Cabbage Java self study room covers core knowledge

Spring Cloud Alibaba combat (1) Prepare for Spring Cloud Alibaba combat (2) Nacos Article Spring Cloud Alibaba combat (3) Sentinel article Spring Cloud Alibaba Spring Cloud Alibaba (Zuul) Spring Cloud Alibaba (Zuul Cloud Alibaba Combat (8) SkyWalking

GitHub address: github.com/D2C-Cai/her…

1. Introduction of Sentinel

Sentinel is a high-availability traffic protection component for distributed service architecture. It mainly takes traffic as the entry point and helps developers guarantee the stability of microservices from multiple dimensions such as traffic limiting, traffic shaping, fuse downgrading, system load protection and hotspot protection.

Sentinel has the following characteristics:

  • Rich application scenarios: Sentinel has undertaken the core scenarios of Alibaba’s double Eleven traffic drive in the past 10 years, such as SEC killing (i.e. burst traffic control within the range of system capacity), message peaking and valley filling, cluster flow control, real-time fusing of unavailable downstream applications, etc.
  • Complete real-time monitoring: Sentinel also provides real-time monitoring capabilities. From the console, you can see a summary of the performance of a single machine-by-second data, or even a cluster of less than 500 machines, for accessing the application.
  • Extensive Open source ecosystem: Sentinel provides out-of-the-box integration modules with other open source frameworks/libraries, such as Spring Cloud, Dubbo, and gRPC. You can quickly access Sentinel by introducing the appropriate dependencies and simple configuration.
  • Sophisticated SPI extension points: Sentinel provides an easy-to-use, sophisticated SPI extension interface. You can quickly customize the logic by implementing an extension interface. For example, customize rule management and adapt dynamic data sources.

2. Use Docker to quickly build Sentinel 1.8

  1. Download the sentinel-dashboard-1.8.0.jar file from Github.

Official download address: github.com/alibaba/Sen…

  1. Select and create a directory on the Linux server.
mkdir sentinel-docker
Copy the code
  1. Go to the sentinel-Docker directory and put the downloaded sentinel-dashboard-1.8.0.jar into the directory.
cd sentinel-docker
Copy the code

  1. Create a new Dockerfile with the following contents:
ENV SENTINEL_HOME /opt/sentinel-dashboard RUN mkdir -p ${SENTINEL_HOME} COPY sentinel-dashboard-1.8.0.jar  ${SENTINEL_HOME} RUN chmod -R +x ${SENTINEL_HOME}/*jar WORKDIR ${SENTINEL_HOME} EXPOSE 8858 EXPOSE 8719 CMD java ${JAVA_OPS} - jar sentinel - dashboard - 1.8.0 comes with. The jarCopy the code
  1. Create a new sentinel-dashboard.yaml file with the following contents:
Version: '2' services: sentinel-dashboard: image: sentinel-dashboard:1.8.0 container_name: sentinel-dashboard restart: on-failure build: context: . dockerfile: Dockerfile ports: - "8858:8858" - "8719:8719" environment: - JAVA_OPS=-Dserver.port=8858Copy the code
  1. Execute the sentinel-dashboard.yaml script to start the container:
docker-compose -f sentinel-dashboard.yaml up
Copy the code
  1. Log in to the Sentinel console with the default user name Sentinel and password Sentinel:
http://(Install IP of Sentinel machine):8858Copy the code

There’s nothing in the Sentinel console right now. How do you use it? Here we don’t rush, first to configure the Spring Boot project client.

3. Introduce Sentinel client in Spring project

  1. Add POM file dependencies:
        <dependency>
            <groupId>com.alibaba.cloud</groupId>
            <artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
        </dependency>
Copy the code
  1. Add configuration to application.yml:
server: port: 10801 servlet: context-path: /api/member spring: application: name: member-service cloud: sentinel: Eager: true Transport: port: 8719 Dashboard: (IP for installing Sentinel machine):8858Copy the code
  1. Create a new Service class and add a method. Add the annotation @SentinelResource:
@Service public class MemberService { @SentinelResource(value = "sayHello", fallback = "sayHelloFail") public String sayHello() { return "Hello, Member! "; } public String sayHelloFail() { return "I am sorry, Member! "; }}Copy the code
  1. Create a new Controller class to call the Service method:
@RestController @RequestMapping public class HelloController { @Resource private MemberService memberService; @RequestMapping("/service") public String service() { return memberService.sayHello(); }}Copy the code
  1. Start the Spring project, then go to the console and find the project list has appeared, the real-time monitoring data is temporarily unavailable:
http://(Install IP of Sentinel machine):8858Copy the code

Note: If you are careful, you will notice that this port is not 8719, because I have several other services running on my machine, which are also configured with 8719 port. Sentinel automatically identifies conflicts and assigns ports according to the rule (port number +1).

  1. / API /member/service
# # # # request test GET http://localhost:10801/api/member/service Accept: * / * cache-control: no - CacheCopy the code

Request result:

Hello, Member! 
Copy the code
  1. / API /member/service

4. Sentinel console cooperated with actual combat of the project

4.1. Try to limit traffic on the access path

  1. Open the “cluster point Link” menu and try limiting the flow of the access path:

  • Resource name: unique name, default request path.
  • For source: Sentinel can limit the flow for the caller, fill in the microservice name, default(regardless of source).

The threshold type

  • QPS (Query Per Second) : The number of requests Per Second, which is how many requests are processed by the server in one Second.
  • Number of threads: When the number of threads calling the API reaches the threshold, traffic limiting is performed.

Flow control mode

  • Direct: When the API meets the traffic limiting condition, the API directly limits traffic.
  • Association: When the associated resource reaches the threshold, traffic limits itself. Interface A is associated with interface B. When interface B reaches the threshold, traffic limiting on interface A protects interface B. For example, the payment interface and the ordering interface, when the payment interface reaches the threshold, the ordering interface limits the flow and protects the payment interface.
  • Link: Records only the traffic on the specified link. If the traffic from a specified resource entry reaches a threshold, traffic limiting is performed.

Effect of flow control

  • Fast Failure: The default flow control mode. When the QPS exceeds the threshold of any rule, new requests are immediately rejected by throwing a FlowException. This method is suitable for situations where the processing capacity of the system is clearly known, such as when the exact water level of the system is determined by pressure measurement.
  • Warm up: indicates the Warm or cold startup mode. When the system has been at a low water level for a long time, when the flow suddenly increases, directly pulling the system to a high water level can suddenly overwhelm the system. Through the “cold start”, the flow slowly increases to the upper limit of the threshold in a certain period of time, giving the cold system a time to warm up, preventing the cold system from being overwhelmed.
  • Queuing: Strictly controls the interval between requests, that is, requests pass at an even speed, corresponding to the leak-bucket algorithm.
  1. I set QPS to 1, direct API, fast failure, so 1 second to multiple requests/API /member/service:
# # # # request test GET http://localhost:10801/api/member/service Accept: * / * cache-control: no - CacheCopy the code

Request result:

Blocked by Sentinel (flow limiting)
Copy the code

It turned out to have been blocked by Sentinel, which quickly failed.

4.2. Try to limit the flow of service resources

First, to prevent interference of multiple rules, delete the traffic limiting rule of the access path just set.

  1. Open the “Cluster Link” menu and try to limit the flow of service resources:

QPS (Query Per Second) : The number of requests Per Second, which is how many requests are processed by the server in one Second.

  1. I set the QPS value to 1, direct API, quick failure, so 1 second to call memberService.sayHello() several times:
# # # # request test GET http://localhost:10801/api/member/service Accept: * / * cache-control: no - CacheCopy the code

Request result:

I am sorry, Member!
Copy the code

Why is there no error? How can you make it back? Careful students will notice that I set the demote method sayHelloFail() to the credit:

    @SentinelResource(value = "sayHello", fallback = "sayHelloFail")
    public String sayHello() {
        return "Hello, Member! ";
    }

    public String sayHelloFail() {
        return "I am sorry, Member! ";
    }
Copy the code

4.3. Try to fuse the abnormal service

  1. Open the “Cluster Point Link” menu and try to fuse the abnormal service:

Fusing strategy

  • Slow call Ratio: Select slow call ratio as the threshold. You need to set RT (maximum response time) for slow calls. If the response time of a request is greater than this value, the request is counted as slow calls. If the number of requests in statIntervalMs is greater than the minimum number of requests and the ratio of delayed calls is greater than the threshold, the requests will be fused automatically in the following fuse duration. After the fuse duration, the fuse will enter the probe recovery state (half-open state). If the response time of the next request is less than the set slow-call RT, the fuse will end. If the response time is longer than the set slow-call RT, the fuse will be disconnected again.
  • Abnormal ratio: When the number of requests in statIntervalMs is greater than the minimum number of requests and the proportion of abnormal requests is greater than the threshold, the requests will be fused automatically in the following fuse duration. After the fuse period, the fuse enters the probe half-open state, terminating the fuse if the next request completes successfully (without error), otherwise it will be fused again. The threshold range for the abnormal ratio is [0.0, 1.0], representing 0-100%.
  • Number of exceptions: When the number of exceptions in a unit statistics period exceeds the threshold, the circuit breaker is automatically disabled. After the fuse period, the fuse enters the probe half-open state, terminating the fuse if the next request completes successfully (without error), otherwise it will be fused again.

  1. Let’s make a small change to the code and restart the project:
    @RequestMapping("/service")
    public String service(String name) throws InterruptedException {
        TimeUnit.MILLISECONDS.sleep(400);
        return memberService.sayHello(name);
    }
Copy the code
  1. I set the maximum tolerance response time to be 200ms at 50%, the code forces a delay of 400ms at 100% timeout, and I set the fuse to be 50% of 5 requests per unit of time. So more than 5 requests/API /member/service in 1 second:
# # # # request test GET http://localhost:10801/api/member/service Accept: * / * cache-control: no - CacheCopy the code

Request result:

Blocked by Sentinel (flow limiting)
Copy the code

It turned out that Sentinel had restricted access and the abnormal service was down.

  1. I set the fusing time as 2 seconds, after 2 seconds to request 2 times/API /member/service:
# # # # request test GET http://localhost:10801/api/member/service Accept: * / * cache-control: no - CacheCopy the code

Request result:

Hello, Member!
Copy the code
Blocked by Sentinel (flow limiting)
Copy the code

Why is this the result? Didn’t you just ask twice? And wasn’t it supposed to be cleared in two seconds? Because I have a mandatory delay of 400ms in my code, the request after 2 seconds still times out, the first success is due to the need for statistics.

After the Sentinel fuse duration, the fuse will enter the half-open state. If the response time of the next request is less than the set slow-call RT, the fuse will be terminated. If the response time is longer than the set slow-call RT, the fuse will be disconnected again.

  1. Similar to the situation in section 4.2, if I write a mandatory delay of 400ms in the code in the resource service:
    @SentinelResource(value = "sayHello", fallback = "sayHelloFail")
    public String sayHello(String name) throws InterruptedException {
        TimeUnit.MILLISECONDS.sleep(400);
        return "Hello, Member! " + name;
    }

    public String sayHelloFail(String name) {
        return "I am sorry, Member! " + name;
    }
Copy the code

Same setup, same request, more than 5 requests/API /member/service in 1 second:

# # # # request test GET http://localhost:10801/api/member/service Accept: * / * cache-control: no - CacheCopy the code

Request result:

I am sorry, Member!
Copy the code

It turns out that Sentinel has blocked access to the service. The exception service has been fusioned, but the sayHelloFail() method is set to return normal results.

4.4. Try to limit the current of hotspot parameters

  • Hot spots are frequently accessed data;
  • For example, the QPS of the item interface is limited to 100, and the request with the item ID is limited to 50, so that 50 QPS can be used to access other items.
  1. Let’s make a small change to the code, add a request parameter name**, and restart the project **:
@Service public class MemberService { @SentinelResource(value = "sayHello", fallback = "sayHelloFail") public String sayHello(String name) { return "Hello, Member! " + name; } public String sayHelloFail(String name) { return "I am sorry, Member! " + name; }}Copy the code
@RestController @RequestMapping public class HelloController { @Resource private MemberService memberService; @RequestMapping("/service") public String service(String name) { return memberService.sayHello(name); }}Copy the code
  1. Open the “Hotspot Rule” menu, add a new hotspot rule named “sayHello” :

  • Parameter index is set to 0, indicating the first request parameter
  • Set the single-node threshold to 10, and the statistics window duration to 1
  • Parameter Value Setting The character string is baicai. The traffic limiting threshold is set to 1

In general, same request/API /member/service? Name = XXX, QPS exception control is 1 when the parameter is passed to baicai, and QPS control is 10 when the parameter is passed to any other value.

  1. Try to request/API /member/service multiple times within 1 second? Name = baicai:
# # # # GET http://localhost:10801/api/member/service? request test name=baicai Accept: */* Cache-Control: no-cacheCopy the code

Request result:

I am sorry, Member! baicai
Copy the code
  1. Try to request/API /member/service multiple times within 1 second? Name = luobo:
# # # # GET http://localhost:10801/api/member/service? request test name=luobo Accept: */* Cache-Control: no-cacheCopy the code

Request result:

Hello, Member! luobo
Copy the code

It turns out that when the parameter is baicai, QPS above 1 is blocked, but the demotion sayHelloFail() method still returns results.

4.5. Try black and white list control

The source access control (whitelist control) feature of Sentinel can be used to determine whether a request is allowed to pass based on the source of the call. Source access control Controls whether a resource can pass based on the origin of the request. If a resource is whitelisted, the resource can pass only when the request source is in the whitelist. If the blacklist is configured, the request source in the blacklist does not pass, and the rest of the requests pass.

The results are similar, so I won’t go into too much detail here. Have you been overwhelmed by the power of Sentinel?

Spring Cloud Alibaba combat (1) Prepare for Spring Cloud Alibaba combat (2) Nacos Article Spring Cloud Alibaba combat (3) Sentinel article Spring Cloud Alibaba Spring Cloud Alibaba (Zuul) Spring Cloud Alibaba (Zuul Cloud Alibaba Combat (8) SkyWalking

GitHub address: github.com/D2C-Cai/her…