516, Java Spring Cloud Alibaba - [Spring Cloud Alibaba Sentinel - below], 2021.10.11

1. Sentinel Console Cooperates with Project Practice

1.1 Attempt to restrict access path

1. Open the Cluster Point Link menu just now and try to limit the access path:


Resource name: Unique name, default request path.
For Source: Sentinel can limit the flow to the caller, fill in the microservice name, default (source-insensitive).

Threshold type

QPS (Query Per Second): The number of requests per second is how many requests are processed by the persuader in one second.
Number of threads: Limit the flow when the number of threads calling the api reaches the threshold.

FlowCtrlMode
Direct: When the api reaches the current limit condition, it directly limits the current.
Association: Limit the current itself when the associated resource reaches the threshold. A interface is associated with B interface, and when B interface reaches the threshold, allows A interface to limit the current to protect B interface. For example, payment interface and order interface, payment interface reach the threshold, and order interface limit the current to protect the payment interface.
Link: Only traffic on the specified link is recorded (traffic to and from the specified resource entry resource is restricted if the threshold is reached).

 Flow control effect

Fast Failure: is the default flow control method when QPS When the threshold for any rule is exceeded, the new request is rejected immediately by throwing it out FlowException. This method is useful when the processing capacity of the system is known, for example, when the exact water level of the system is determined by pressure measurement.
Warm up: I.e. preheating/Cold start mode. When the system is in low water level for a long time, when the flow rate suddenly increases, pulling the system up to high water level may instantly crush the system."Cold boot"´╝îLet the flow through slowly increase, gradually increasing to the upper threshold within a certain period of time, giving the cooling system a preheating time to avoid the cold system being crushed.
Queue waiting: The time interval between requests is strictly controlled, that is, requests pass at an even speed, corresponding to the leaky bucket algorithm.

2. The QPS value I set is 1, direct api, fast failure, so request/api/member/service more than once in a second:

#### Request Test
GET http://localhost:10801/api/member/service
Accept: */*
Cache-Control: no-cache

The request resulted in:

Blocked by Sentinel (flow limiting)

Access has proven to have been restricted by Sentinel, and it has quickly failed.

1.2.Attempting to limit flow to service resources

First, to prevent the interference of multiple rules, delete the access path restriction rule you just set.

1. Open the Cluster Point Link menu just now and try to limit the flow of service resources:

QPS (Query Per Second): The number of requests per second is how many requests are processed by the persuader in one second.

2. I set the QPS value to 1, direct api, fast failure, so I called memberService.sayHello() several times in a second:

Request Test
GET http://localhost:10801/api/member/service
Accept: /
Cache-Control: no-cache

The request resulted in:

I am sorry, Member!

Why did the result not make a mistake? I returned normally? Careful colleagues found that I was responsible for setting up the downgrade method, sayHelloFail():

    @SentinelResource(value = "sayHello", fallback = "sayHelloFail")
    public String sayHello() {
        return "Hello, Member! ";
    }

    public String sayHelloFail() {
        return "I am sorry, Member! ";
    }

1.3 Attempt to melt down exception service

1. Open the Cluster Point Link menu just now and try to blow up the exception service:

Fuse strategy
Slow call ratio: Select the slow call ratio as the threshold, need to set the allowable slow call RT (i.e. the maximum response time), request response time greater than this value is counted as slow call. When unit statistics time (statIntervalMs)If the number of internal requests is greater than the minimum number of requests set, and the proportion of slow calls is greater than the threshold, the requests will be automatically blown during the next blown-up period. After the blown-up period, the fuse will enter the detection recovery state (HALF-OPEN state).If the next request response time is less than the set slow call RT, the melting will end, and if the set slow call RT is greater, the melting will occur again.
Exception ratio: When the number of requests within the unit statistics duration (statIntervalMs) is greater than the minimum number of requests set, and the exception ratio is greater than the threshold, the requests will be automatically broken during the next fuse duration. After the duration of the fuse, the fuser will enter the detection recovery state (HALF-OPEN state) and if the next request completes successfully (without error)End the melting, otherwise it will be melted again. The threshold range of the anomaly ratio is [0.0, 1.0], representing 0% - 100%.
Number of exceptions: The number of exceptions in the unit counting time period will automatically break when it exceeds the threshold value. After the breaking time period, the fuse will enter the detection recovery state (HALF-OPEN state), and if the next request completes successfully (without error), the break will end or it will be broken again.

2. We did a little bit of code modification and restarted the project:

    @RequestMapping("/service")
    public String service(String name) throws InterruptedException {
        TimeUnit.MILLISECONDS.sleep(400);
        return memberService.sayHello(name);
    }

3. The maximum tolerated response time I set is 200ms, the ratio is 50%, the code is forced to delay 400ms, that is, 100% timeout, and 50% of five requests per unit time are set to break, so more than five requests/api/member/service in one second:

#### Request Test
GET http://localhost:10801/api/member/service
Accept: */*
Cache-Control: no-cache

The request resulted in:

Blocked by Sentinel (flow limiting)

Access has proven to be restricted by Sentinel and the exception service has been broken.

4. The melt-down time I set is 2 seconds, and after 2 seconds I request 2 more times/api/member/service:

#### Request Test
GET http://localhost:10801/api/member/service
Accept: */*
Cache-Control: no-cache

The request resulted in:

Hello, Member!
Blocked by Sentinel (flow limiting)

Why is that so? Didn't you request twice? And shouldn't you let it go after 2 seconds? Because my code forced a delay of 400 ms, the request after 2 seconds still timed out, and the first success was due to the need for statistics.

Sentinel will enter the detection recovery state (HALF-OPEN state) after a long time of fusing. If the next request response time is less than the set slow call RT, the fuse will end. If the set slow call RT is greater than the set slow call RT, it will be fused again.

5. Similar to the 4.2 scenario, if I write in Resource Services a forced delay of 400 ms in my code:

    @SentinelResource(value = "sayHello", fallback = "sayHelloFail")
    public String sayHello(String name) throws InterruptedException {
        TimeUnit.MILLISECONDS.sleep(400);
        return "Hello, Member! " + name;
    }

    public String sayHelloFail(String name) {
        return "I am sorry, Member! " + name;
    }


Same settings, same requests, more than five requests/api/member/service in one second:

#### Request Test
GET http://localhost:10801/api/member/service
Accept: */*
Cache-Control: no-cache

The request resulted in:

I am sorry, Member!

Access has proved to be restricted by Sentinel, and although the exception service has been corrupted, the downgrade method sayHelloFail() is set to return the results normally.

1.4 Attempt to limit flow to hot spot parameters

Hot spots are frequently visited data;
For example, the QPS of a commodity interface is limited to 100, and one day it is time to kill seconds. Requests with a seconds killing commodity ID are limited to 50, so that 50 QPS can be used to access other commodities.

Let's start with a minor code modification, add a request parameter name d**, and restart the project**:

@Service
public class MemberService {

    @SentinelResource(value = "sayHello", fallback = "sayHelloFail")
    public String sayHello(String name) {
        return "Hello, Member! " + name;
    }

    public String sayHelloFail(String name) {
        return "I am sorry, Member! " + name;
    }

}

@RestController
@RequestMapping
public class HelloController {

    @Resource
    private MemberService memberService;

    @RequestMapping("/service")
    public String service(String name) {
        return memberService.sayHello(name);
    }

}

2. On the Hot Spot Rules menu, add a new Hot Spot Rule with the resource name "sayHello":

Parameter index set to 0, indicating the first request parameter
Single machine threshold set 10, statistics window duration set 1
Parameter value set string baicai, current limit threshold set 1

In general, the same request/api/member/service?name=xxx, when the parameter passes baicai, the QPS exception is controlled to 1, whereas any value passed by the parameter is controlled to 10.

3. Try multiple requests/api/member/service in one second?Name=baicai:

#### Request Test
GET http://localhost:10801/api/member/service?name=baicai
Accept: */*
Cache-Control: no-cache

The request resulted in:

I am sorry, Member! baicai

4. Try multiple requests/api/member/service in one second?Name=luobo:

#### Request Test
GET http://localhost:10801/api/member/service?name=luobo
Accept: */*
Cache-Control: no-cache

The request resulted in:

Hello, Member! luobo

It has been shown that when the parameter is baicai, access to QPS is restricted beyond 1, but the downgrade method sayHelloFail() still returns the result normally.

1.5.Try Black and White List Control

Many times, we need to decide whether the request is allowed or not based on the source of the call, when Sentinel's Source Access Control (Black and White List Control) function can be used. Source Access Control is based on the source of the resource's request (origin)Limit whether resources can be passed or not, whitelist configuration allows only requests from whitelist sources; blacklist configuration does not allow requests from blacklist sources, and the remaining requests pass.



The test results are similar to those above, but I don't elaborate much here. See here, has Sentinel conquered you with its power?

2. Reference Links

[01] Digging - Java Spring Cloud Alibaba Sentinel

Tags: Java Spring css Java framework

Posted on Sun, 10 Oct 2021 12:23:28 -0400 by ddemore