Current limiting artifact sentinel, don’t you know?

Time:2021-12-4

summary

Book back:What do you mean by current limiting?, the overall overview of current limiting is describedWhat is current limitingCurrent limiting modeandRealization of current limiting。 At the end of the articleDistributed current limiting, I didn’t do much introduction, so I chose to put it in this article. Explain it to everyone in detailSentinel

<div align=center ><img/ width=400></div>

With the most authoritative official Wiki:Alibaba sentinel, beginner’s Guide

Source code address of this article:https://github.com/jaycekon/S…

What is sentinel?

Traffic guard in distributed system

Let me quote the picture I drew before:

Current limiting artifact sentinel, don't you know?

Traffic guardWhat capabilities does it have?

Current limiting artifact sentinel, don't you know?

Sentinel’s ecological environment

along withAlibabaJava ecological construction, includingSpring Cloud AlibabaRocketNacosAnd many other open source technologies SentinelIt has good support and adaptation for various distributed application scenarios, which is why we chooseSentinelOne of the reasons for learning (low learning cost and many application scenarios)

Current limiting artifact sentinel, don't you know?

<div align=center ><img/ width=400></div>

Sentinel core concepts

1. Resources

resourcesyesSentinelMediumOne of the core concepts。 The most commonly used resource is in our codeJava method,A piece of code, orOne interface

Java methods:

@SentinelResource("HelloWorld")
public void helloWorld() {
    //Logic in resources
    System.out.println("hello world");
}

A piece of code:

//From version 1.5.0, you can directly use the try with resources feature to automatically exit entry
try (Entry entry = SphU.entry("HelloWorld")) {
            //Protected logic
            System.out.println("hello world");
    } catch (BlockException ex) {
            //Process flow controlled logic
        System.out.println("blocked!");
    }

One interface:

@RestController
public class TestController {
    @GetMapping("/test")
    public String test(){
        return "test";
    }
}

Use with console:

Current limiting artifact sentinel, don't you know?

2. Rules

SentinelMediumruleIt is provided to users to formulate different protection actions for different scenarios. The types of rules include:

  • flowControl rules
  • FuseDegradation rule
  • System protectionrule
  • Source access control rules
  • Hotspot parameter rule

This article will mainly explainflowFuseandSystem protectionThese three rules.

Define rules:

private static void initFlowRules(){
        List<FlowRule> rules = new ArrayList<>();
        FlowRule rule = new FlowRule();
        //Binding resources
        rule.setResource("HelloWorld");
        //Current limiting threshold type
        rule.setGrade(RuleConstant.FLOW_GRADE_QPS);
        //Quantity level
        rule.setCount(20);
        //Add to local memory
        rules.add(rule);
        FlowRuleManager.loadRules(rules);
    }

Current limiting rulesImportant attribute description:

Field explain Default value
resource Resource name, which is the object of flow restriction rules
count Current limiting threshold
grade Current limiting threshold type, QPS mode (1) or concurrent threads mode (0) QPS mode
limitApp Call source for flow control default, which means that the call source is not distinguished
strategy Call relationship current limiting strategy: direct, link and association According to the resource itself (direct)
controlBehavior Flow control effect (direct rejection / warmup / constant speed + queuing), and flow restriction according to call relationship is not supported Direct rejection
clusterMode Cluster current limiting no

Sentinel current limiting

1. Single machine current limiting

1.1. Introducing dependency

In the last article, it was mentionedRateLimiterThe single machine current limit is introduced here, and it is usedSentinelSingle machine current limiting

//Introducing sentinel core dependency into the project
<dependency>
    <groupId>com.alibaba.csp</groupId>
    <artifactId>sentinel-core</artifactId>
    <version>1.8.1</version>
</dependency>

1.2 define current limiting rules

Define protection rules:

private static void initFlowRules(){
        List<FlowRule> rules = new ArrayList<>();
        FlowRule rule = new FlowRule();
        //Binding resources
        rule.setResource("HelloWorld");
        //Current limiting threshold type
        rule.setGrade(RuleConstant.FLOW_GRADE_QPS);
        //Quantity level
        rule.setCount(20);
        //Add to local memory
        rules.add(rule);
        FlowRuleManager.loadRules(rules);
    }

1.3 define current limiting resources

According to the above descriptionresourcesDivision, we will mainlyCode blockDefined as a resource.

public static void main(String[] args) {
    //Configuration rules
    initFlowRules();

    while (true) {
        //From version 1.5.0, you can directly use the try with resources feature to automatically exit entry
        try (Entry entry = SphU.entry("HelloWorld")) {
            //Protected logic
            System.out.println("hello world");
    } catch (BlockException ex) {
            //Process flow controlled logic
        System.out.println("blocked!");
    }
    }
}

1.4 operation results

After the demo runs, we can log~/logs/csp/${appName}-metrics.log.xxxSee the following output in:

Current limiting artifact sentinel, don't you know?

➜  csp cat com-jaycekon-sentinel-demo-FlowRuleDemo-metrics.log.2021-07-03

|--timestamp-|------date time----|-resource-|p |block|s |e|rt
1625294582000|2021-07-03 14:43:02|HelloWorld|20|1720|20|0|2|0|0|0
1625294583000|2021-07-03 14:43:03|HelloWorld|20|5072|20|0|0|0|0|0
1625294584000|2021-07-03 14:43:04|HelloWorld|20|6925|20|0|0|0|0|0
  • pRequests adopted by representatives
  • blockRepresents a blocked request
  • sRepresents the number of requests completed successfully
  • eRepresents a user-defined exception
  • rtRepresents the average response time

<div align=center ><img/ width=400></div>

SentinelSingle machine current limiting, andRateLimiterWhat’s the difference?

Field Difficulty of implementation in distributed environment Spatial complexity Time complexity Limit burst traffic Smooth current limiting
Token bucket high Low O (1) High o (n) yes yes
sliding window in High o (n) Medium o (n) yes Relative realization

Appendix:Sentinel – implementation principle of sliding window

2. Console current limiting

2.1. Client Access Console

Super detailed documentation, refer to:Sentinel – console

Sentinel provides a lightweight open source console, which provides machine discovery, health management, monitoring (single machine and cluster), rule management and push functions.

downloadJar package (21m), or downloadSource code (4m)Compile by yourself after (not recommended. It takes longer to compile than downloading the jar package directly)

https://github.com/alibaba/Se…

After compiling, start the command

java -Dserver.port=8000 -Dcsp.sentinel.dashboard.server=localhost:8000 -Dproject.name=sentinel-dashboard -jar sentinel-dashboard-1.8.1.jar

Current limiting artifact sentinel, don't you know?

rails c

Current limiting artifact sentinel, don't you know?

2.2. Introducing dependency

The client needs to importTransportModule to communicate withSentinelCommunicate with the console. You canpom.xmlIntroducing jar packages

<dependency>
    <groupId>com.alibaba.csp</groupId>
    <artifactId>sentinel-transport-simple-http</artifactId>
    <version>1.8.1</version>
</dependency>

//You'd better write down the important dependencies in advance to avoid losing your little partner
<dependency>
    <groupId>com.alibaba.csp</groupId>
    <artifactId>sentinel-web-servlet</artifactId>
    <version>1.8.1</version>
</dependency>

then!!! I’m tired of coming to the place all afternoon!! In the official document, it is pointed out that it needs to be introducedCorresponding dependency configuration, good guy, if it’s so important, you’re so understated, your skull hurts!!!

<div align=center ><img/ width=400></div>

Current limiting artifact sentinel, don't you know?

The corresponding adaptation dependencies are

Good guy, basically all business scenarios are covered! Because of my DemoThe project is based onSpringBootThen I want to see the video under the cloud native microservice system. Good guy, I want to use itSpringCloud, you can refer to:《Spring-Cloud-Sentinel》

2.3. Defining resources

@SpringBootApplication
@Configuration
@RestController
public class SpringBootSentinelApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringBootSentinelApplication.class, args);
    }

    @Bean
    public FilterRegistrationBean sentinelFilterRegistration() {
        FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>();
        registration.setFilter(new CommonFilter());
        registration.addUrlPatterns("/*");
        registration.setName("sentinelFilter");
        registration.setOrder(1);

        return registration;
    }
    
    @RequestMapping("/index")
    public String index(){
        return "hello index";
    }
    
}

In the overview, we mentioned that the resources that need to be protected can beA code blockA methodperhapsOne interface。 Here throughFilterAll requests are defined as resources(/*), then our request process will be like this:

Current limiting artifact sentinel, don't you know?

2.4 operation results

Add startup parameters

-Dserver.port=8088 -Dcsp.sentinel.dashboard.server=localhost:8080 -Dproject.name=jaycekon-sentinel

Parameter Description:

  • server.port: service startup port
  • csp.sentinel.dashboard.server: status reporting machine IP: Port
  • project.name: monitoring item name

Current limiting artifact sentinel, don't you know?

Operation results:
Current limiting artifact sentinel, don't you know?

2.5 current limiting configuration

Current limiting artifact sentinel, don't you know?

Flow control effect

  • 1. Quick failure: direct failure
  • 2. Warm up: preheating mode. According to the value of codefactory (default 3), the set QPS threshold is reached after preheating time from threshold / codefactory. For example, if the QPS is set to 90 and the preheating is set to 10 seconds, the initial threshold is 90 / 3 = 30 and reaches 90 after 10 seconds.
  • 3. Queuing: for example, set the threshold to 10 and the timeout to 500 milliseconds. When the 11th request arrives, it will not directly report an error, but wait for 500 milliseconds. If the threshold still exceeds 10, it will be limited.

Operation results:

Current limiting artifact sentinel, don't you know?

Current limiting artifact sentinel, don't you know?

3. Cluster current limiting

After talking so much, I finally got to the coreCluster current limitingThe plan is ready, inSecond kill systemIn the design, we talk about many scenarios that take a single machine as a specific case for analysis. If our system needs to be expanded, how to do wellCurrent limiting scheme。 Assuming that there are 10 machines in the cluster, we set the single machine current limit threshold for each machine as 10 QPSIdeally, the current limit threshold of the whole cluster is 100 QPS。 However, in practice, the flow to each machine may beUneven, it will cause some machines to start current limiting when the total amount is not reached. Therefore, it is impossible to limit only by the single dimensionaccurateLimit the overall flow. andCluster flow controlIt can accurately control the total number of calls in the whole clusterSingle machine current limiting pocket bottom, it can give better play to the effect of flow control.

Introduce the core role of cluster current limiting:

  • Token Client: cluster flow control client, which is used to request token from the token server. The cluster current limiting server will return the results to the client to decide whether to limit the current.
  • Token Server: that is, the cluster flow control server handles the request from the token client and determines whether the token should be issued (whether it is allowed to pass) according to the configured cluster rules.

Structure diagram in embedded mode:

Current limiting artifact sentinel, don't you know?

Structure diagram in independent mode:

Current limiting artifact sentinel, don't you know?

Embedded Mode , i.e. the operation of issuing a token is completed by one instance, and other clients obtain access permission by requesting from the server.

Independent modeThat is, it is started as an independent token server process and deployed independently. It has good isolation, but additional deployment operations are required.

3.1 Alibaba cloud AHAS

In the above example code, the local mode is usedDemo, in the cluster current limiting scenario, let’s use the one provided by Alibaba cloudAHASService.

Console address:https://ahas.console.aliyun.c…

Import dependency:

//Sentinel AHAS dependency, including sentinel usage dependency
<dependency>
    <groupId>com.alibaba.csp</groupId>
    <artifactId>ahas-sentinel-client</artifactId>
    <version>1.8.8</version>
</dependency>

Here’s a point to note,AHASDependencies, includingSentinel, the dependencies to be used includesentinel-core,sentinel-web-servletandsentinel-transport-simple-http

Otherwise, it will appearSpiException, if yesSpiI don’t know much. I suggest adding a group to ask questions. Hey hey ~

com.alibaba.csp.sentinel.spi.SpiLoaderException

Current limiting artifact sentinel, don't you know?

Current limiting artifact sentinel, don't you know?

3.2. Enable Alibaba cloud AHAS service

There are official opening documents here, so I won’t repeat them,Document address

Find it hereLincense, and then add startup parameters:

-Dserver.port=8092 -Dproject.name=jaycekon-sentinel -Dahas.license=d1e21b0c8f2e4d87b5ac460b118dc58d -Dcsp.sentinel.log.use.pid=true

Current limiting artifact sentinel, don't you know?

Since we want to start multiple instances locally, we need to modify multiple ports of the service:

java -Dserver.port=8090 -Dproject.name=jaycekon-sentinel -Dahas.license=d1e21b0c8f2e4d87b5ac460b118dc58d  -Dcsp.sentinel.log.use.pid=true -jar sentinel-ahas-0.0.1-SNAPSHOT.jar

java -Dserver.port=8091 -Dproject.name=jaycekon-sentinel -Dahas.license=d1e21b0c8f2e4d87b5ac460b118dc58d  -Dcsp.sentinel.log.use.pid=true -jar sentinel-ahas-0.0.1-SNAPSHOT.jar

java -Dserver.port=8092 -Dproject.name=jaycekon-sentinel -Dahas.license=d1e21b0c8f2e4d87b5ac460b118dc58d  -Dcsp.sentinel.log.use.pid=true -jar sentinel-ahas-0.0.1-SNAPSHOT.jar

After generating access traffic, you can see the link status of the machine in the market:

http://localhost:8092/index

Current limiting artifact sentinel, don't you know?

3.3. Cluster flow control rule configuration

Current limiting artifact sentinel, don't you know?

Here are two concepts:

  • Cluster threshold: refers to the total number of accesses that our cluster can pass. There may be uneven distribution (which can avoid single machine error limit).
  • Degenerate single machine: when the token server access times out, that is, the token cannot be obtained from the remote end, it will fall back to the single machine flow restriction

Test current limiting, access only http://localhost:8092/index

Touch the critical value of current limit by hand brush (the hand speed is too hard ~), and then the overall current limit is consistent with our expectation.

Current limiting artifact sentinel, don't you know?

Degraded single machine

In cluster flow control, there is a token request timeout,ClientrequestServerAnd then return the data results. The whole process will take time for network requests. In the above test process, I increased the timeout, and each request can get a token. By modifying the request timeout, degradation is triggeredSingle machine current limiting

Current limiting artifact sentinel, don't you know?

Operation results:

Current limiting artifact sentinel, don't you know?

3.4. Server role conversion

In the embedded mode, roles are converted toServerorclient

http://<ip>:<port>/setClusterMode?mode=<xxx>

Where mode is0On behalf of client,1On behalf of server,-1On behalf of closed. Note that the application side needs to introduce the corresponding dependencies of the cluster current limiting client or server.

In stand-alone mode, we can directly create the correspondingClusterTokenServerInstance and pass it in the main functionstartMethod to start the token server.

Sentinel fuse

staySecond kill systemIn the case of, a complete link may containPlace an orderpaymentandLogistics dockingWait for multiple services (actually more than that few). In a complete link, each system interacts in the form of RPC / HTTP. In the following link diagram, if the payment method selected by the user existsDelay too highUnstable service, orService exceptionIn other cases, the whole link cannot be completed. The end result is that the user clearly grabs it, but can’t pay, resulting in the loss of orders.

Current limiting artifact sentinel, don't you know?

Modern microservice architectures areDistributedYes, by a lotserviceform. Different services call each other to form a complexCall link。 The above problems will produce amplification effect in link call. A ring on a complex linkinstable, it mightCascade layer by layer, eventually leading toEntire linkNot available. So we need to deal with instabilityWeakly dependent service invocationConduct fuse degradation, temporarily cut off unstable calls,Avoid the overall avalanche caused by local instability factorsFuse degradationAs a means of protecting itself, usually inClient (caller)Configure.

1. Fuse degradation

Add test code

    @RequestMapping("/myError")
    public String error(){
        if (true){
            throw new RuntimeException("sentinel run error");
        }
        return "error";
    }

staySentinel-Dashboard Configure degradation rules in

Degraded protection effect:

User access interface/myError, after an exception occurs, in the following10 seconds, will take the degradation strategy and return directly. It can well protect the server from excessive exceptions and occupying machine resources. At the same time, it can quickly respond to user requests.
Current limiting artifact sentinel, don't you know?

2. Fusing strategy

Sentinel provides the following fusing strategies:

  • Slow call ratio(SLOW_REQUEST_RATIO): select the slow call proportion as the threshold value. You need to set the allowed slow call RT (i.e. the maximum response time). If the response time of the request is greater than this value, it will be counted as slow call. When unit statistics duration(statIntervalMs)If the number of internal requests is greater than the set minimum number of requests and the proportion of slow calls is greater than the threshold, the internal requests in the next fusing time will be automatically blown. After fusing for a long time, the fuse will enter the detection recovery state (half-open state). If the response time of the next request is less than the set slow call RT, the fusing will be ended. If it is greater than the set slow call RT, it will be blown again.
  • Abnormal proportion(ERROR_RATIO): when unit statistics duration(statIntervalMs)If the number of internal requests is greater than the set minimum number of requests and the proportion of exceptions is greater than the threshold, the internal requests in the next fusing time will be blown automatically. After fusing for a long time, the fuse will enter the detection recovery state (half-open state). If the next request is successfully completed (no error), the fusing will be ended, otherwise it will be blown again. The threshold range for the exception ratio is[0.0, 1.0], representing 0% – 100%.
  • Different constant(ERROR_COUNT): when the number of exceptions in the unit statistical time exceeds the threshold, it will fuse automatically. After fusing for a long time, the fuse will enter the detection recovery state (half-open state). If the next request is successfully completed (no error), the fusing will be ended, otherwise it will be blown again.

summary

This paper mainly explains in detail how to actually contact current limiting and fusing through sentinel. For the underlying implementation of current limiting, there will be a special source code analysis in the follow-up. For fusing, this paper does not elaborate. The next article will bring you what fusing is, how it is actually used in the system, and common fusing strategies.

Project source code address:https://github.com/jaycekon/S…
welcomeStarandFork

Current limiting artifact sentinel, don't you know?

Pay attention and don’t get lost

Well, ladies and gentlemen, the above is the whole content of this article. I will update several high-quality articles related to large factory interviews and common technology stacks every week. Thank you for seeing here. If this article is well written, please join us for three times!!! Creation is not easy. Thank you for your support and recognition. See you in the next article!

I amJiuling, if there are children’s shoes that need communication, you can add me Wx,Jayce-KPay attention to the official account.Java Tutorial, master first-hand information!

If there are any mistakes in this blog, please comment and advice. Thank you very much!

Recommended Today

Hive built-in function summary

1. Related help operation functions View built-in functions: Show functions; Display function details: desc function ABS; Display function extension information: desc function extended concat; 2. Learn the ultimate mental method of built-in function Step 1: carefully read all the functions of the show functions command to establish an overall understanding and impression Step 2: use […]