The new interface

 //CustomerBlockHandler
    @GetMapping("/rateLimit/customerBlockHandler")
    @SentinelResource(value = "customerBlockHandler", blockHandlerClass = CustomerBlockHandler.class, blockHandler = "handlerException2")
    public CommonResult customerBlockHandler(a) {
        return  new CommonResult(200."Perform custom flow limiting tests".new Payment(2020L."serial003"));
    }
Copy the code

  1. More notes

Rule persistence

Yml adds to datasource

	      datasource:
	        ds1:
	          nacos:
	            server-addr: 10.21155.26.:8848  #nacos
        		dataId: ${spring.application.name}
	            groupId: DEFAULT_GROUP
	            data-type: json
	            rule-type: flow

feign:
  sentinel:
    enabled: true# Activate Sentinel support for FeignCopy the code

Implement persistence of sentinel configurations.

  • Personal blog: blog.yanxiaolu.cn /