Why learn middleware? How to learn? How to become a good programmer?
I think an excellent programmer should satisfy two points: 1. A solid foundation of programming language and data structure, which can realize various basic crud requirements. This is the foundation; sexual engineering. Each company has its own code framework, which is very different and will not be discussed for now, but commonly used middleware can help better programming and implementation, which is very useful. So learn. The third is performance optimization and architecture optimization. Once you have an understanding of the overall system, you can accurately find performance bottlenecks and make improvements based on business needs.
In terms of middleware:
first of all, I focus on breadth and commonality at this stage, and the system concept is firmly established . Each component is simply practiced (docker runs the service, nginx deploys load balancing, and rpc is simple to use) to understand how it works in general. Works, no more attempts at complications. It is necessary to have a broad understanding of various middleware such as caching, proxy, container, message queue, rpc architecture ideas, excellent design concepts (such as abstraction level k8s, vfs, design patterns, etc.) and data structures (red-black tree + linked list, jump table) etc.) . Because there is no business environment for the time being, focusing on a certain component is a dead end, and it may not be used in the future. So pay attention to overall learning and understand commonalities.
In terms of performance, I am learning to modify the components accordingly and create them myself, for example, I am learning the book linux kernel, the peak of performance. You need to constantly improve yourself so that you will not be easily replaced.
(In terms of middleware and performance, I think the known unknown is more important, that is, knowing what to do, but not doing it yet.)
**
docker:
** Appears because compared to virtual machines, resource reuse is more flexible. Virtual machines are a complete operating system that takes up a lot of space and starts slowly; docker container technology can configure different environments according to and without requirements, and will not interact with each other Influence. Mirror operation facilitates migration and realizes build once run everywhere
Docker is mainly about isolation and standardization. The core technologies are namespace technology and cgroup technology.
The namespace is to make different containers look unrelated, to prevent naming conflicts in different spaces, such as pid, user Id, ip address, etc.
Each container has its own ns, just like multiple processes, the 1234 address of one process and the 1234 address of another process are not a physical address (virtual address). The same naming in different ns is not really the same resource.
You can view the ns to which the process belongs through the proc/pid/ns folder, and then use nsenter to enter another specified ns space if you want to modify it.
Cgroup is a technology used to isolate. Tree structure organization, several processes form a cgroup, several cgroups are arranged in a tree form, and there are many trees at the same time, representing different system resources, such as CPU, memory, network, equipment, etc., can perform operations such as monitoring and limiting some resources, such as limiting
mysql A set of process core bindings, how much CPU time, memory and bandwidth, which devices can be accessed, etc.
Common operations,
first pull the image docker pull ubuntu
and then start a container docker run -i -t -name name cmd
If it is interactive, it is /bin/bash
docker image view image
docker ps view container docker inspect c_id view specific container information
docker top container id view the process
Compiling the dockfile can also post the image to the docker_hub library, but I haven't tried it.
I use it mainly in two aspects. One is that in computer system experiments, different environments need to be installed for each experiment, and they are incompatible. Therefore, for convenience, I use docker to load the image. Otherwise, uninstall it.
Another is to deploy the website in docker. The (static)
steps are, 1. Port mapping, docker run -p 80 specifies port 80.
2. Download nginx and vim. Write a simple html file, modify the nginx configuration to that file, and start nginx. Then ctrl+Q exits to ensure that the container is still running. Then docker port web to check the mapping situation, and access it through the host address 127.0.0.1 plus the mapped port
**
k8s
**
You must know the reason why k8s appears, in fact, it is the operating system of the data center, in order to manage the software and hardware resources of many machines.
The main components are similar to the operating system.
Scheduler controller process thread process group (docker pod service) network (each pod has an ip address) storage (file storage, object storage, block storage, has its own interface management) and package management tool helm pay attention to Kubernetes will be Service
DNS The name of the domain name is resolved into a virtual Cluster IP, and then forwarded to the backend Pod through load balancing. Although the Pod may drift and the IP will change, the Service will remain the same. (Service is equivalent to a set of pods, that is, a set of processes that implement certain functions, such as a set of mysql processes, that is to say, when the service is used as a virtual ip, the real pod will become elegant, but The service will not change, it is a bit similar to NAT, and load balancing can be achieved.)
What is the core problem k8s solves?
Service discovery and load balancing
means that you are given a program, and you need to decide which machine's pod to run on. The k8s container itself can specify the resource size CPU, memory, etc. It has its own DNS and ip address to open the container publicly, and it can also load balance when the traffic is heavy.
There is also storage orchestration (optional object, file, block storage)
Self-healing, highly available.
Architecture: The traditional client-server architecture
The server consists of a set of master nodes (storage status, scheduling and allocation of resources) and a series of worker nodes.
Master node structure:
It is mainly responsible for receiving client requests, arranging the execution of containers and running control loops, and migrating the state of the cluster to the target state. (Mainly include API and client interaction interface, etcd key-value database storage state, the scheduler is mainly responsible for making pod run on a specific idle node, scheduling strategy includes resource requirements, affinity (a group of processes is best in one Host, convenient communication) There is also a controller controller, responsible for fault notification transfer, as well as copy, token control, etc.)
The implementation of other Worker nodes is relatively simple. It mainly consists of two parts: kubelet, kube-proxy , and runtime (docker).
kubelet: It is an agent for working nodes to perform operations. It is responsible for specific container life cycle management , manages containers based on information obtained from the database, and reports pod running status, etc.
kube-proxy: It is a simple network access proxy and also a Load Balancer . It is responsible for assigning the request to access a certain service to the Pod of the same type of label on the working node.
The essence of kube-proxy is to implement Pod mapping by operating firewall rules (iptables, mapping from service ip to pod ip). (The client accesses through the cluster ip of services. The proxy will redirect to the pods in it according to the iptable rules, and it can also load balance when the traffic is heavy.) A service is a group of pods to ensure robustness.
Pod, Service, Volume, and Namespace are the four basic objects in a Kubernetes cluster. They can represent applications, workloads, network, and disk resources deployed in the system, and together define the state of the cluster. Many other resources in Kubernetes actually only combine these basic objects.
The configuration file is written in yaml, and kubectl is the client that comes with Kubernetes, which can be used to directly operate the Kubernetes cluster.
Introduce k8s. Let me talk about the operating system of the data center first, what is the overall architecture (master node and worker node) and the abstraction level is worth learning (docker, pod, service, volume, ns). Regarding storage, there are several storage methods with a unified interface; regarding the network, pod is the only
one
. ip address and service cluster ip address, own network model;
the client has its own kubectl and helm package management tools.
How to publish services on k8s?
NodePort, LoadBalancer, Ingress controller three ways to expose the service
NodePort: 30000-32767) to allocate a port, each node will proxy the port to your service
LoadBalance service type will automatically deploy an external load balancer, the External load balancers are associated with specific IP addresses and route external traffic to Kubernetes services in the cluster.
Ingress controllers generally do not eliminate the need for external load balancers, they just add an additional route and control layer.
**
k8s basic command understanding
get describe log
**
The most commonly used is to check the usage of a resource pod under a certain ns: kubectl get pod -n ns. In official use, we will never publish resources in the default namespace. So, never forget to add -n after the get command.
kubectl describe pod <pod name> -n <namespace> to get the basic information of a pod. For example, the node information knows which machine the pod is on, the label knows what the main purpose of the pod is, the control by knows what the upper-level resources of the pod are created, and continue to view the upper-level resource location information. The container contains the information of each docker.
If there is a problem, you can see the Event paragraph at the end of the obtained information, which records the cause of the pod failure.
kubectl logs <pod name> to view the pod's log by adding the -f parameter to continuously view the log.
kubectl create creates resources from yaml configuration files and creates them easily.
kubectl explain explains configuration, there are too many configuration information and many levels of abstraction.
kubectl delete deletes everything!
kubectl edit <resource type> <resource name> In actual use, it is more preferred to manually modify a certain configuration item to solve the problem, such as modifying the mirror address to solve the problem that the mirror cannot be pulled. kubectl apply -f <new configuration file name.yaml> For example, you deployed your resources from a website through the kubectl apply -f https://some-network-site/resourse.yaml command, so that when its manager updates After installing this configuration file, you only need to execute this command again to apply the updated content, and you don't need to care about which configuration items have been modified.
nginx introduction and practice
**
nignx is a forward proxy (for the client, the server does not know), reverse proxy, load balancing and dynamic and static separation. It is characterized by small memory, high performance and high concurrency.
nignx can also achieve high availability, and the keeplived option can increase the number of nginx servers;
Nginx configuration file (internal is also epoll, which receives new client connections, and then child process threads process it and server connections (load balancing))
global block: configuration instructions that affect the overall operation of the nginx server. For example, the larger the worker_process, the more concurrent numbers it supports.
events block: mainly affects the network connection between the Nginx server and the user . For example: worker_connections 1024; , the maximum number of connections supported.
The third part http block
http block includes http global block and server block, which is the most frequent part in server configuration, including most functions such as configuring proxy, cache, and log definition .
server block: configure the relevant parameters of the virtual host.
location block: configure request routing, and the processing of various pages.
For example, the following example: enter http://192.168.4.32/example/a.html in the address bar of the browser, and the average port will be 5000 and 8080 to achieve load balancing effect.
upstream myserver { server 192.167.4.32:5000; server 192.168.4.32:8080; }
server { listen 80; #listen port server_name 192.168.4.32; #listen address
location / {
root html; #html目录
index index.html index.htm; #设置默认页
proxy_pass http://myserver; #请求转向 myserver 定义的服务器列表
}
}
Monitor the website and port you want to visit in the server (http is 80) and then define the ip+port of your own server. In location, proxy_pass is set to your own address, and index is set to the default web page.
Among them, the form of load balancing can be default polling, or weight weight, or ip_hash, fair response time is short;
location ~ means regular expression matching
Nginx cache expires 3d; By setting the expires parameter, the browser can cache the content before the expiration time, reducing the request and traffic between the server and the server.
Separation of dynamic and static : set up static and dynamic addresses, and then match the location. If jsp and php need to interact with the backend, go to the dynamic URL. Static ones such as jpg, css, etc. do not need to interact with the server.
How to achieve high availability:
First, install the keeplivd program, which is equivalent to a route. It uses a script to detect whether the current server is still alive. If it is still alive, continue to visit, otherwise switch to another backup server.
Modify the configuration file, keepalived binds the nginx server to a virtual ip, and the nginx high-availability cluster exposes this virtual ip to the outside world , and clients access the nginx server by accessing this virtual ip.
Nignx principle: It is just a forwarding operation, and the real processing request is done by the back-end server.
A master and several worker processes. The client sends a request first through the master. After receiving the request, the administrator will notify the worker of the request. Multiple workers use the mechanism of competition to snatch the task. The worker who gets the task will pass the request through tomcat (application container) and so on. Request forwarding, reverse proxy, accessing database, etc.
The benefits of a master and multiple workers?
You can use nginx -s reload for hot deployment.
Each worker is an independent process. If one of the workers has a problem, the other workers will run independently and will continue to compete for tasks to implement the client's request process without causing service interruption.
Advanced application of nignx?
Cross-domain issues: For example, requesting another backend in a front-end project; the request cannot be responded because of cross-domain. If you don't want to modify the code at the front and back ends, you can add cross-domain requests, methods, cookies, etc. in the server block of nignx, which add_header allows.
Configure an SSL certificate: Register a domain name and SSL certificate on Alibaba Cloud; then add http_ssl_module to nginx (: If the website is not registered, it will be blocked, which will result in inaccessibility. Regular sites must be filed.)
Anti-leech configuration The popular understanding of hotlinks is that other people’s websites use their own server resources. For example, it is common to introduce resources such as pictures from other site servers on a website, so that resources such as bandwidth of the hotlinked server will be consumed additionally. To a certain extent, it will damage the interests of the stolen party, so anti-leeching is necessary; here is a case of simply implementing static resource anti-leeching through nginx. The principle is very simple, which is to judge whether the request source is allowed. For illegal direct return 403 in Location
Summary: Let me talk about what it is and its characteristics, principles, and configuration file configuration process to complete load balancing, caching; high availability implementation; advanced applications.
(The difference between nginx, apache, and tomcat)
First of all, both nginx and apache can only handle static requests. The difference between the two is that nginx is simpler and has less memory, and the components, configurations, and modules supported by apache are more complicated; the second is that nginx uses a non-blocking model of epoll+multi-process, with high concurrency, while apache is a blocking multi-process.
The main function of tomcat is to process dynamic elements (jsp, cgi, php, etc.), and it is a container developed by apache that meets the servelet standard. Generally, after the dynamic and static separation of nignx, the dynamic ones are handled by tomcat.
rpc knowledge points (company internal communication)
Remote procedure calls, in the context of distributed microservices, involve the collaboration of different servers. rpc is to make calling a remote method the same as calling a local one, as long as the parameter name and parameters are specified.
Now that there is http, why use rpc to call?
The communication protocol is not the focus of rpc. rpc is a method, and http is a protocol. Therefore, it encapsulates more advanced service-oriented features such as "service discovery", "load balancing", and "fuse downgrade". It can be understood that the rpc framework is a more advanced service-oriented package.
(rpc advantages: high efficiency, binary but not absolute because http2 is also binary; concise, you need to remember a lot of functions and parameters (get, post, etc.) Advanced features) Disadvantages: low readability, the architecture of both parties needs to be consistent.
Advantages of http: high readability, and the language structure of both parties does not need to be consistent.
Common rpc: grpc, brpc, thrift, dubbo and other
rpc call framework
The rpc call framework is: the server has a stub, which can serialize the interface object (function, parameter) of service B as a parameter, and then pass the transmission protocol (http2 , protobuf, etc.) to B, B deserializes and calculates the result and returns it to A.
Technologies involved:
1**.Serialization protocol** is a very important part
In network transmission, binary transmission is required, so objects must be converted into byte sequences.
What are the serialization protocols:
the earliest cobra com etc. are too complex and need to be assembled and eliminated the library that comes with java, xml, json, etc. (good readability but low space-time efficiency) protobuf, Hessian2 The core of protobuf is the message message and interface service
. The server and the server only need to pay attention to the interface method name (service) and parameter (message) to communicate, without paying attention to the cumbersome link protocol and field analysis, which greatly reduces the design and development cost of the server.
The internal core technology of dynamic proxy
RPC call is dynamic proxy.
That is to call the remote as if calling the local method. RPC will automatically generate a dynamic proxy class for us. When we inject the interface into the project, the actual binding during operation is the proxy class generated by this interface, so that when the interface method is called, it is actually generated The proxy class is intercepted, so that we can add the logic of remote calling in the generated proxy class.
Service Registry Discovery
(1) Registration and discovery process
Service registration: The service provider publishes the exposed interface to the registration center. In order to detect the effective status of the service, the registration center generally establishes a two-way heartbeat mechanism.
Service subscription: The service caller goes to the registry to find and subscribe to the IP of the service provider, and caches it locally for subsequent calls.
(2) How to implement: based on ZK
A. Create a service root path in ZooKeeper, which can be named according to the interface name (for example
: /micro/service/com.laowang.orderService), and then create service provider and caller directories (server,
client) in this path, They are used to store the node information of the service provider and the caller respectively.
B. When the server initiates registration, a temporary node will be created in the service provider directory, and the registration information will be stored in the node.
C. When the client initiates a subscription, it will create a temporary node in the directory of the service caller. The node stores the information of the caller, and at the same time, the directory of the watch service provider (/micro/service/com.laowang.orderService/server) All service node data. When the server changes, ZK will notify the subscribed client.
The characteristics of the ZooKeeper scheme:
strong consistency, every time the data of each node in the ZooKeeper cluster is updated, it will notify other ZooKeeper nodes to perform the update at the same time.
Server call code: Generate a zk class, open, publish nodes (including services and methods, services are permanent nodes, methods are temporary nodes, and ip+port will be added)
client: as long as the get_data method can be used to find the server The ip+port
client can also watch the monitoring service, once there is a change, it will know.
Health monitoring heartbeat mechanism
Load balancing and circuit breaker current limiting
Load balancing can be implemented by yourself, a scorer and indicator collector, scoring cpu, memory, etc., random weight, round robin, ip hash and other strategies for load balancing.
Current limiting: The simplest is the counter, and there are sliding windows for smooth current limiting, funnel algorithm, token bucket algorithm, etc. For example, if the response time exceeds the threshold, services in the next time window will not be accepted.
When service A calls service B, the business logic of service B calls service C. At this time, the response of service C times out, and service B may cause service downtime due to the accumulation of a large number of requests, resulting in the problem of service avalanche.
Gracefully open and gracefully close
Start preheating to prevent the cache from being overheated; the caller obtains the startup time of the service provider through service discovery, and then lowers the weight to reduce the probability of being selected by load balancing, thereby realizing the preheating process.
Summary: How to implement an rpc framework
1. Server, client, and zk
first perform service registration and discovery, client registration, server discovery (ip, port), and monitoring
client calling the server interface through a dynamic proxy (inside There is remote call logic), and then serialize the protocol to pass parameters, deserialize, calculate the result, and return the result.
Kafka introduces the actual combat
function of the message system: decoupling, asynchronous, and peak shaving.
Introduce the overall structure. producer, consumer. In a Kafka cluster, a Kafka server is a broker, a topic is just a logical concept, and a partition is represented as a directory on the disk. Different partitions can be on different brokers to enhance parallelism. The consumer group, the control node manages the cluster with the help of zookeeper.
Replica nodes are distributed among different brokers to achieve high availability.
Thoughts on kafka's excellent architecture:
high concurrency: three-tier network architecture: multi-selector- multi-thread -> queue design (NIO). Compared with the traditional reactor, there is one more layer of processor High availability
: high-performance copy mechanism
: write order is realized Write to disk: write to the os kernel first, then write to the disk sequentially, similar to the rocks representative, lsm tree. Read uses the sendfile operation to achieve zero-copy operation, and reads directly in the kernel without copying to the user.
And some log segments are stored, and the isr mechanism ensures availability and consistency to find a balance, and the log has offset and position two information, sparse index is written in the log, and binary search is used.
Production environment: According to the amount of traffic, according to the highest multiple, evaluate how many physical machines are needed (and several T of hard disks, dozens of G of memory, 32 CPUs, and gigabytes of network speed)