Home - noradle/noradle-dispatcher GitHub Wiki
Welcome to the noradle-dispatcher wiki!
大纲 OVERVIEW
connection topological graph
链接拓扑图
(multiplexed) (utl_tcp)
. clients ===========> dispatcher <---------- oracle processes
(node.js) (node.js) (oracle)
^
. monitor/console
核心功能 core function
- 提供客户端连接 oracle db 的通道,以反向接受 oracle server process 反向连接注册为基础
- 为客户端提供虚拟的指定并发数的到 oracle 的连接(多路复用,并增强管理信息交换)
quality(English)
- good connectivity
- http request for authentication, authorization, property exchange, all open standard
- then http upgrade to private protocol for frame dispatch, targeting lowest runtime and code overhead
- support reversed proxy, tunnel over firewall, pass through against network block
- secure by SSL
- unix domain socket or windows named pipe for lowest overhead, best performance and reliability
- ping/pong heart beat to keep-alive against lose of NAT states, detect peer failure early and automatic trying re-connect
- graceful shutdown to allow any pending request to finish before really shutdown
- good configuration
- default auth-checker, default auth-checer by static json config, customized auth-checker following specification
- command line options to listen http,https,path, meet different connection properties like performance, security
- concurrent control is centralized in database, because it's a strategy to distribute resources as a number of oracle server processes
品质(中文)
- 高品质的链接管理
- 通过开放的HTTP协议,对各类型参与方(oracle,client,console)进行身份认证、鉴权、握手参数交换
- 通过握手过程后,http协议升级到noradle私有数据帧交换协议(通过dispatcher做交换转发),最小的代码开发开销和运行时开销
- 可以通过反向代理接入,可以通过http代理接入从而穿透防火墙,可以突破各种内网访问屏障
- 客户端和管理控制台可以通过SSL/HTTPS加密接入到dispatcher
- 可以通过 unix domain socket 而不是TCP方式接入,获得更加的性能和可靠性
- 内置心跳包机制,可以在NAT中保持状态,并且课程更及时的发现对端通信失败的异常,链接异常可以自动重连
- 所有链接参与方都支持安全退出,所有在途处理中的请求不会受到参与方准备退出的影响,在途处理完毕,相关节点和进程才会最终退出
- 完善的配置
- 参与方验证支持系统自带的本地连接允许通过策略,指定静态json格式的配置,完全定制的认证模块嵌入
- dispatcher的命令行参数可以配置各种监听,包括http,https,unix domain socket path,来满足不同部署需求,包括最快速简单的配置,高安全性配置,高性能高稳定性配置等等
- 客户端访问的并发度配置完全有数据库内配置表配置, 每个并发对应一个oracle后台服务进程资源。
aspect and stages of noradle-dispatcher
- listen with http protocol, use http, https, unix domain socket or windows named pipe, can be proxied
- authenticate client by passwd, client ip, if it's or if not it's from secure transport like https
- ping/pong keep-alive connection according to peer's requirement or by itself's default setting
- detect heartbeat and normal or abnormal quit, release resource or slot
- accept request frames from client and response frame from oracle, and dispatch
- count statistics
- provide runtime state and event data to noradle-console by http pool or realtime server push
限制性设计原则
- 因为处于网络中心位置,其性能、稳定性要求非常高
- 由于保持转发状态(一个请求的中间状态),并且为简化设计,不支持集群,必须单进程来提供海量frame转发
- 功能单一:就是提供一个客户端到oracle的网络通道,额外的集中提供监控数据源(比从其他类型节点提供要方便、集中)
- 只有握手过程使用 http 协议,建立通道后,直接使用简单高效的内部 frame 协议通信
- 除了管理包,不解析,不生成应用 frame 的内容体,只看标准的固定长度的 frame 头,用于 frame 在 client/oracle 间的转发
增强
- 网络增强
- 不直接通过 TCP 建立私有的握手过程,而是通过 http 协议握手,然后 upgrade connection
- 支持 https 接入,提供通信安全性,端到端的相互认证
- 可以通过 node.js/nginx 等常用代理来反向代理内部的 noradle-dispatcher
- 监听连接方式增强
- 完全按照 node.js net.Server.listen 和 net.Client.connect 的参数实现监听和连接
- 支持 unix domain socket pipe,而不仅仅是 TCP/IP(可能采用 node.js http module 无法连接)
- 健壮性
- 支持端到端 ping/pong 包,用于保持中间带状态网元(如防火墙NAT转换状态)、心跳检测
- 支持端到端的 graceful quit 信号处理,确保在途请求处理完毕才最终退出
- 配置增强
- client/oracle/console 向 noradle-dispatcher 的认证提供标准接口,供定制实现认证和授权策略
- 提供标准化的配置格式,实现上述认证和授权,方便使用
- 监控增强
- 可以将完整的时间声名周期通过日志输出
- 可以将上述日志输出改为向 console 实时输出,并由 console UI 实时监控
- in-process client
- noradle client 进程直接 require noradle-dispatcher
- 节省一层网络中转,client 独占一组oracle服务进程
- 直接接入 http 网关
- http://blog.csdn.net/qiaofeiw/article/details/9207359
- 通过 FCGI/SCGI/WCGI 访问 dispatcher 进而访问 oracle,不需要在 dispatcher 外部署处理节点
和 oracle 网络架构比较
noradle-dispatcher 更像是 oracle listener 而不是 oracle dispatcher
每个 oracle db instance 启动后,会自动向 LOCAL_LISTENER 参数指定地址的 oracle listener 注册器服务, 这样当有客户端连接 listener,listen 就可以将TCP句柄转移给 oracle instance 中的服务进程。
noradle 启动 db server processes 后,各个进程也是向 noradle-dispatcher 注册自己。
区别在于,oracle 是数据库实例向 listener 注册,而 noradle 是每个对应组的服务进程向 noradle-dispatcher 注册。
1 serve 1, 1 serve n
- oracle dispatcher 只服务于一个 db instance,并且属于该 db instance
- noradle dispatcher 可以服务于多个 db instance,可以是一个 db 的(RAC/DG),也可以是不同的
server process share 不同
- oracle 下,一个 dispatcher 接受的请求可以被所有的 share server process 处理
- noradle 下,一个 noradle-dispatcher 独占一组 noradle server process,之间不共享,用于不同应用不同业务负载的隔离切分
pre-spawned vs on demand
- oracle listener accept registration of backend oracle databases, but not the real connections
- oracle listener will spawn a server process to new client connection, and handle off the socket fd to the server process
- noradle-dispatcher just accept real backend oracle server process connections to it
- the pre-spawned model for noradle eliminate the overhead of startup/shutdown process
Roadmap 路线图
- 日志提升
- log (debug based) log should classified more clear
- 对于日志输出,分类要更加精细,容易从日志中看出系统运行过程。
- 同时,日后可以将日志改成事件流,在 noradle-console 中实时查看。
- 支持 https
- client can make security connection to noradle-dispatcher
- prevent password leakage
- encrypt transport data
- prevent middle proxy to see the exchanged data between client and dispatcher, allow http tunnel only
- can serve behind proxy
- can behind node.js based proxy, such as http-proxy
- can behind nginx
- keep-alive to sustain TCP(NAT) state
- for oracle, client, console(realtime data)
- configuration
- use oracle's configuration data
- only config http/https ports
- support multiple db instances
- all oracle connection from one db instance one cfg_id will incorporate into one pool
- statistics should bring into pool, not global data
- dispatcher websocket/fastcgi protocol frames to oracle
- browser websocket request frames dispatch to a free oracle server process in the right oracle instance
- web server(nginx...) fastcgi frames dispatch to a free oracle server process in the right oracle instance
- oracle can read the format of stream of websocket/fastcgi frames for a request/response