Alibaba Cloud MSE supports Go language traffic protection

Author: Bobby

Overview

With the widespread adoption of Go language and cloud native, Go language is more and more widely used in microservice scenarios, and the demand for governance, current limiting and downgrading of Go language microservices is getting stronger and stronger.

In the Go language, although the community provides current limiting libraries such as go.uber.org/ratelimit, firstly, the support for multiple languages is insufficient, and only Go is supported. Second, functionally, the current limiting degradation will be subdivided into flow control , isolation, fusing, hotspot and other functions, also do not support dynamic configuration, the functional support is not perfect.

Alibaba Cloud Microservice Engine (MSE) combines Sentinel to bring microservice governance capabilities to Go language and Java language applications. This article will show you how to use the current-limiting downgrade capability in a Go language microservice application.

What is Current Limit Downgrade

In microservice applications, the current limit and degradation are mainly divided into three steps:

• Target: what kind of traffic to target
• Strategy: Strategies for current limiting and downgrading
• FallbackAction: Action after triggering

For example, for the order creation interface (Target), we limit the request to 1000QPS (Strategy). After the current limit is triggered, the request returns an exception (FallbackAction).

Alibaba Cloud MSE supports defining resources through open source Sentinel, and obtains and applies current limiting and downgrading rules from MSE. The overall access is as follows:

How to Downgrade Using MSE Current Limit

Application access

1. Download MSE Go SDK [ 1] , extract it to the ./pkg-custom/github.com/aliyun/aliyun-mse-go-sdk-v1.0.7 directory of the project.

<!---->

1. 1. You can refer to the examples in the example directory of the SDK for access.
2. In the go.mod file, add the following dependency declaration:

 require (
  github.com/aliyun/aliyun-mse-go-sdk v1.0.7
)

replace github.com/aliyun/aliyun-mse-go-sdk => ./pkg-custom/github.com/aliyun/aliyun-mse-go-sdk

3. During the startup process of the application, add the MSE SDK initialization command:

 import (
  mse_sdk "github.com/aliyun/aliyun-mse-go-sdk"
)
// 在应用的初始化逻辑中加入以下代码。
// Sentinel core的初始化包含在了这里面。如果之前有调用过Sentinel的初始化函数，需要去掉。
err := mse_sdk.InitMseDefault
if err != nil {
    log.Fatalf("Failed to init MSE: %+v", err)
}

Application deployment

In the cloud-native deployment method, the usual deployment specification is a factor of 12 [ 2] . Regarding configuration, it is recommended to store the configuration of the application in environment variables. In this way, when the application is deployed, it only needs to switch different environment variables to access different environments.

Similarly, MSE-Go-SDK also recommends that you access MSE through environment variables. The environment variables used are as follows:

After accessing according to the above steps, you can see the applications we have accessed on the application list page:

resource definition

At the beginning of the article, we mentioned current limit degradation = Target+Strategy+FallbackAction. So the first step is to define the Target.

• Sentinel Definition Resources

MSE supports user-defined resources through Sentinel, just wrap the business logic with the following code blocks:

 import (
  sentinel "github.com/alibaba/sentinel-golang/api"
)

// Entry 方法用于埋点
e, b := sentinel.Entry("your-resource-name", sentinel.WithTrafficType(base.Inbound))
if b != nil {
  // 请求被流控，可以从 BlockError 中获取限流详情
} else {
  // 请求可以通过，在此处编写您的业务逻辑
  // 务必保证业务逻辑结束后 Exit
  e.Exit()
}

Of course, in daily business development, developers often provide services through microservice frameworks, such as dubbo-go, Gin, gRPC, etc. Naturally, we hope to be able to register these services as resources:

• Define resources in dubbo-go way

Just import dubbo-go adaptor to automatically register resources to MSE:

 import (
    _ "github.com/alibaba/sentinel-golang/adapter/dubbo"
)

• The Dubbo application introduces the Dubbo adapter in the code through the import package, and the init() function in it will automatically inject the relevant filter. Dubbo-Go version requires ≥1.3.0. Sentinel Dubbo adapter will automatically count all provider and consumer calls.
• gRPC application access

 import (
  sentinelPlugin "github.com/alibaba/sentinel-golang/adapter/grpc"
  "google.golang.org/grpc"
)

s := grpc.NewServer(grpc.UnaryInterceptor(sentinelPlugin.NewUnaryServerInterceptor()))

• The gRPC application introduces the interceptor provided by Sentinel in the initialization code of gRPC. Sentinel provides two interceptors, unary and streaming, for both the server and the client. The above code takes the server side as an example. The default current limit processing logic is to return Sentinel's BlockError. You can also provide custom fallback processing logic when creating the interceptor.
• Gin Web Application Access

 import (
  sentinelPlugin "github.com/alibaba/sentinel-golang/adapter/gin"
  "github.com/gin-gonic/gin"
)

r := gin.New()
r.Use(sentinelPlugin.SentinelMiddleware())

• Gin Web application introduces SentinelMiddleware in the initialization code of Gin. Sentinel counts each API route, and the resource name is similar to GET:/foo/:id. The default current limit processing logic is to return the 429 (Too Many Requests) error code.
• Micro application access

 import (

  sentinelPlugin "github.com/alibaba/sentinel-golang/adapter/micro"
  "github.com/micro/go-micro/v2"
)

svc := micro.NewService(micro.WrapHandler(sentinelPlugin.NewHandlerWrapper()))

• Introduce the wrapper provided by Sentinel in the initialization code of Go-Micro. Sentinel provides wrappers for both Go-Micro Server and Client. The above code takes the server side as an example. By default, the buried point will extract the service method as the resource name, and the default flow control processing logic is to return Sentinel's BlockError. You can also provide custom fallback processing logic when creating the wrapper.

How to configure the current limit and downgrade rules

After accessing through the above methods, you can configure rules such as flow control rules, isolation rules, circuit breaker rules, and hotspot rules:

• View apps

After access, you can see our connected applications on the application list page:

On the application details page, you can also see the overview data of the application:

You can view the resources registered in the code:

• Configure flow control rules

Flow control rules can be set for each resource:

After setting the flow control rules, you can see the increase of reject QPS and decrease of pass QPS:

By choosing flow control protection, you can preset the QPS traffic that the service can withstand. When the traffic reaches the set threshold, the excess requests are immediately intercepted, so as to prevent the application from being overwhelmed by the instantaneous traffic peak.

• Configure Quarantine Rules

By choosing isolation protection, you can ensure the stability of the system by controlling the interface or the number of dependent concurrent threads. It is usually suitable for scenarios where the internal or downstream dependencies of the application are unstable, such as slow SQL and long response time of downstream applications.

• Configure circuit breaker rules

By choosing circuit breaker protection, you can monitor the response time or abnormal proportion of internal or downstream dependencies of the application, and immediately reduce the priority of downstream dependencies when the specified threshold is reached. During the specified time, the system will not call the unstable resource to prevent the application from being affected, thus ensuring the high availability of the application. When the specified time elapses, the call to the resource is resumed.

• Configure Hotspot Rules
• 

If hotspot parameter protection is selected, AHAS will analyze statistical parameters, that is, parameters with a high number of invocations during resource invocation, and limit the current of resource invocations containing hotspot parameters according to the configured hotspot rules to protect system stability. Hotspots are frequently accessed data. For example, in the following scenarios, it is necessary to count the top data with the highest access frequency in a certain hotspot data, and restrict its access.

• Limit the most frequently purchased product IDs within a period of time to prevent the situation where the cache is broken down and a large number of requests are sent to the database.
• Limit user IDs that are frequently accessed within a period of time to prevent malicious fraud.

MSE Microservices Governance Planning

The OpenSergo open source project, in conjunction with the Sentinel project, is formulating and improving current limiting and downgrading standards, so that applications in different languages can achieve unified microservice governance through a unified control plane.

Alibaba Cloud Microservice Engine (MSE) will also gradually support the OpenSergo standard, allowing microservice developers to use OpenSergo to manage microservice applications in different languages in a unified manner.

At the same time, Alibaba Cloud MSE will also explore based on microservice governance, explore and implement functions such as traffic governance, current limiting and downgrading, database governance, and message governance, and bring microservice governance throughout the life cycle to microservice developers.

10% discount for the first purchase of MSE Registration and Configuration Center Professional Edition, 10% discount for MSE Cloud Native Gateway Prepaid Full Specifications. Click here to take advantage of the discount!

Reference link:

[1] MSE Go SDK:

https://mse-cn-hangzhou.oss-cn-hangzhou.aliyuncs.com/sdk/go/latest/aliyun-mse-go-sdk.zip

[2] 12-factor:

https://12factor.net/zh_cn/