Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Przychodzi request do usługi...

Adam Dubiel
November 30, 2019
240

Przychodzi request do usługi...

W zależności od wielkości systemu, dzieje się to od kilku razy na minutę do kilku tysięcy razy na sekundę. Żądanie HTTP dociera do usługi napisanej w Java. Jego obsługę możemy podzielić na kilka etapów: magia, kontroler, serwis, repozytorium, magia. Co gorsza elementy magiczne występują często też między kontrolerem a serwisem, serwisem a repozytorium… W czasie tej prezentacji chcę pokazać, co kryje się pod warstwami magii, zwanej również abstrakcją. Zrozumienie tych mechanizmów pozwoli uniknąć błędów i problemów, które najczęściej dopadają nas w czasie największego ruchu na produkcji.

Adam Dubiel

November 30, 2019
Tweet

Transcript

  1. @dubieladam Moje repozytorium Magia Frameworka Mój Serwis Magia Frameworka Mój

    Controller magia Frameworka magia serwera HTTP magia linuxa magia sieci curl
  2. @dubieladam Moje repozytorium Magia Frameworka Mój Serwis Magia Frameworka Mój

    Controller magia Frameworka magia serwera HTTP magia linuxa magia sieci curl
  3. @dubieladam curl -v https://api.github.com/users/dubieladam * Trying 140.82.118.5... * TCP_NODELAY set

    * Connected to api.github.com (140.82.118.5) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.com * start date: Jul 8 00:00:00 2019 GMT * expire date: Jul 16 12:00:00 2020 GMT * subjectAltName: host "api.github.com" matched cert's "*.github.com" * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA * SSL certificate verify ok. > GET /users/dubieladam HTTP/1.1 > Host: api.github.com > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 404 Not Found < Date: Sat, 21 Sep 2019 15:24:43 GMT < Content-Type: application/json; charset=utf-8 < Content-Length: 112 < Server: GitHub.com < Status: 404 Not Found < X-RateLimit-Limit: 60 < X-RateLimit-Remaining: 55 < X-RateLimit-Reset: 1569082878 < X-GitHub-Media-Type: github.v3; format=json < Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type < Access-Control-Allow-Origin: * < Strict-Transport-Security: max-age=31536000; includeSubdomains; preload < X-Frame-Options: deny < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin < Content-Security-Policy: default-src 'none' < X-GitHub-Request-Id: A956:354FE:F57AC9C:129E72B7:5D8640BA < { "message": "Not Found", "documentation_url": "https://developer.github.com/v3/users/#get-a-single-user" } * Connection #0 to host api.github.com left intact
  4. @dubieladam curl -v https://api.github.com/users/dubieladam * Trying 140.82.118.5... * TCP_NODELAY set

    * Connected to api.github.com (140.82.118.5) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.com * start date: Jul 8 00:00:00 2019 GMT * expire date: Jul 16 12:00:00 2020 GMT * subjectAltName: host "api.github.com" matched cert's "*.github.com" * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA * SSL certificate verify ok. > GET /users/dubieladam HTTP/1.1 > Host: api.github.com > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 404 Not Found < Date: Sat, 21 Sep 2019 15:24:43 GMT < Content-Type: application/json; charset=utf-8 < Content-Length: 112 < Server: GitHub.com < Status: 404 Not Found < X-RateLimit-Limit: 60 < X-RateLimit-Remaining: 55 < X-RateLimit-Reset: 1569082878 < X-GitHub-Media-Type: github.v3; format=json < Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type < Access-Control-Allow-Origin: * < Strict-Transport-Security: max-age=31536000; includeSubdomains; preload < X-Frame-Options: deny < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin < Content-Security-Policy: default-src 'none' < X-GitHub-Request-Id: A956:354FE:F57AC9C:129E72B7:5D8640BA < { "message": "Not Found", "documentation_url": "https://developer.github.com/v3/users/#get-a-single-user" } * Connection #0 to host api.github.com left intact
  5. @dubieladam curl -v https://api.github.com/users/dubieladam * Trying 140.82.118.5... * TCP_NODELAY set

    * Connected to api.github.com (140.82.118.5) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.com * start date: Jul 8 00:00:00 2019 GMT * expire date: Jul 16 12:00:00 2020 GMT * subjectAltName: host "api.github.com" matched cert's "*.github.com" * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA * SSL certificate verify ok. > GET /users/dubieladam HTTP/1.1 > Host: api.github.com > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 404 Not Found < Date: Sat, 21 Sep 2019 15:24:43 GMT < Content-Type: application/json; charset=utf-8 < Content-Length: 112 < Server: GitHub.com < Status: 404 Not Found < X-RateLimit-Limit: 60 < X-RateLimit-Remaining: 55 < X-RateLimit-Reset: 1569082878 < X-GitHub-Media-Type: github.v3; format=json < Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type < Access-Control-Allow-Origin: * < Strict-Transport-Security: max-age=31536000; includeSubdomains; preload < X-Frame-Options: deny < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin < Content-Security-Policy: default-src 'none' < X-GitHub-Request-Id: A956:354FE:F57AC9C:129E72B7:5D8640BA < { "message": "Not Found", "documentation_url": "https://developer.github.com/v3/users/#get-a-single-user" } * Connection #0 to host api.github.com left intact
  6. @dubieladam Moje repozytorium Magia Frameworka Mój Serwis Magia Frameworka Mój

    Controller magia Frameworka magia serwera HTTP magia linuxa magia sieci curl
  7. @dubieladam curl -v https://api.github.com/users/dubieladam * Trying 140.82.118.5... * TCP_NODELAY set

    * Connected to api.github.com (140.82.118.5) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.com * start date: Jul 8 00:00:00 2019 GMT * expire date: Jul 16 12:00:00 2020 GMT * subjectAltName: host "api.github.com" matched cert's "*.github.com" * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA * SSL certificate verify ok. > GET /users/dubieladam HTTP/1.1 > Host: api.github.com > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 404 Not Found < Date: Sat, 21 Sep 2019 15:24:43 GMT < Content-Type: application/json; charset=utf-8 < Content-Length: 112 < Server: GitHub.com < Status: 404 Not Found < X-RateLimit-Limit: 60 < X-RateLimit-Remaining: 55 < X-RateLimit-Reset: 1569082878 < X-GitHub-Media-Type: github.v3; format=json < Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type < Access-Control-Allow-Origin: * < Strict-Transport-Security: max-age=31536000; includeSubdomains; preload < X-Frame-Options: deny < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin < Content-Security-Policy: default-src 'none' < X-GitHub-Request-Id: A956:354FE:F57AC9C:129E72B7:5D8640BA < { "message": "Not Found", "documentation_url": "https://developer.github.com/v3/users/#get-a-single-user" } * Connection #0 to host api.github.com left intact
  8. @dubieladam Do wysłania żądania HTTP potrzebna jest współpraca wielu warstw

    Physical Data Link Network Transport Session Presentation Application
  9. @dubieladam Do wysłania żądania HTTP potrzebna jest współpraca wielu warstw

    Physical Data Link Network Transport Session Presentation Application TCP / UDP HTTP
  10. @dubieladam curl curl curl curl curl curl curl curl curl

    curl curl curl curl curl curl curl Ile połączeń może obsłużyć jeden serwer?
  11. @dubieladam Połączenie reprezentowane jest przez "plik" (file descriptor) # ulimit

    -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 7873 max locked memory (kbytes, -l) 16384 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 7873
  12. @dubieladam % wykorzystanych połączeń można raportować lub monitorować z poziomu

    JVM UnixOperatingSystemMXBean UnixOperatingSystemMXBean b = (UnixOperatingSystemMXBean) ManagementFactory.getOperatingSystemMXBean(); double fdUtilization = b.getOpenFileDescriptorCount() / (double) b.getMaxFileDescriptorCount();
  13. @dubieladam % wykorzystanych połączeń można raportować lub monitorować z poziomu

    systemu operacyjnego lsof -a -p <pid> | wc -l lsof -a -d ^txt,^mem,^cwd,^rtd,^DEL -p <pid> | wc -l wyklucza fd otwierane przez kernel w imieniu procesu (nie wliczają się do limitu)
  14. @dubieladam Pierwszym ograniczeniem jest maksymalna liczba połączeń możliwych do zestawienia

    Drugim ograniczeniem jest maksymalna liczba połączeń możliwych do obsłużenia
  15. @dubieladam W modelu blokującym system i aplikacja działają razem: na

    czytanie/pisanie danych z połączenia alokowany jest wątek
  16. @dubieladam accept blocking read / write blocking read / write

    blocking read / write blocking read / write liczba wątków O(N) 01001011 01001011
  17. @dubieladam accept blocking read / write blocking read / write

    blocking read / write blocking read / write 01001011 01001011 blocking read / write blocking read / write blocking read / write blocking read / write W modelu blokującym system i aplikacja działają razem: na czytanie/pisanie danych z połączenia alokowany jest wątek
  18. @dubieladam blocking read / write blocking read / write blocking

    read / write blocking read / write IO thread IO thread IO thread IO thread
  19. @dubieladam blocking read / write blocking read / write blocking

    read / write blocking read / write IO thread IO thread IO thread IO thread worker thread worker thread worker thread worker thread worker thread worker thread
  20. @dubieladam blocking read / write blocking read / write blocking

    read / write blocking read / write IO thread IO thread IO thread IO thread worker thread worker thread worker thread worker thread worker thread 01001011 worker thread 01011
  21. @dubieladam epoll read / write blocking read / write blocking

    read / write blocking read / write IO thread IO thread IO thread IO thread worker thread worker thread worker thread worker thread worker thread worker thread
  22. @dubieladam epoll read / write epoll epoll epoll read /

    write IO thread IO thread IO thread IO thread worker thread worker thread worker thread worker thread worker thread worker thread
  23. @dubieladam epoll epoll epoll epoll IO thread IO thread IO

    thread IO thread worker thread worker thread worker thread worker thread worker thread worker thread
  24. @dubieladam epo ll IO IO IO IO worker thread worker

    thread worker thread worker thread worker thread worker thread
  25. @dubieladam Moje repozytorium Magia Frameworka Mój Serwis Magia Frameworka Mój

    Controller magia Frameworka magia serwera HTTP magia linuxa magia sieci curl
  26. @dubieladam curl -v https://api.github.com/users/dubieladam * Trying 140.82.118.5... * TCP_NODELAY set

    * Connected to api.github.com (140.82.118.5) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.com * start date: Jul 8 00:00:00 2019 GMT * expire date: Jul 16 12:00:00 2020 GMT * subjectAltName: host "api.github.com" matched cert's "*.github.com" * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA * SSL certificate verify ok. > GET /users/dubieladam HTTP/1.1 > Host: api.github.com > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 404 Not Found < Date: Sat, 21 Sep 2019 15:24:43 GMT < Content-Type: application/json; charset=utf-8 < Content-Length: 112 < Server: GitHub.com < Status: 404 Not Found < X-RateLimit-Limit: 60 < X-RateLimit-Remaining: 55 < X-RateLimit-Reset: 1569082878 < X-GitHub-Media-Type: github.v3; format=json < Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type < Access-Control-Allow-Origin: * < Strict-Transport-Security: max-age=31536000; includeSubdomains; preload < X-Frame-Options: deny < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin < Content-Security-Policy: default-src 'none' < X-GitHub-Request-Id: A956:354FE:F57AC9C:129E72B7:5D8640BA < { "message": "Not Found", "documentation_url": "https://developer.github.com/v3/users/#get-a-single-user" } * Connection #0 to host api.github.com left intact
  27. @dubieladam Wątki odpowiedzialne za obsługę transakcji większość czasu blokują i

    czekają na inne zasoby Moje repozytorium Mój Serwis Mój Controller
  28. @dubieladam Wątki odpowiedzialne za obsługę transakcji większość czasu blokują i

    czekają na inne zasoby Moje repozytorium Mój Serwis Mój Controller
  29. @dubieladam Model blokujących wątków jest prosty i intuicyjny, ale wymaga

    zabezpieczania się przed kaskadującymi błędami
  30. @dubieladam IO IO w/t w/t w/t w/t custom thread pool

    1 custom thread pool 1 custom thread pool 2 custom thread pool 2
  31. @dubieladam IO IO w/t w/t w/t w/t custom thread pool

    1 custom thread pool 1 custom thread pool 2 custom thread pool 2
  32. @dubieladam ☠ IO IO w/t w/t w/t w/t custom thread

    pool 1 custom thread pool 1 custom thread pool 2 custom thread pool 2 wątek nie jest blokowany! (chyba, że sami zablokujemy)
  33. @dubieladam Asynchroniczne przetwarzanie możliwe jest dzięki zmianom w Servlet 3.0

    (AsyncContext) custom thread pool 1 worker thread AsyncContext ctx = request.startAsync(); pool.submit(() -> { // do stuff ctx.getResponse() .getOutputStream().println(...); ctx.complete(); })
  34. @dubieladam Pisanie / odczyt ze strumienia wciąż pozostaje blokujące custom

    thread pool 1 worker thread AsyncContext ctx = request.startAsync(); pool.submit(() -> { // do stuff ctx.getResponse() .getOutputStream().println(...); ctx.complete(); }) pisanie / czytanie to wciąż operacje blokujące..
  35. @dubieladam Nieblokujące czytanie / pisanie możliwe jest dzięki zmianom w

    Servlet 3.1 (Read & WriteListener) custom thread pool 1 worker thread AsyncContext ctx = request.startAsync(); pool.submit(() -> { // do stuff ctx.getResponse() .getOutputStream() .setWriteListener(() -> ...) ctx.complete(); })
  36. @dubieladam Circuit breaker może dodawać izolację wątkową, lub być prostym

    semaforem IO IO w/t w/t w/t w/t semafor IO IO w/t w/t w/t w/t cb/t cb/t cb/t
  37. @dubieladam Semafor może zamknąć obwód, ale nie daje ochrony przed

    wydłużonym czekaniem IO IO w/t w/t w/t w/t ☠ 500 semafor
  38. @dubieladam Semafor może zamknąć obwód, ale nie daje ochrony przed

    wydłużonym czekaniem IO IO w/t w/t w/t w/t ☠ semafor ⏳
  39. @dubieladam Przy dodatkowej izolacji należy uważać, czy jest ona potrzebna

    i jak skonfigurowana jest pula wątków w/t w/t w/t w/t cb/t cb/t cb/t c/t c/t c/t c/t
  40. @dubieladam Przy dodatkowej izolacji należy uważać, czy timeouty ze sobą

    współgrają IO IO w/t w/t w/t w/t cb/t cb/t cb/t ⌛ ⏳
  41. @dubieladam Timeout na circuit breaker nie oznacza, że zwalnia się

    wątek pod spodem worker thread circuit breaker thread
  42. @dubieladam Timeout na circuit breaker nie oznacza, że zwalnia się

    wątek pod spodem worker thread ☠ circuit breaker thread
  43. @dubieladam Timeout na circuit breaker nie oznacza, że zwalnia się

    wątek pod spodem worker thread ☠ ⏳ circuit breaker thread
  44. @dubieladam Timeout na circuit breaker nie oznacza, że zwalnia się

    wątek pod spodem worker thread ☠ ⏳ ⌛ circuit breaker thread t T t < T
  45. @dubieladam curl -v https://api.github.com/users/dubieladam * Trying 140.82.118.5... * TCP_NODELAY set

    * Connected to api.github.com (140.82.118.5) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.com * start date: Jul 8 00:00:00 2019 GMT * expire date: Jul 16 12:00:00 2020 GMT * subjectAltName: host "api.github.com" matched cert's "*.github.com" * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA * SSL certificate verify ok. > GET /users/dubieladam HTTP/1.1 > Host: api.github.com > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 404 Not Found < Date: Sat, 21 Sep 2019 15:24:43 GMT < Content-Type: application/json; charset=utf-8 < Content-Length: 112 < Server: GitHub.com < Status: 404 Not Found < X-RateLimit-Limit: 60 < X-RateLimit-Remaining: 55 < X-RateLimit-Reset: 1569082878 < X-GitHub-Media-Type: github.v3; format=json < Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type < Access-Control-Allow-Origin: * < Strict-Transport-Security: max-age=31536000; includeSubdomains; preload < X-Frame-Options: deny < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin < Content-Security-Policy: default-src 'none' < X-GitHub-Request-Id: A956:354FE:F57AC9C:129E72B7:5D8640BA < { "message": "Not Found", "documentation_url": "https://developer.github.com/v3/users/#get-a-single-user" } * Connection #0 to host api.github.com left intact
  46. @dubieladam Moje repozytorium Magia Frameworka Mój Serwis Magia Frameworka Mój

    Controller magia Frameworka magia serwera HTTP magia linuxa magia sieci curl
  47. @dubieladam Głównym celem jest przepustowość i skalowalność, nie latency Model

    blokujących wątków jest prosty i intuicyjny, ale wymaga zabezpieczania się przed kaskadującymi błędami Linie obrony: timeout izolacja circuit breaker