Teach you to learn dapr – 2 Must know concept

Time:2022-1-6

Sidecar side car

Dapr API provides two communication modes: HTTP and grpc.

The operation mode can be container or process (self hosted is recommended for Windows development, which will be explained later).

The advantage is that it has nothing to do with the running environment, and runs independently without applying the code containing the dapr runtime. You only need to integrate through the SDK, which separates dapr from the logic of the application.

Teach you to learn dapr - 2 Must know concept

Building blocks

Official explanation: modular best practices accessible through standard HTTP or grpc APIs

Generally speaking, it is API

The currently supported building blocks are as follows, but a new configuration API will be released soon in 1.5 (this new API confirms the essence of building blocks), which is led by Ali Ao Xiaojian

Github Issue: https://github.com/dapr/dapr/…

The proposal is long and tortuous. If you look carefully, you will find some ideological collisions in the environment of Chinese and foreign development. Microsoft is relatively conservative, Ali is relatively radical, but also more pragmatic. The final version was finalized after months of intense discussion.

During this period, I also had the honor toAli Ao swordandAli - Ceremony(layotto’s R & D classmate, layotto is compatible with dapr protocol, which is done by ants), held a voice conference and talked about some design problems about configuration API together.

  • Service call
  • State management
  • Publish and subscribe
  • binding
  • Actor (this is not recommended to be translated back into Chinese)
  • Observability
  • security

Teach you to learn dapr - 2 Must know concept

Components component

Official explanation: modular functions used for building blocks and applications

Dapr uses modular design to provide functions as components. Each component has an interface definition. All components are pluggable, so you can replace the component with another component with the same interface.

In combination with building blocks, components have interface definitions. Building blocks connect the functions of components through interfaces

Based on the understanding of dapr design, ourMASA FrameworkBuildingblocks and contrib are also defined, which are slightly different from dapr

The reasons are as follows:

  1. Standard and serial business processes are defined by buildingblocks
  2. Let contrib become our best practice, and allow the development to redefine the specific implementation of buildingblocks. On the premise of ensuring the integrity of functions, it provides functions more in line with business scenarios and reference codes
  3. Focus on core code stability, provide unit test coverage guarantee and share public wisdom

Components do not correspond to building blocks one by one. Components can be reused by different building blocks. For example, the state management in the actor building block is also a state storage component

  • State storage
  • Service discovery
  • middleware
  • Publish subscribe agent
  • binding
  • Key storage

Configuration configuration

Official explanation: change the behavior of dapr sidecar or global dapr system service

The configuration definition and deployment form is yaml file

In the component sepcs of the official document, you can see how many implementations are provided for each component and the support of each implementation feature

In addition, there are all kinds of configuration file formats for different components

The official document explains the component configuration in great detail. Here is an example of the configuration file format of redis state management

The part you need to change has been used<>And#Marked

Reference from: https://docs.dapr.io/referenc…

apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
  name: <NAME>
  namespace: <NAMESPACE>
spec:
  type: state.redis
  version: v1
  metadata:
  - name: redisHost
    value: <HOST>
  - name: redisPassword
    value: <PASSWORD>
  - name: enableTLS
    value: <bool> # Optional. Allowed: true, false.
  - name: failover
    value: <bool> # Optional. Allowed: true, false.
  - name: sentinelMasterName
    value: <string> # Optional
  - name: maxRetries
    value: # Optional
  - name: maxRetryBackoff
    value: # Optional
  - name: ttlInSeconds
    value: <int> # Optional

Observability

Official explanation: through tracking, indicators, logs and health monitoring applications

When building an application, understanding how the system works is an important part of operation and maintenance – this includes the ability to observe the internal calls of the application, evaluate its performance, and be aware of problems immediately when they occur

This is a challenge for any system, especially for distributed systems composed of multiple microservices

Distributed tracking

Configure sending tracking data to easily integrate multiple monitoring backend

Teach you to learn dapr - 2 Must know concept

OpenTelemetry collector

Configure the opentelemetry collector and use the monitoring backend that supports opentelemetry

Teach you to learn dapr - 2 Must know concept

Dapr sidecar and observability of system services

Configure and collect indicators and logs of dapr sidecar and related services

Teach you to learn dapr - 2 Must know concept

Security

One of the security mechanisms used by dapr to encrypt data in transmission is mutual authentication TLS or MTLs

  • Two way authentication
  • Communication via encrypted channel

Sidecar and application communication

Dapr sidecar communicates with the application through localhost and provides token API level authentication

Communication between sidecars

Dapr turns on MTLs by default (it can be turned off manually, with certain performance loss, which can be ignored in most cases). Dapr uses sentry’s system services as a certification authority, including certificate rotation.

The default validity period of the certificate is 24 hours, and the clock deviation is 15 minutes.

Self Hosted mTLS

Teach you to learn dapr - 2 Must know concept

K8s mTLS

Teach you to learn dapr - 2 Must know concept

Communication between sidecar and system services

There is mandatory MTLs between dapr sidecar and dapr system services, including Sentry (certification authority), placement (actor placement service) and k8s operator

MTLs of system service in k8s

  • Dapr sidecar and dapr system services (actor placement, sidecar injector, sentry, operator) are connected through MTLs
  • Kubelet and dapr sidecar are also connected through MTLs
  • Dapr sidecar or dapr system services and components are also connected through MTLs
  • There is no connection between dapr sidecar and the application

Teach you to learn dapr - 2 Must know concept

In fact, dapr has done a lot of work in security, so we won’t list them one by one here

We are moving towards a new framework and a new ecology

Our goal isFreeEasy to useHighly malleableFeature richRobust

Therefore, we are making a new framework based on the design concept of building blocksMASA Framework, what are its characteristics?

  • The native supports dapr and allows dapr to be replaced by traditional communication methods
  • The architecture is unlimited, and single applications, SOA and microservices are supported
  • support. Net native framework to reduce the learning burden. In addition to the concepts that must be introduced in specific fields, we insist on not making new wheels
  • Rich ecological support, in addition to the framework, there are a series of products such as component library, permission center, configuration center, troubleshooting center, alarm center and so on
  • The unit test coverage of the core code base is 90%+
  • Open source, free, community driven
  • What else? We’re waiting for you to discuss it together

After several months of production project practice, POC has been completed, and the previous accumulation is being reconstructed into a new open source project

At present, the source code has been synchronized to GitHub (the document site is under planning and will be gradually improved):

MASA.BuildingBlocks

MASA.Contrib

MASA.Utils

MASA.EShop

BlazorComponent

MASA.Blazor

QQ group: 7424099

Wechat group: add technology operation wechat (masastacktechops), note the purpose, and invite to join the group

Teach you to learn dapr - 2 Must know concept
Reprinted from: (Guiguzi)

Recommended Today

Redis Client On Error: Error: write ECONNABORTED Config right

Solve the redis client on error: error: write econnaborted config rightwe Problem Description: Solution: 1. First, check whether the firewall of Linux is turned on Turn off the firewall [[email protected]]# systemctl stop firewalld.service Open 6379 port number [[email protected]]# sudo firewall-cmd –zone=public –add-port=6379/tcp –permanent success [[email protected]]# sudo firewall-cmd –reload success 2. Check whether the redis startup […]