Service Mesh - heshed/aPaaS GitHub Wiki

Servie Mesh

๊ฐœ๋… ์„ค๋ช…

data plane

๋„คํŠธ์›Œํฌ ํŠธ๋ž˜ํ”ฝ flow ๊ธฐ๋Šฅ์„ ์ œ๊ณตํ•˜๋Š” sidecar proxy. envoy, haproxy, nginx, linkerd, Traefik

  • Service discovery
  • Health checking
  • Routing
  • Load balancing
  • Authentication & authorization
  • Observability : statistics, logging, distributed tracing

control plane

data plane ์„ ์„ค์ •ํ•˜๊ณ  ๊ด€๋ฆฌํ•˜๋Š” ์‹œ์Šคํ…œ

Istio Pilot, Nelson, SmartStack, go-control-plane

  • The human...
  • Control plane UI
  • Workload scheduler
  • Service discovery
  • Sidecar proxy configuration APIs

control plane product

Envoy

control-plane api ๋Š” ์ง์ ‘ ๊ฐœ๋ฐœ์ด ํ•„์š”ํ•˜๋‹ค. istio pilot ์€ k8s ์ „์šฉ์œผ๋กœ ๊ตฌํ˜„๋œ ๊ฒƒ์ด๊ณ , ๋”ฐ๋กœ ๋–ผ์–ด ์“ฐ๊ธฐ์—๋Š” ๋ฌด๋ฆฌ๊ฐ€ ์žˆ๋‹ค. go-control-plane ๋Š” ๊ธฐ๋ณธ stub ์ฝ”๋“œ๋งŒ ๋˜์–ด ์žˆ๊ณ  ์‹ค์ œ ๊ตฌํ˜„์€ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋ฅผ ์ž„ํฌํŠธํ•˜์—ฌ ์ง์ ‘ ๊ตฌํ˜„ํ•ด์•ผ ํ•œ๋‹ค.

Envoy XDS

Discovery Services ๋ฅผ XDS๋กœ ๋ถ€๋ฅด๋Š” ๋“ฏํ•˜๋‹ค.

Cluster Discovery Service (CDS).
Endpoint Discovery Service (EDS).
Health Discovery Service (HDS).
Listener Discovery Service (LDS).
Metric Service (MS).
Rate Limit Service (RLS)
Route Discovery Service (RDS).
Secret Discovery Service (SDS).

XDS์˜ ์—…๋ฐ์ดํŠธ ์ˆœ์„œ๋ฅผ ์„ธ๋ฐ€ํ•˜๊ฒŒ ์…‹ํŒ…ํ•˜๊ธฐ ์œ„ํ•ด์„œ ADS(Aggregated Discovery Service) ์ŠคํŽ™์ด ์ œ๊ณต๋œ๋‹ค.

Writing a control plane for Envoy is not an easy task

Envoy ์šฉ์–ด

  • Cluster
    • Cluster๋Š” Envoy๊ฐ€ ์—ฐ๊ฒฐํ•˜๋Š” ๋…ผ๋ฆฌ์ ์œผ๋กœ ์œ ์‚ฌํ•œ ์—”๋“œํฌ์ธํŠธ์˜ ๊ทธ๋ฃน์ž…๋‹ˆ๋‹ค.v2์—์„œ RDS๋Š” Cluster๋ฅผ ๊ฐ€๋ฆฌํ‚ค๋ฉฐ CDS๋Š” Cluster ๊ตฌ์„ฑ์„ ์ œ๊ณตํ•˜๊ณ  Envoy๋Š” EDS๋ฅผ ํ†ตํ•ด Cluster ๊ตฌ์„ฑ์›์„ ๋ฐœ๊ฒฌํ•ฉ๋‹ˆ๋‹ค.
  • Downstream
    • Downstream ํ˜ธ์ŠคํŠธ๊ฐ€ Envoy์— ์—ฐ๊ฒฐํ•˜๊ณ , ์š”์ฒญ์„ ๋ณด๋‚ด๊ณ , ์‘๋‹ต์„ ์ˆ˜์‹ ํ•ฉ๋‹ˆ๋‹ค.
  • Endpoint
    • Endpoint์€ ํ•˜๋‚˜ ์ด์ƒ์˜ Cluster์˜ ๊ตฌ์„ฑ์›์ธ Upstream ํ˜ธ์ŠคํŠธ์ž…๋‹ˆ๋‹ค. Endpoint๋Š” EDS๋ฅผ ํ†ตํ•ด ๋ฐœ๊ฒฌ๋ฉ๋‹ˆ๋‹ค.
  • Listener
    • Listener๋Š” ๋ช…๋ช…๋œ ๋„คํŠธ์›Œํฌ ์œ„์น˜ (์˜ˆ : ํฌํŠธ, ์œ ๋‹‰์Šค ๋„๋ฉ”์ธ ์†Œ์ผ“ ๋“ฑ)์ž…๋‹ˆ๋‹ค. downstream ํด๋ผ์ด์–ธํŠธ์— ์˜ํ•ด ์—ฐ๊ฒฐ๋  ์ˆ˜ ์žˆ๋Š” ๋„คํŠธ์›Œํฌ ์œ„์น˜์ž…๋‹ˆ๋‹ค. Envoy๋Š” downstream ํ˜ธ์ŠคํŠธ๊ฐ€ ์—ฐ๊ฒฐํ•˜๋Š” ํ•˜๋‚˜ ์ด์ƒ์˜ Listener๋ฅผ ๋…ธ์ถœํ•ฉ๋‹ˆ๋‹ค.
  • Locality
    • Envoy ์ธ์Šคํ„ด์Šค ๋˜๋Š” Endpoint์ด ์‹คํ–‰๋˜๋Š” ์œ„์น˜. ์—ฌ๊ธฐ์—๋Š” zone, zone ๋ฐ sub-zone ์‹๋ณ„์ด ํฌํ•จ๋ฉ๋‹ˆ๋‹ค.
  • Management server
    • v2 Envoy API๋ฅผ ๊ตฌํ˜„ํ•˜๋Š” ๋…ผ๋ฆฌ ์„œ๋ฒ„. ์ด๊ฒƒ์€ ๋ณต์ œ / ์ ˆ๋‹จ ๋  ์ˆ˜ ์žˆ๊ณ  ๋‹ค๋ฅธ xDS API์— ์‚ฌ์šฉ๋˜๋Š” API๊ฐ€ ๋‹ค๋ฅธ ๋ฌผ๋ฆฌ์  ์‹œ์Šคํ…œ์—์„œ ๊ตฌํ˜„ ๋  ์ˆ˜ ์žˆ๊ธฐ ๋•Œ๋ฌธ์— ๋ฐ˜๋“œ์‹œ ๋‹จ์ผ ๋ฌผ๋ฆฌ์  ๊ธฐ๊ณ„๋Š” ์•„๋‹™๋‹ˆ๋‹ค.
  • Region
    • Zone์ด ์œ„์น˜ํ•œ ์ง€๋ฆฌ์  zone.
  • Sub-zone
    • Envoy ์ธ์Šคํ„ด์Šค ๋˜๋Š” Endpoint์ด ์‹คํ–‰๋˜๋Š” zone ๋‚ด์˜ ์œ„์น˜์ž…๋‹ˆ๋‹ค. ์ด๋ฅผ ํ†ตํ•ด Zone ๋‚ด์—์„œ ์—ฌ๋Ÿฌ ๊ฐœ์˜ ๋กœ๋“œ ๋ฐธ๋Ÿฐ์‹ฑ ๋Œ€์ƒ์„ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
  • Upstream
    • Upstream ํ˜ธ์ŠคํŠธ๋Š” Envoy์˜ ์—ฐ๊ฒฐ๊ณผ ์š”์ฒญ์„ ์ˆ˜์‹ ํ•˜๊ณ  ์‘๋‹ต์„ ๋ฐ˜ํ™˜ํ•œ๋‹ค.
  • xDS
    • CDS / EDS / HDS / LDS / RLS / RDS / SDS API.
  • Zone
    • AWS์˜ ๊ฐ€์šฉ์„ฑ Zone (AZ), GCP์˜ Zone.

Gloo ์‹œ์Šคํ…œ ๊ตฌ์„ฑ๋„

Gloo ADS

Istio

k8s ๋กœ์ปฌ ๊ฐœ๋ฐœ

ref