嚴選應用的雲原生演進實踐

原創 严选技术产品团队 2020-12-29 23:28
{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"2019年初,嚴選的服務數量已經近千,系統越來越龐大。爲了能更好地支撐上業務的蓬勃發展,嚴選團隊和網易輕舟團隊開啓了雲原生平臺的共建項目,以此拉開了嚴選應用雲原生演進的帷幕。本文主要從嚴選的視角介紹一下相關的實踐過程。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"1. 背景"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Cloud Native 這個名詞最近幾年一直很火,Pivotal和CNCF 都出過相關的定義,但本質都是爲了引導應用在業務日益複雜多變的場景下可以更好地利用雲基建,做到更加敏捷高效。2019年初,嚴選的服務數量已經近千,系統越來越龐大。爲了能更好地支撐上業務的蓬勃發展,嚴選團隊和網易輕舟團隊開啓了雲原生平臺的共建項目,以此拉開了嚴選應用雲原生演進的帷幕。本文主要從嚴選的視角介紹一下相關的實踐過程。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"對於嚴選來講,將應用逐步演進到雲原生的核心在於:"},{"type":"text","marks":[{"type":"strong"}],"text":"“簡化”"},{"type":"text","text":",主要體現在以下三個方面:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"以服務網格的演進,實踐中間件下沉到基礎設施:"},{"type":"text","marks":[{"type":"strong"}],"text":"簡化應用內的非業務邏輯"},{"type":"text","text":"。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"通過容器化,落地不可變基礎設施:"},{"type":"text","marks":[{"type":"strong"}],"text":"簡化應用所處執行環境的搭建和維護"},{"type":"text","text":"。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"實踐基於雲的DevOps:"},{"type":"text","marks":[{"type":"strong"}],"text":"簡化應用在不同週期階段內的流轉複雜度"},{"type":"text","text":"。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在整體演進中,我們主要從以下幾個方面去考慮實施方案:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"標準化"},{"type":"text","text":":一方面用於償還部分歷史遺留的技術債務;另一方面爲不可變基礎設施的落地做好鋪墊。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"減少源碼變更"},{"type":"text","text":":降低遷移成本,保障業務正常迭代,同時也能減少由於遷移引入的bug"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"基礎設施適配,業務弱感知完成遷移"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"高可用的平滑遷移"},{"type":"text","text":":爲線上業務的可靠性保駕護航"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"發佈平臺賦能業務遷移高可用:灰度引流、版本分流"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"基於邊緣網關的混合雲方案:雲內外自動兜底,實現業務逐步平滑遷移上雲"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"性能調優"},{"type":"text","text":":面對由於服務網格,異地機房等帶來的性能挑戰"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"引入sr-iov容器網絡,降低sidecar轉發帶來的損耗"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"突破istio原生性能瓶頸:利用遙測數據進行自動配置瘦身"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"2. 實踐"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"應用演進的關鍵點基本都圍繞着Heroku 提出的12-factor展開,整體的演進節奏類似於建造一座大樓。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.infoq.cn\/resource\/image\/62\/7a\/62fea31e5497e76ccffcb4899331fa7a.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"2.1 第一階段"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"“打地基”"},{"type":"text","text":":以嚴選DevOps項目作爲主線,在異構的底層設施上構建近似的應用執行環境,弱化業務應用對基礎設施的直接感知。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"CMDB"},{"type":"text","text":":從服務出發,管理人員、服務、資源三者之間的關係,使上層應用可以用統一的抽象概念看待雲內和雲外不同的底層資源和基礎設施。(參見:"},{"type":"link","attrs":{"href":"http:\/\/mp.weixin.qq.com\/s?__biz=MzI1NzQ2MzgyMw==&mid=2247483992&idx=1&sn=48df9924fa7250d89c86a6ef104c55a0&chksm=ea164138dd61c82ef4c55c98b4ee43730fd26c775d1a5c1632b7df40c31188e917658d765573&scene=21#wechat_redirect","title":"","type":null},"content":[{"type":"text","text":"《嚴選DevOps工具鏈的建設》"}]},{"type":"text","text":")"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"Opera"},{"type":"text","text":":以製品爲中心,在製品上貫徹雲原生“不可變基礎設施”的理念,同一製品貫穿測試、迴歸、線上等環境的全生命週期。同時統一部署流水線,統一發布依賴、發佈流程、發佈腳本的編排,爲應用在雲內、雲外不同環境下的部署行爲提供相同的功能和操作習慣,降低遷移時的學習成本。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"日誌平臺"},{"type":"text","text":":提供了日誌實時採集、分流、數據投遞與存儲的全流程能力,同時提供日誌質量檢查及查詢分析能力,全面提升嚴選的數據質量與海量日誌處理\/分析能力,特別是對於容器環境下組件衆多,依賴複雜的場景,一套高效的日誌處理系統能爲業務應用的日常監控、異常診斷帶來必需的安全感。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"ServiceMesh"},{"type":"text","text":":實踐中間件下沉的核心抓手。嚴選服務端原先有基於consul+nginx 實現的簡版服務網格,該架構無法與k8s、docker等雲基礎設施有效融合,因此在雲內選用了istio作爲實施標準。(參見:"},{"type":"link","attrs":{"href":"http:\/\/mp.weixin.qq.com\/s?__biz=MzA5NTE1ODQyOQ==&mid=2247483717&idx=1&sn=1aa6341eff0c63a145f6f94e7ebc1a63&chksm=9042e8b7a73561a1dbae2511d7091130edce4aef900357578a4f895e139b240f7a33d8533094&scene=21#wechat_redirect","title":"","type":null},"content":[{"type":"text","text":"《架構不止-嚴選Service Mesh架構的持續演進》"}]},{"type":"text","text":" )"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"2.2 第二階段"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"“做框架”"},{"type":"text","text":":在第一階段的基礎上,選擇基礎技術服務和部分B端業務應用作爲落地的試點,完成服務容器化方案的框架指引。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"工程改造指引"},{"type":"text","text":":包含基礎鏡像規範、CI標準規範等,採用平臺方式,逐步將這些規範收歸到職能團隊,避免不同研發團隊的隨意發揮。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"部署驗證指引"},{"type":"text","text":":包含資源、權限申請流程、灰度驗證流程規範、回收流程等,確保流程依賴的正確性,並基於標準流程構建自動化流水線,從而達到效率提升的目標。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"流量管控"},{"type":"text","text":"(API網關,參見:"},{"type":"link","attrs":{"href":"http:\/\/mp.weixin.qq.com\/s?__biz=MzA5NTE1ODQyOQ==&mid=2247484566&idx=1&sn=77be1f0df7f9078db12561564d4254bb&chksm=9042ed64a73564727d60e5d99250770621bedc75fbaf8125f740b5c1772fa77165203116cf0c&scene=21#wechat_redirect","title":"","type":null},"content":[{"type":"text","text":"《嚴選網關架構演進之路》"}]},{"type":"text","text":")"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"數據面"},{"type":"text","text":":和輕舟協作,構建基於envoy的API網關,將原本嚴選API網關的一些能力以插件形式移植到了雲原生網關中,保證了業務所需。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"控制面"},{"type":"text","text":":改造原有嚴選的管理平臺,適配輕舟API,確保用戶使用習慣儘可能保持一致,同時減少了嚴選內部其他依賴網關的管理系統的變更。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"2.3 第三階段"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"“建管道”"},{"type":"text","text":":Backing Service雲化,服務治理能力深入,開始試點一些延遲敏感型的活動類業務應用改造。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"Backing Service雲化"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"DB、緩存、MQ這幾個核心的Backing Service切換到雲內,一方面降低異地機房帶來的性能損耗,另一方面也能有更高效的擴縮容流程"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"通過嚴選自研的中間件可以在應用不需要重啓的情況下,將應用所依賴的這些支撐服務動態地從雲外資源切換到雲內資源。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"服務治理能力深化"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"Service Mesh調優:"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"實現熱升級機制,避免sidecar更新時對業務應用的影響;"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"增加灰度發佈機制,降低網格更新時的風險;"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"提供配置瘦身功能,降低大量節點場景下配置更新時的性能損耗。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"引入基於sr-iov容器網絡的高性能節點"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"強化SNest 服務門戶"},{"type":"text","text":":將底層從定義、生命週期、版本、遷移、註冊、監控、所有權等多個方面的服務治理能力層統一進行包裝和暴露,提升日常使用時的效率。(參見:"},{"type":"link","attrs":{"href":"http:\/\/mp.weixin.qq.com\/s?__biz=MzI1NzQ2MzgyMw==&mid=2247484061&idx=1&sn=29f633be064cf0d4c0e1b0f77dfe74a0&chksm=ea1641fddd61c8ebddec11b81d25c81d017b762a2f9efac202200dc5b10a0de79b3815f4252e&scene=21#wechat_redirect","title":"","type":null},"content":[{"type":"text","text":"《在路上:嚴選服務治理實踐》"}]},{"type":"text","text":")"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"C端活動的上雲"},{"type":"text","text":"試點,作爲上述兩個方向能力發展的驗證落地,已經準備好應對雙11大促的流量。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"2.4 第四階段"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"“搭房間”"},{"type":"text","text":":開啓線下環境的治理(該階段和第三階段會有部分重疊),由點到面地推進演進範圍;擴大應用雲化後的收益,例如:自動化地按需快速擴縮容。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"開發環境構建"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"純粹的雲內環境,既能爲基礎設施提供測試驗證環境,也方便業務應用嘗試雲原生的改造,並且資源靈活可控。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"迴歸環境構建"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"完整模擬異地機房、雲內雲外異構基礎設施的應用混布環境,提供接近線上的基礎設施場景,爲業務應用在大規模演進過程中保駕護航。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"作爲嚴選環境治理的先鋒任務,迴歸環境的構建在逐步試錯和探索過程中前行。經歷了量化目標、梳理落地方案、具體的規劃集羣、基建梳理、業務梳理、環境數據構造等各種環節,困難重重也獲益良多。(參見:"},{"type":"link","attrs":{"href":"http:\/\/mp.weixin.qq.com\/s?__biz=MzI1NzQ2MzgyMw==&mid=2247483974&idx=1&sn=182855033697ed5b5ad52a53d053456c&chksm=ea164126dd61c830541361ffa1a0e0b7bd61032cff78d3de7f81b3744e795fde88cb08339d03&scene=21#wechat_redirect","title":"","type":null},"content":[{"type":"text","text":"《嚴選線下環境治理之路-迴歸環境篇》"}]},{"type":"text","text":")"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"3. 一些“收穫”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"如影隨形的“IP地址”"},{"type":"text","text":":應用中對ip的使用習慣幾乎滲透到了每個服務,從最基本的遠程調用,到簡單又有效的鑑權場景,也有用於生成分佈式id之類的。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"容器化時的第一步就是先引入IPRange機制,確保類似數據庫這些當前還是強依賴IP鑑權的服務能正常運作。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"基於IP的服務調用方式,需要切換到根據域名或者依賴service-mesh機制的服務調用路由"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這方面嚴選由於很早就已經啓用了服務網格的機制,因此改造代價不高,直接的IP地址主要集中在類似緩存,mq之類自身有負載均衡策略的第三方組件。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"基於IP的服務鑑權場景,由於涉及到的服務衆多,這塊的改造成本是最大的。目前嚴選的做法是爲每個服務頒發身份Token,利用服務網格的sidecar進行注入,需要鑑權的服務從原本針對ip的邏輯改爲針對token的邏輯。整個token的簽發和注入對上層應用都是透明的,即減輕了改造成本,也能儘量避免token的泄露。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"其他基於ip地址構建分佈式id,任務分配等場景,就只能根據服務邏輯一一進行改造了,但這些涉及到的服務不多,整體改造成本可控。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"系統整體的可觀測性"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"整個基礎設施的複雜度提高了很多,不少環境對應用來講變成黑盒了;一些以往登錄虛擬機上進行診斷之類的習慣做法也無法沿用。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"最常見的服務之間調用有點小問題,也不得不喊上網關或者服務網格的同事協助排除。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"容器化後對於整個監控體系,異常診斷體系都是一場大考,很容易發現原本工具鏈中的盲點,不得不靠人肉先頂上。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"嚴選在實踐中會和輕舟做數據打通:把關鍵組件的日誌、關鍵報警、k8s的重要事件等收納到自身的監控體系內,從而豐富應用維度能感知到的信息。此外,正在和輕舟協作一起實踐全鏈路故障的定位診斷服務。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"對團隊的影響"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"業務開發:現階段最大的可感知收益在於擴縮容的效率,雲內可以做到秒級的資源變更,在大促、重要活動等場景下能夠快速達成資源訴求。同時對基礎設施整體工具鏈提出了更迫切的需求。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Infra開發:在設計上需要更深入地分層,更多地思考採用非侵入式的實現,做好中間件的“下沉“ ,並解決下沉後帶來的性能損耗。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"QA:可以更靈活地調配資源用於線下環境治理,與運維配合保障各環境的一致性。同時負責在CI\/CD流程中做好規範的落地,避免應用標準腐化。"}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"運維:對基礎設施的管控能力有所提升,從而能夠在資源管控的精細化和全面自動化方面有更爲廣闊的提升空間。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"4. 後繼計劃"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"目前嚴選已累積上雲300+服務,每天支撐業務百億次調用; CICD接入率99%以上,平均每天通過基於容器雲的高可用的gitlab runner進行ci pipeline構建數千次,整體提升研發效能200%+。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"環境治理是當前的重點,我們會進一步完善迴歸環境,爲後繼性能敏感型應用的演進提供更全面的驗證環境,同時將會嘗試利用服務網格特性,構建基於服務版本的測試環境治理,提升數據共用場景下的業務集羣快速構建效率。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"對於嚴選應用來講,雲原生的演進之路纔剛剛走離泥濘小路,前面的路會越來越寬,也會有更大的挑戰,需要不斷前行!"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.infoq.cn\/resource\/image\/e8\/20\/e81aab24f04807124fa24f7c7c4b9920.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"作者簡介"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Saga, 網易嚴選基礎技術部技術總監,負責嚴選技術中後臺建設,目前專注在業務中臺、DevOps等效能提升方向的體系搭建和發展。"}]},{"type":"horizontalrule"},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"頭圖"},{"type":"text","text":":Unsplash"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"原文"},{"type":"text","text":":"},{"type":"link","attrs":{"href":"https:\/\/mp.weixin.qq.com\/s\/cFHtIlI-o6AugrSAv9_cCQ","title":"","type":null},"content":[{"type":"text","text":"嚴選應用的雲原生演進實踐"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"來源"},{"type":"text","text":":嚴選技術產品團隊 - 微信公衆號 [ID:YanxuanTechProd]"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"轉載"},{"type":"text","text":":著作權歸作者所有。商業轉載請聯繫作者獲得授權,非商業轉載請註明出處。"}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

嘉爲藍鯨WeOps與DeepFlow強強聯合,共同打造拓展性運維平臺

直達原文: 嘉爲藍鯨WeOps x DeepFlow | 強強聯合,共同打造拓展性運維平臺 運維管理在企業信息化建設中扮演着至關重要的角色,嘉爲藍鯨WeOps一體化運維平臺致力於爲客戶提供更全面、智能的運維能力。在探索創新的過程中,我們深刻

原創 2024-04-26 23:23:22

華爲雲Stack8.3面向香港正式發佈,六大亮點激發雲上躍遷

本文分享自華爲雲社區《華爲雲Stack8.3面向香港正式發佈,六大亮點激發雲上躍遷》,作者:華爲雲頭條。 2024年4月23日,在華爲雲香港峯會2024上,華爲混合雲副總裁胡玉海面向香港市場發佈華爲雲Stack8.3,提供110+本地

原創 2024-04-26 10:33:21

RocketMQ 之 IoT 消息解析:物聯網需要什麼樣的消息技術?

前言: 從初代開源消息隊列崛起,到 PC 互聯網、移動互聯網爆發式發展,再到如今 IoT、雲計算、雲原生引領了新的技術趨勢,消息中間件的發展已經走過了 30 多個年頭。 目前,消息中間件在國內許多行業的關鍵應用中扮演着至關重要的角色。隨着數

原創 2024-04-24 23:40:04

“企業創新新引擎”數據庫專項賦能會,讓雲原生技術普惠千行百業!

本文分享自華爲雲社區《“企業創新新引擎”數據庫專項賦能會,讓雲原生技術普惠千行百業!》,作者: GaussDB 數據庫。 4月19日,由福州軟件園科技創新發展公司和華爲技術有限公司聯合主辦的HCDG城市行福州站——“企業創新新引擎”數據庫專

原創 2024-04-24 10:32:53

日誌架構演進:從集中式到分佈式的Kubernetes日誌策略

當我們沒有使用雲原生方案部署應用時採用的日誌方案往往是 ELK 技術棧。 這套技術方案比較成熟,穩定性也很高,所以幾乎成爲了當時的標配。 可是隨着我們使用 kubernetes 步入雲原生的時代後, kubernetes 把以往的操作系統

原創 2024-04-23 11:47:10

【案例+PPT】普元信息臧一超:海量數據下“流批一體”的數據平臺演進路線

“數據中臺新範式”雲端峯會,深入解析湖倉一體、批流一體、治理與運營“三位一體”的數據中臺新範式特徵,普元信息數智研究院副院長臧一超在峯會發表演講《海量數據下的高性能流批一體數據開發平臺》。 18分鐘完整回放視頻見文末,拎幾個特別精彩的內

原創 2024-04-23 11:43:51

世界讀書日 | 開發者必讀書單重磅來襲,華爲雲DTSE專家天團力薦

本文分享自華爲雲社區《世界讀書日 | 開發者必讀書單重磅來襲,華爲雲DTSE專家天團力薦》,作者: 華爲雲社區精選。 春色恰如許,讀書正當時。 讀書,就像解鎖一把神祕鑰匙,爲開發者洞開新世界的大門,賦予他們破譯複雜難題的能力、挑戰未知領域的

原創 2024-04-23 10:32:58

雲原生週刊:Kubernetes v1.30 發佈 | 2024.4.22

開源項目推薦 pv-migrate pv-migrate 是一個 CLI 工具/kubectl 插件,可輕鬆將一個 Kubernetes 的內容遷移 PersistentVolumeClaim 到另一個 Kubernetes。 Claudi

原創 2024-04-22 22:46:27

活動回顧丨雲原生開源開發者沙龍北京站回放 & PPT 下載

“零信任架構” 是一種安全概念,它要求在任何時候不對任何請求默認信任,無論它的來源內部還是外部。服務安全性已成爲企業的核心關切,4 月 13 日,雲原生開源開發者沙龍在北京順利開展。阿里雲一線工程師圍繞《微服務面臨的安全挑戰、趨勢與解決方

原創 2024-04-22 21:12:01

從一次 RPC 請求,探索 MOSN 的工作流程

SOFA 六週年,歡迎來玩 本週六 4.20 上海螞蟻集團 S 空間 掃碼免費報名活動,來與 MOSN 社區負責人線下交流~ MOSN 社區歡迎您的加入! MOSN 官網:https://mosn.io/ MOSN Github:http

原創 2024-04-18 22:46:41

KCD上海站免費報名丨賞玉蘭花開,暢聊雲原生技術

Kubernetes Community Days(KCD) 上海2024 現已開放報名通道! 這是一場大型的面向開發者的技術交流會 在現場,你可以 與各路技術社區達人交流 battle 共同探討雲原生技術的最新進展 現場感受AI/操作

Zabbix中國 2024-04-17 22:13:22

4場和Zabbix春日約會,“承包”四月天

在全國各地和Zabbix相遇互動,4月活動集錦,來約會吧! 時間 活動名稱 城市 4/20(週六) KCD雲原生社區日 上海 4/20(週六) OceanBase開發者大會

原創 2024-04-17 22:13:19

實操|基於OceanBase打造更穩定的Zabbix監控系統

近日,Zabbix和OceanBase成功完成了兼容認證。Zabbix支持OceanBase作爲後臺數據庫存儲配置數據和歷史數據,並且性能更優於MySQL數據庫。 Zabbix簡略系統拓撲圖: Zabbix Server和Zabbix

Zabbix中國 2024-04-17 22:13:13

這篇 DolphinScheduler on k8s 雲原生部署實踐,值得所有大數據人看!

在當前快速發展的技術格局中,企業尋求創新解決方案來簡化運營並提高效率成爲一種趨勢。 Apache DolphinScheduler作爲一個強大的工具,允許跨分佈式系統進行復雜的工作流任務調度。本文將深入探討如何將Apache Dolphin

原創 2024-04-17 21:18:15

雲原生週刊:CNCF 2023 年度調查報告 | 2024.4.15

開源項目推薦 highlight 該項目是一個開源全棧監控平臺。其功能包括錯誤監控、會話重放、日誌記錄、分佈式跟蹤等。 Helm Compose Helm Compose 是一個 helm 插件,用於在單個配置文件中管理一個或多個圖表的多個

原創 2024-04-15 22:48:41