What is Sentinel
Sentinel is officially called Distributed Systems Traffic Defense. Sentinel takes flow as the entry point to protect the stability of service from multiple dimensions such as flow control, fusing downgrading and system load protection. We started with Hystrix on the Spring Cloud project and have stopped updating. Rensilience4j is now officially recommended by Spring Cloud. And of course sentinel, which we’re learning today.
Sentinel has the following characteristics:
- Rich application scenarios: Sentinel has undertaken the core scenarios of Alibaba’s double Eleven traffic drive in the past 10 years, such as SEC killing (i.e. burst traffic control within the range of system capacity), message peaking and valley filling, cluster flow control, real-time fusing of unavailable downstream applications, etc.
- Complete real-time monitoring: Sentinel also provides real-time monitoring capabilities. In the console, you can see the per-second data of the connected application, or even the aggregate performance of a cluster of less than 500 machines.
- Extensive Open source ecosystem: Sentinel provides out-of-the-box integration modules with other open source frameworks/libraries, such as Spring Cloud, Dubbo, and gRPC. You can quickly access Sentinel by introducing the appropriate dependencies and simple configuration.
- Sophisticated SPI extension points: Sentinel provides an easy-to-use, sophisticated SPI extension interface. You can quickly customize the logic by implementing an extension interface. For example, customize rule management and adapt dynamic data sources.
Second, Sentinel realizes current limiting
2.1 Installing the Sentinel Console
- Download: github.com/alibaba/Sen…
Here we can directly download the JAR package, after downloading the command line to start:
java -jar sentinel-dashboard-1.7.2.jar
Copy the code- Default port: 8080
- The default user name is sentinel
- Default password: sentinel
After successful startup, our browser visits http://localhost:8080, and the following interface appears.
2.2 Microservices inherit sentinel
- Introducing sentinel dependencies
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
</dependency>
Copy the code- Added configurations related to sentinel
server:
port: 7003
spring:
application:
name: sentinel-provider
cloud:
nacos:
discovery:
server-addr: 127.00.1:8848
sentinel:
transport:
dashboard: 127.00.1:8080
Copy the code- Provides an interface for testing traffic limiting
@SpringBootApplication
public class SentinelApplication {
public static void main(String[] args) { SpringApplication.run(SentinelApplication.class, args); }}@RestController
class TestController{
@GetMapping("/test")
public String test(a){
return "hello! sentinel!"; }}Copy the codeAfter requesting this interface several times, we open the Sentinel console and can monitor the sentinel-Provider service interface invocation in real time.
2.3 Configuring traffic Limiting Rules
Here we do a simple rule configuration:
-
Threshold type: QPS
-
Single-machine threshold: 2
The interface allows a maximum of two requests per second.
After clicking “Add”, a rule was found in the flow control rule:
Now, we continue to request this interface three times. The third response is as follows:
Blocked by Sentinel (flow limiting)
Copy the codeWe open the console and find that a request has been rejected.
Iii. Sentinel rules introduction
Whether it’s limiting traffic or downgrading, it follows certain rules. Here are some of the rules sentinel supports.
3.1 Flow control rules
Traffic control, the principle of which is to monitor indicators such as the QPS(query rate per second) or the number of concurrent threads of application traffic when a specified threshold is reached
Traffic is controlled to avoid being overwhelmed by instantaneous traffic peaks and ensure high availability of applications.
Resource name: unique name, default is the request path, can be customized
Source specific: Specifies which microservice to limit traffic. The default value is default, which means that all microservices are restricted regardless of source
Threshold Type/Single-node threshold:
-
QPS (Number of requests per second) : Traffic limiting is performed when the NUMBER of QPS calling the interface reaches the threshold
-
Number of threads: When the number of threads calling the interface reaches the threshold, traffic limiting is performed
3.2 Degradation Rules
A degrade rule is when a service is degraded — a request is forwarded to another interface that has nothing to do with the business but to ensure system integrity.
-
RT (Average response time) : When the average response time of a resource exceeds the threshold (in ms), the resource enters the quasi-degraded state. If five requests continue to come in for the next 1s, and their RT continues to exceed this threshold, the method will be degraded within the next time window (in s).
Pay attention to the Sentinel default statistical RT limit is 4900 ms, is beyond the threshold will be classified as 4900 ms, if need to change this limit by startup configuration items – Dcsp. Sentinel. Statistic. Max. RT = XXX to configure.
-
Exception ratio: When the ratio of the total number of exceptions per second to the number of passes of a resource exceeds the threshold, the resource enters the degraded state, that is, in the next time window (in s), all calls to this method are automatically returned. The threshold range for abnormal ratios is [0.0,1.0].
-
Number of exceptions: When the number of exceptions in one minute exceeds the threshold, services are degraded. Notice The statistical time window is minute. If the time window is less than 60 seconds, the circuit breaker may enter the circuit breaker state again after the circuit breaker state ends.
3.3 Hotspot Rules
Hotspot rules allow rules to be specific to parameters.
Let’s use an example to see what happens.
- Write the interface
@GetMapping("/myTest")
@SentinelResource("test3")
public String test123(String name,String age){
return name + "--"+ age;
}
Copy the code- Add rules
- Running effect
The results show that the first parameter is restricted, while the second parameter is normal.
3.4 System Rules
System protection rules control the incoming flow at the application level, and monitor application data from the total Load, RT, incoming QPS, CPU usage and threads of a single machine, so that the system can run at the maximum throughput and ensure the overall stability of the system.
System protection rules are application-wide, not resource-wide, and only apply to incoming traffic (traffic entering the application).
-
Load (only for Linux or UNIX-like machines) : When load1 exceeds the threshold and the number of concurrent threads exceeds the system capacity, system protection is triggered. The system capacity is calculated by the system maxQps * minRt. The reference values are typically CPU cores * 2.5.
-
RT: System protection is triggered when the average RT of all incoming traffic on a single machine reaches a threshold, in milliseconds.
-
Number of threads: System protection is triggered when the number of concurrent threads for all incoming traffic on a single machine reaches a threshold.
-
Inlet QPS: System protection is triggered when the QPS of all inlet flows on a single machine reaches the threshold.
-
CPU usage: When the CPU usage of all incoming traffic on a single machine reaches the threshold, system protection is triggered.
3.5 Authorization Rules
In many cases, we need to determine whether a request is allowed to pass based on the source of the call. In this case, we can use the source control function of Sentinel. Source access control Restricts access to resources based on their origin:
-
If a whitelist is configured, the request can pass only when the request source is in the whitelist.
-
If a blacklist is configured, the request source in the blacklist does not pass, and the rest of the requests pass.
Flow control applications: Sentinel provides RequestOriginParser to handle interface sources.
We run the request access /test interface from ABC source.
@Component
class requestOrigin implements RequestOriginParser{
@Override
public String parseOrigin(HttpServletRequest httpServletRequest) {
String server = httpServletRequest.getParameter("server");
returnserver; }}Copy the codeWe request http://localhost:7003/test? Server = ABC and http://localhost:7003/test? Server =ab to see what happens.
The use of the @ SentinelResource
@SentinelResource is used to define resources and provides optional exception handling and Fallback configuration items.
The main parameters are as follows
| attribute | role |
|---|---|
| value | The name of the resource |
| entryType | The value is IN/OUT. The default value is OUT |
| blockHandler | The name of the function that handles BlockException. The function requirements are: 1. 2. The return type parameter is the same as the original method. 3. By default, the method must be in the same class as the original method. If you want to use functions of other classes, you can configure blockHandlerClass and specify the methods in the blockHandlerClass. |
| blockHandlerClass | The class that holds blockHandler must be static. |
| fallback | 1. The return type is the same as the original method. 2. The parameter type must match the original method. 3. By default, the method must be in the same class as the original method. If you want to use functions of other classes, you can configure fallbackClass |
| fallbackClass | Classes to store fallback. The corresponding handler must be static. |
| defaultFallback | If both Fallback and defaultFallback are configured, fallback prevails. |
| exceptionsToIgnore | Specifies which exceptions to exclude. Exceptions that are excluded will not be counted in the exception statistics and will not enter fallback logic, but will be thrown as is. |
| exceptionsToTrace | Exceptions that need to be traced |
@SentinelResource can be combined with blockHandler for stream limiting and fallback for downgrading. The specific rules can be configured via the Sentinel console, which I will not demonstrate. In the next chapter, I will demonstrate the application of limiting and degrading traffic respectively.
public class MySentinelResource {
@SentinelResource(value="message",blockHandler="blockHandler",fallback="fallback")
public String message(String str){
if(StringUtils.isBlank(str)){
throw new RuntimeException();
}
return str;
}
/** * Stream limiting *@param str
* @param ex
* @return* /
public String blockHandler(String str, BlockedException ex){
return str + "--"+ ex;
}
/** * demote *@param str
* @return* /
public String fallback(String str){
return null; }}Copy the codeCode sample
Gitee:gitee.com/zhixie/spri…
Github:github.com/binzh303/sp…