Istio的熔断功能

最新推荐文章于 2022-09-16 09:52:53 发布
最新推荐文章于 2022-09-16 09:52:53 发布
阅读量2.1k 收藏 5
点赞数
分类专栏: k8s学习之路 文章标签: istio 服务网格
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_50908696/article/details/122330674
版权

 一、熔断作用和原理   

1.1 熔断的作用   

        熔断,是创建弹性微服务应用程序的重要模式。熔断能够使您的应用程序具备应对来自故障、潜在峰值和其他未知网络因素影响的能力

        熔断机制其实是一种保护机制,在微服务架构中,服务部署在不同的节点上,如果服务成功响应请求,那么万事大吉。但事实往往并非如此,下游客户端需要受到保护,以免上游服务过慢。反过来,上游服务必须受到保护,以免因请求积压而过载。不然很可能导致整个系统响应过慢压力过大,最终系统崩溃。熔断机制则是个很好的解决方案。

1.2 熔断的原理

        熔断有三种状态:关闭、打开和半开,默认情况下处于关闭状态。

        关闭状态:无论请求成功或失败,到达预先设定的故障数量阈值前,都不会触发熔断。

        打开状态:当达到阈值时,熔断器就会打开。当调用处于打开状态的服务时,熔断器将断开请求,直接返回一个错误,而不去执行调用。通过在客户端断开下游请求的方式,可以在生产环境中防止级联故障的发生。

        半开状态:在经过事先配置的超时时长后,熔断器进入半开状态,这种状态下故障服务有时间从其中断的行为中恢复。如果请求在这种状态下继续失败,则熔断器将再次打开并继续阻断请求。否则熔断器将关闭,服务将被允许再次处理请求。
如下图,转载自banzaicloud

断路

 

1.3 istio熔断配置

        Istio的熔断可以在配置TrafficPolicy的内场Destination RuleIstio自定义资源。有两个字段TrafficPolicy与断路器相关:ConnectionPool和OutlierDetection。

ConnectionPool:可以为服务配置连接量,控制请求、挂起请求、重试或超时的最大数量

OutlierDetection:用于控制从负载平衡池中驱逐不健康的服务,控制服务从连接池中弹出之前的错误数量,并且可以设置最小弹出持续时间和最大弹出百分比。

Destination Rule配置熔断例子:

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: notifications
spec:
  host: notifications
  trafficPolicy:
    connectionPool:
      tcp:
        maxConnections: 1
      http:
        http1MaxPendingRequests: 1
        maxRequestsPerConnection: 1
    outlierDetection:
      consecutiveErrors: 1
      interval: 1s
      baseEjectionTime: 3m
      maxEjectionPercent: 100

  hosts指定请求目标,服务名notifications

  ConnectionPool中设置了在一定时间内只能和notifications 服务建立一个连接:每个连接最多只能有一个挂起(pending)的请求。如果达到阈值,熔断器将开启阻断请求

  OutlierDetection部分的设置用来检查每秒调用服务是否有错误发生。如果有,则将服务从负载均衡池中逐出至少三分钟(100%最大弹出百分比表示,如果需要,所有的服务实例都可以同时被逐出)。

如果 Istio 启用了双向 TLS 身份验证,则必须在应用目标规则之前将 TLS 流量策略 mode:ISTIO_MUTUAL 添加到 DestinationRule。否则请求将产生 503 错误

二、配置实验环境

1、创建一个提供响应请求的服务(httpbin )

2、创建一个熔断规则DestinationRule

3、创建一个负载测试客户端Fortio

4、测试触发熔断

2.1 创建httpbin服务

[root@k8s-master httpbin]# cat httpbin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: httpbin
---
apiVersion: v1
kind: Service
metadata:
  name: httpbin
  labels:
    app: httpbin
    service: httpbin
spec:
  ports:
  - name: http
    port: 8000
    targetPort: 80
  selector:
    app: httpbin
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: httpbin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: httpbin
      version: v1
  template:
    metadata:
      labels:
        app: httpbin
        version: v1
    spec:
      serviceAccountName: httpbin
      containers:
      - image: docker.io/kennethreitz/httpbin
        imagePullPolicy: IfNotPresent
        name: httpbin
        ports:
        - containerPort: 80
[root@k8s-master httpbin]# kubectl apply -f httpbin.yaml
serviceaccount/httpbin created
service/httpbin created
deployment.apps/httpbin created

查看pod已经启动成功


[root@k8s-master httpbin]# kubectl get pod
NAME                       READY   STATUS    RESTARTS       AGE
appv1-5cf75d8d8b-vdvzr     2/2     Running   4 (5d3h ago)   5d4h
appv2-684dd44db7-r6k6k     2/2     Running   4 (5d3h ago)   5d4h
httpbin-74fb669cc6-5hkjz   2/2     Running   0              70s

2.2 创建熔断规则

[root@k8s-master cricuit-breaking]# cat destinationrule.yaml
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: httpbin
spec:
  host: httpbin
  trafficPolicy:
    connectionPool:
      tcp:
        maxConnections: 1
      http:
        http1MaxPendingRequests: 1
        maxRequestsPerConnection: 1
    outlierDetection:
      consecutive5xxErrors: 1
      interval: 1s
      baseEjectionTime: 3m
      maxEjectionPercent: 100
[root@k8s-master cricuit-breaking]# kubectl apply -f destinationrule.yaml
destinationrule.networking.istio.io/httpbin created
[root@k8s-master cricuit-breaking]# kubectl get destinationrules.networking.istio.io
NAME      HOST                               AGE
canary    canary.default.svc.cluster.local   5d4h
httpbin   httpbin                            11s

[root@k8s-master cricuit-breaking]# kubectl get destinationrules.networking.istio.io httpbin -o yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
  annotations:

... ...

spec:
  host: httpbin
  trafficPolicy:
    connectionPool:
      http:
        http1MaxPendingRequests: 1
        maxRequestsPerConnection: 1
      tcp:
        maxConnections: 1
    outlierDetection:
      baseEjectionTime: 3m
      consecutive5xxErrors: 1
      interval: 1s
      maxEjectionPercent: 100
[root@k8s-master cricuit-breaking]#

2.3 创建负载测试客户端Fortio

[root@k8s-master cricuit-breaking]# cat fortio-deploy.yaml
apiVersion: v1
kind: Service
metadata:
  name: fortio
  labels:
    app: fortio
    service: fortio
spec:
  ports:
  - port: 8080
    name: http
  selector:
    app: fortio
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: fortio-deploy
spec:
  replicas: 1
  selector:
    matchLabels:
      app: fortio
  template:
    metadata:
      annotations:
        # This annotation causes Envoy to serve cluster.outbound statistics via 15000/stats
        # in addition to the stats normally served by Istio. The Circuit Breaking example task
        # gives an example of inspecting Envoy stats via proxy config.
        proxy.istio.io/config: |-
          proxyStatsMatcher:
            inclusionPrefixes:
            - "cluster.outbound"
            - "cluster_manager"
            - "listener_manager"
            - "server"
            - "cluster.xds-grpc"
      labels:
        app: fortio
    spec:
      containers:
      - name: fortio
        image: fortio/fortio:latest_release
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
          name: http-fortio
        - containerPort: 8079
          name: grpc-ping
[root@k8s-master cricuit-breaking]# kubectl apply -f fortio-deploy.yaml
service/fortio created
deployment.apps/fortio-deploy created
[root@k8s-master cricuit-breaking]#

查看创建pod状态


[root@k8s-master cricuit-breaking]# kubectl get pod
NAME                             READY   STATUS    RESTARTS       AGE
appv1-5cf75d8d8b-vdvzr           2/2     Running   4 (5d3h ago)   5d4h
appv2-684dd44db7-r6k6k           2/2     Running   4 (5d3h ago)   5d4h
fortio-deploy-687945c6dc-zjb7s   2/2     Running   0              41s
httpbin-74fb669cc6-5hkjz         2/2     Running   0              14m
[root@k8s-master cricuit-breaking]#

登入客户端 Pod 并使用 Fortio 工具调用 httpbin 服务,注意pod名要替换成刚刚查找出来的pod

[root@k8s-master cricuit-breaking]# kubectl exec fortio-deploy-687945c6dc-zjb7s fortio -- /usr/bin/fortio curl -quiet http://httpbin:8000/get
HTTP/1.1 200 OK
server: envoy
date: Wed, 05 Jan 2022 12:50:06 GMT
content-type: application/json
content-length: 594
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25

{
  "args": {},
  "headers": {
    "Host": "httpbin:8000",
    "User-Agent": "fortio.org/fortio-1.17.1",
    "X-B3-Parentspanid": "4d6f06146b076eb4",
    "X-B3-Sampled": "1",
    "X-B3-Spanid": "d01931edb506c09b",
    "X-B3-Traceid": "436319cccbb1ae594d6f06146b076eb4",
    "X-Envoy-Attempt-Count": "1",
    "X-Forwarded-Client-Cert": "By=spiffe://cluster.local/ns/default/sa/httpbin;Hash=31f26376fdc1840183774e5be2fe1d56ea196ef69acb2785b6710fe487fcd1df;Subject=\"\";URI=spiffe://cluster.local/ns/default/sa/default"
  },
  "origin": "127.0.0.6",
  "url": "http://httpbin:8000/get"
}
[root@k8s-master cricuit-breaking]#

2.4 测试触发熔断

        在 DestinationRule 配置中,我们设置了 maxConnections: 1 和 http1MaxPendingRequests: 1,意思是如果并发的连接和请求数超过1,那么超出的请求就会被阻止,报503错误。

首先:发送并发数为 2 的连接(-c 2),请求 20 次(-n 20


[root@k8s-master cricuit-breaking]# kubectl exec fortio-deploy-687945c6dc-zjb7s fortio -- /usr/bin/fortio load -c 2 -qps 0 -n 20 -loglevel Warning http://httpbin:8000/get
12:53:59 I logger.go:127> Log level is now 3 Warning (was 2 Info)
Fortio 1.17.1 running at 0 queries per second, 2->2 procs, for 20 calls: http://httpbin:8000/get
Starting at max qps with 2 thread(s) [gomax 2] for exactly 20 calls (10 per thread + 0)
12:53:59 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
12:53:59 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
12:53:59 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
Ended after 65.85345ms : 20 calls. qps=303.7
Aggregated Function Time : count 20 avg 0.0059132964 +/- 0.004518 min 0.000490991 max 0.022192328 sum 0.118265928
# range, mid point, percentile, count
>= 0.000490991 <= 0.001 , 0.000745496 , 10.00, 2
> 0.003 <= 0.004 , 0.0035 , 15.00, 1
> 0.004 <= 0.005 , 0.0045 , 60.00, 9
> 0.005 <= 0.006 , 0.0055 , 75.00, 3
> 0.006 <= 0.007 , 0.0065 , 85.00, 2
> 0.008 <= 0.009 , 0.0085 , 90.00, 1
> 0.012 <= 0.014 , 0.013 , 95.00, 1
> 0.02 <= 0.0221923 , 0.0210962 , 100.00, 1
# target 50% 0.00477778
# target 75% 0.006
# target 90% 0.009
# target 99% 0.0217539
# target 99.9% 0.0221485
Sockets used: 5 (for perfect keepalive, would be 2)
Jitter: false
Code 200 : 17 (85.0 %)
Code 503 : 3 (15.0 %)
Response Header Sizes : count 20 avg 195.55 +/- 82.15 min 0 max 231 sum 3911
Response Body/Total Sizes : count 20 avg 736.6 +/- 208.2 min 241 max 825 sum 14732
All done 20 calls (plus 0 warmup) 5.913 ms avg, 303.7 qps

请求几乎都完成了,请求并发比较低,几乎都处理掉了

然后:我们增加并发,发送并发数为 2 的连接(-c 3),请求 20 次(-n 30

[root@k8s-master cricuit-breaking]# kubectl exec fortio-deploy-687945c6dc-zjb7s fortio -- /usr/bin/fortio load -c 3 -qps 0 -n 30 -loglevel Warning http://httpbin:8000/get
13:00:19 I logger.go:127> Log level is now 3 Warning (was 2 Info)
Fortio 1.17.1 running at 0 queries per second, 2->2 procs, for 30 calls: http://httpbin:8000/get
Starting at max qps with 3 thread(s) [gomax 2] for exactly 30 calls (10 per thread + 0)
13:00:19 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:00:19 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
Ended after 63.023172ms : 30 calls. qps=476.02
Aggregated Function Time : count 30 avg 0.0046750369 +/- 0.005078 min 0.00040163 max 0.020853069 sum 0.140251107
# range, mid point, percentile, count
>= 0.00040163 <= 0.001 , 0.000700815 , 30.00, 9
> 0.001 <= 0.002 , 0.0015 , 46.67, 5
> 0.003 <= 0.004 , 0.0035 , 50.00, 1
> 0.004 <= 0.005 , 0.0045 , 63.33, 4
> 0.005 <= 0.006 , 0.0055 , 66.67, 1
> 0.006 <= 0.007 , 0.0065 , 76.67, 3
> 0.007 <= 0.008 , 0.0075 , 83.33, 2
> 0.008 <= 0.009 , 0.0085 , 86.67, 1
> 0.009 <= 0.01 , 0.0095 , 93.33, 2
> 0.018 <= 0.02 , 0.019 , 96.67, 1
> 0.02 <= 0.0208531 , 0.0204265 , 100.00, 1
# target 50% 0.004
# target 75% 0.00683333
# target 90% 0.0095
# target 99% 0.0205971
# target 99.9% 0.0208275
Sockets used: 16 (for perfect keepalive, would be 3)
Jitter: false
Code 200 : 15 (50.0 %)
Code 503 : 15 (50.0 %)
Response Header Sizes : count 30 avg 115 +/- 115 min 0 max 230 sum 3450
Response Body/Total Sizes : count 30 avg 532.5 +/- 291.5 min 241 max 824 sum 15975
All done 30 calls (plus 0 warmup) 4.675 ms avg, 476.0 qps
[root@k8s-master cricuit-breaking]#

目前已经触发熔断,多访问几次,效果显现

[root@k8s-master cricuit-breaking]# kubectl exec fortio-deploy-687945c6dc-zjb7s fortio -- /usr/bin/fortio load -c 3 -qps 0 -n 30 -loglevel Warning http://httpbin:8000/get
13:05:28 I logger.go:127> Log level is now 3 Warning (was 2 Info)
Fortio 1.17.1 running at 0 queries per second, 2->2 procs, for 30 calls: http://httpbin:8000/get
Starting at max qps with 3 thread(s) [gomax 2] for exactly 30 calls (10 per thread + 0)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:28 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
Ended after 38.111835ms : 30 calls. qps=787.16
Aggregated Function Time : count 30 avg 0.0035141705 +/- 0.008374 min 0.000294241 max 0.033723522 sum 0.105425115
# range, mid point, percentile, count
>= 0.000294241 <= 0.001 , 0.000647121 , 63.33, 19
> 0.001 <= 0.002 , 0.0015 , 90.00, 8
> 0.025 <= 0.03 , 0.0275 , 96.67, 2
> 0.03 <= 0.0337235 , 0.0318618 , 100.00, 1
# target 50% 0.000843165
# target 75% 0.0014375
# target 90% 0.002
# target 99% 0.0326065
# target 99.9% 0.0336118
Sockets used: 28 (for perfect keepalive, would be 3)
Jitter: false
Code 200 : 2 (6.7 %)
Code 503 : 28 (93.3 %)
Response Header Sizes : count 30 avg 15.4 +/- 57.62 min 0 max 231 sum 462
Response Body/Total Sizes : count 30 avg 200.73333 +/- 167.6 min 153 max 825 sum 6022
All done 30 calls (plus 0 warmup) 3.514 ms avg, 787.2 qps
[root@k8s-master cricuit-breaking]#
[root@k8s-master cricuit-breaking]#
[root@k8s-master cricuit-breaking]#
[root@k8s-master cricuit-breaking]#
[root@k8s-master cricuit-breaking]#
[root@k8s-master cricuit-breaking]#
[root@k8s-master cricuit-breaking]# kubectl exec fortio-deploy-687945c6dc-zjb7s fortio -- /usr/bin/fortio load -c 3 -qps 0 -n 30 -loglevel Warning http://httpbin:8000/get
13:05:32 I logger.go:127> Log level is now 3 Warning (was 2 Info)
Fortio 1.17.1 running at 0 queries per second, 2->2 procs, for 30 calls: http://httpbin:8000/get
Starting at max qps with 3 thread(s) [gomax 2] for exactly 30 calls (10 per thread + 0)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [0] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [2] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
13:05:32 W http_client.go:806> [1] Non ok http code 503 (HTTP/1.1 503)
Ended after 8.257874ms : 30 calls. qps=3632.9
Aggregated Function Time : count 30 avg 0.00076742657 +/- 0.0002507 min 0.000307242 max 0.001269222 sum 0.023022797
# range, mid point, percentile, count
>= 0.000307242 <= 0.001 , 0.000653621 , 83.33, 25
> 0.001 <= 0.00126922 , 0.00113461 , 100.00, 5
# target 50% 0.000711351
# target 75% 0.000927838
# target 90% 0.00110769
# target 99% 0.00125307
# target 99.9% 0.00126761
Sockets used: 30 (for perfect keepalive, would be 3)
Jitter: false
Code 503 : 30 (100.0 %)
Response Header Sizes : count 30 avg 0 +/- 0 min 0 max 0 sum 0
Response Body/Total Sizes : count 30 avg 153 +/- 0 min 153 max 153 sum 4590
All done 30 calls (plus 0 warmup) 0.767 ms avg, 3632.9 qps
[root@k8s-master cricuit-breaking]#

闹玩儿扣眼珠子
关注
  • 0
    点赞
  • 5
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Istio实战(五)-故障熔断机制
专注基础架构领域
05-14 867
在上文中我们提到了 Istio熔断机制,本文将带领大家详细了解一下 Istio 都具备哪些熔断方式。 一、Hystrix熔断 关于熔断,大家比较熟悉的一个落地产品就是Hystrix。Hystrix是Netflix提供的众多服务治理工具集中的一个,在形态上是一个Java库,在2011年出现,后来多在Spring Cloud中配合其他微服务治理工具集一起使用。 Hystrix的主要功能包括: 阻断级联失败,防止雪崩; 提供延迟和失败保护; 快速失败并即时恢复; 对每个服务调用都进行隔离; 对每个服务
Istio实战-03.服务熔断配置示例
最新发布
Felix的小黑板
03-22 241
istio服务熔断配置
Istio熔断
Micky_Yang的博客
07-24 4458
一、理解熔断   熔断(Circuit Breaker),原是指当电流超过规定值时断开电路,进行短路保护或严重过载时的一种保护机制。后来熔断也广泛应用于金融领域,指当股指波幅达到规定的熔断点时,交易所为控制风险采取的暂停交易措施。而在软件领域,熔断则是指当服务达到系统负载阈值时,为避免整个软件系统不可用,而采取的一种主动保护措施。对于微服务系统而言,熔断尤为重要,它可以使系统在遭遇某些模块故障时,通过服务降级等方式来提高系统核心功能的可用性,得以应对来自故障、潜在峰值或其他未知网络因素的影响。 二、配置熔
第十八部分 Istio熔断
小郑的专栏
05-14 1178
简述 本章节讲述用连接、请求以及外部检测来进行熔断配置的过程。断路器是创建弹性微服务应用程序的重要模式。断路器允许您编写限制故障、延迟峰值以及其他不良网络特性影响的应用程序。 前提 正确安装Istio。 安装httpbin 示例应用,它是后端服务。 kubectl apply -f <(istioctl kube-inject -f samples/httpbin/httpbin....
Istio熔断器解析
云原生社区博客分享
10-08 1705
作者:Laszlo Bence Nagy 译者:马若飞 审校:罗广明 原文:https://banzaicloud.com/blog/istio-circuit-breaking/ 编者按 作者简要介绍了熔断的概念,然后以实战演练的方式分别演示了如何通过Backyards UI、CLI等方式创建并设置熔断功能。注:Backyards是Banzai Cloud开发的一款基于Istio服务网...
深入理解Istio流量管理的熔断配置
万猫学社
07-28 2941
熔断,是创建弹性微服务应用程序的重要模式。熔断能够使您的应用程序具备应对来自故障、潜在峰值和其他未知网络因素影响的能力。
istio源码20221231
12-31
它负责处理服务间的请求,提供负载均衡、熔断、限流、重试和故障注入等功能。Envoy的源码实现了一种高效的网络过滤器架构,使得这些功能可以灵活地添加和扩展。 2. **Pilot**:Pilot是控制平面的一部分,负责生成...
istio-1.7.3
10-26
Envoy部署为sidecar模式,与每个服务实例并行运行,负责拦截和服务间的通信,实现智能路由、负载均衡、熔断、限流等功能。 2. **Pilot**:Pilot 提供了控制平面的功能,它生成并分发Envoy配置,使Envoy能够处理服务...
istio 资源包 Linux版
10-17
Istio是一款强大的服务网格平台,它为微服务架构提供了流量管理、安全、可观测性和控制等关键功能。这个资源包是专为Linux系统设计的,让我们深入了解一下Istio在Linux环境中的应用及其核心概念。 Istio的核心组件...
Istio网格流量治理基础
03-21
Envoy提供的功能包括动态服务发现、负载均衡、TLS终止、HTTP/2和gRPC代理、熔断、健康检查、灰度发布、故障注入以及丰富的度量指标。 Mixer是Istio中的策略和遥测适配器,它采用插件模型,连接前端Envoy与后端系统...
istio 示例程序 bookinfo 快速部署
12-26
通过 "bookinfo" 示例,你可以学习到 Istio 如何在服务网格中实现智能路由、服务发现、熔断、限流和故障注入等高级功能。此外,了解如何在实际环境中部署和配置 Istio 对于理解服务网格的工作原理至关重要。随着你对...
Istio熔断
qq_42747099的博客
04-01 892
断路器实现模型 apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: httpbin spec: host: httpbin trafficPolicy: connectionPool: #设置上游服务的连接池。 tcp: #连接数限制,对 ...
istio功能[熔断]
ᠮᠤᠷᠢᠨ ᠬᠤᠭᠤᠷ
06-28 515
在并发的连接和请求数超过一个,在istio-proxy进行进一步的请求和连接时,后续请求活连接将被阻止 apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: httpbin #规则名称 spec: host: httpbin #后端svc trafficPolicy: connectionPool: tcp:
Istio服务网格进阶⑤:Istio服务网格的流量管理之服务熔断
江晓龙的博客
09-16 1104
应用程序调用之间也是有类似保险丝的概念的,被称为服务熔断,当A服务请求B服务时,如果B服务故障无法提供请求时,A服务还是会一直请求B服务,从而占用很多的资源,请求积压过多就会影响服务器的整体性能,当应用程序设置了服务熔断,当B服务无法处理请求时,就不会让A服务再去请求B服务了,根据设置的时间,一段时间后再让A服务去尝试请求B服务。开启了服务降级模式,A服务就不会去调度异常的B服务,此时会给用户返回一个友好的提示页面,比如"请求繁忙,请稍后重试"。当请求数没有超过服务熔断设置的阈值就可以正常访问程序。
Istio学习笔记-熔断实验
weixin_43394724的博客
08-10 590
配置熔断规则,然后通过有意的使熔断器“跳闸”来测试配置。 本实验来自于Istio官方熔断 实验环境沿用上一篇Bookinfo环境 启动 httpbin 样例程序 将httpbin启动在default namespace,该Namespace已启用了sidecar注入 # Copyright Istio Authors # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this
Istio熔断功能解析
在每次的突破中遇见更好的自己
04-22 680
前言 Istio因灵活的可观察性和安全的服务间通信受到了赞许。然而,其他更重要的功能才真正使得Istio成为了服务网格里的瑞士军刀,当遇到运行时长、延迟和错误率等SLO问题时,服务间的流量管理能力是至关重要的。 在今年早些时候发布Istio operator时,我们的目标(除了管理Istio的安装和升级)是为这些出色的流量路由特性提供支持,同时使所有的功能都更加易用。最后,我们创建了一个简单且自动化的服务网格Backyards,它在Istio operator之上提供了管理UI、CLI和Graph...
idou老师教你学Istio11 : 如何用Istio实现流量熔断
weixin_30909575的博客
01-28 142
在之前的最佳实践中,已经带大家通过一系列的实践任务领略了Istio的无穷魅力。今天,将向大家介绍如何用Istio实现流量熔断熔断机制是创建弹性微服务应用程序的重要模式。熔断可以帮助您自由控制故障影响的范围、网络延迟的峰值以及抵御其他一些来自外部的恶意攻击等场景。 在接下来的任务中,idou老师将通过配置一个熔断器来详细介绍如何在Istio中实现熔断,以及背后的原理。 ...
Istio熔断配置参数解析
Xiangwenhai的博客
04-15 965
熔断器配置参数 连续错误数量 consecutiveErrors 错误阈值,超过之后,pod被移出连接池。当上游是HTTP服务时,5xx的返回码会被标记为错误;TCP服务时,TCP连接超时和连接错误/故障事件会被标记为错误 移除检测的时间间隔 interval在移除检测之...
k8s之istio实现服务请求熔断(1)
jiayu的博客
04-26 1260
熔断,是创建弹性微服务应用程序的重要模式。熔断能够使您的应用程序具备应对来自故障、潜在峰值和其他未知网络因素影响的能力
Istio服务网格技术与实践
03-29
Istio服务网格技术与实践,包含Istio架构,与K8S集成和Istio的技术实践

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值