Connecting Thousands of Services at LY Corporation with Central Dogma Control Plane

Transcript

1. $POOFDUJOH
   5IPVTBOET
   PG
   4FSWJDFT
   BU
   -:
   $PSQPSBUJPO
   XJUI
   $FOUSBM
   %PHNB
   $POUSPM
   1MBOF %FWFMPQFS
   F9QFSJFODF
   -*/&
   1MVT
   $PSQPSBUJPO .JOXPP
   4POH )BOOBN
   3IFF

2. "HFOEB • #BDLHSPVOE
   
   $POUFYU • 0VS
   $IBMMFOHFT • $FOUSBM
   %PHNB
   $POUSPM
   1MBOF • 4JEFDBSMFTT
   4FSWJDF
   .FTI •

   3FDBQ
   
   'VUVSF
   8PSL

3. • .BOBHJOH
   BOE
   EJTUSJCVUJOH
   USBGGJD
   QPMJDJFT
   GPS
   TFSWJDFUPTFSWJDF
   DPNNVOJDBUJPO
   UP
   UIF
   EBUB
   QMBOF • "EWBOUBHFT • $FOUSBMJ[FE
   TFSWJDF
   DPOGJHVSBUJPO
   NBOBHFNFOU • %ZOBNJD
   TFSWJDF
   SFDPOGJHVSBUJPO •

   8F
   JNQMFNFOUFE
   UIJT
   PO
   $FOUSBM
   %PHNB $POUSPM
   1MBOF

4. 8IBU
   JT
   $FOUSBM
   %PHNB $FOUSBM
   %PHNB 6* "QQMJDBUJPOT 7JFX
   $POGJHT 8BUDI
   $POGJHT 3FQPTJUPSZ
   4FSWJDF
   GPS
   5FYUVBM
   $POGJHVSBUJPO (JUCBTFE
   4UPSBHF .PEJGZ
   $POpHT

5. .JSSPSJOH
   GSPN
   BO
   &YUFSOBM
   (JU
   3FQPTJUPSZ .PEJGZ
   $POGJHT 7JFX
   $POpHT 8BUDI
   $POGJHT $IBOHF
   :PVS
   $POGJHVSBUJPO
   4BGFMZ
   UISPVHI
   1VMM
   3FRVFTU (JU)VC $PVME
   CF
   BOZ
   FYUFSOBM
   HJU
   QSPWJEFS 1SPQPTF $IBOHFT $FOUSBM
   %PHNB

   6* "QQMJDBUJPOT (JUCBTFE
   4UPSBHF

6. "HFOEB • #BDLHSPVOE
   
   $POUFYU • 0VS
   $IBMMFOHFT
   • $FOUSBM
   %PHNB
   $POUSPM
   1MBOF • 4JEFDBSMFTT
   4FSWJDF
   .FTI •

   3FDBQ
   
   'VUVSF
   8PSL

7. :PVS
   "QQ $POUSPM
   1MBOF • 4FSWJDF
   SFHJTUSZ • 1PMJDJFT • 5SBGpD
   DPOUSPM • $BOBSZ
   SFMFBTFT

   • 5SBGpD
   DPOUSPM • $MJFOUTJEF
   MPBE
   CBMBODJOH $VTUPN
   .FTTBHF
   4DIFNB 0VS -FHBDZ
   $POUSPM
   1MBOF
   %BZT 0UIFS
   "QQ 1SPKFDU
   .BOBHFNFOU
   5PPM
   1.$ $VTUPN
   $MJFOU :PVS
   1PE :PVS
   1PE :PVS
   1PE :PVS
   1PE :PVS
   1PE 1IZTJDBM
   BOE
   7JSUVBM
   .BDIJOFT

8. • 5JHIU
   $PVQMJOH
   XJUI
   1.$
   LT
   TVQQPSU • /P
   EZOBNJD
   SFHJTUSBUJPO • -BDL
   PG
   *OUFSPQFSBCJMJUZ • 8IJDI
   DMJFOU
   TVQQPSUT
   UIF
   DVTUPN
   NFTTBHF
   TDIFNB •

   -JNJUFE
   5SBGGJD
   $POUSPM • "
   SFHJTUSZ
   OPU
   B
   USVF
   DPOUSPM
   QMBOF -JNJUBUJPOT
   PG
   UIF
   -FHBDZ
   4ZTUFN

9. • 4VQQPSU
   GPS
   %JWFSTF
   4PVSDFT r 1.$
   7.T
   1.T
   BOE
   LT • *OUFSPQFSBCJMJUZ
   XJUI
   &OWPZ r

   *OEVTUSZ
   4UBOEBSE
   Y%4
   1SPUPDPM • (JU0QT#BTFE
   8PSLqPX • )JHI
   3FMJBCJMJUZ • 3PCVTU
   "VUI 4ZTUFN 4IPVME
   8F
   .PWF
   UP
   "OPUIFS
   4PMVUJPO %FTJHO
   $POTJEFSBUJPOT
   GPS
   B
   /FX
   4ZTUFN

10. ʜ 8F DPVMEO`U
    GJOE
    POF
    UIBU GJUT
    BMM
    PG
    UIFN
    

11. • 4VQQPSU
    GPS
    %JWFSTF
    4PVSDFT r 1.$
    7.T
    1.T
    BOE
    LT • *OUFSPQFSBCJMJUZ
    XJUI
    &OWPZ r

    *OEVTUSZ
    4UBOEBSE
    Y%4
    1SPUPDPM • (JU0QT#BTFE
    8PSLqPX  .JSSPSJOH • )JHI
    3FMJBCJMJUZ
    r .VMUJEBUBDFOUFS
    SFQMJDBUJPO • 3PCVTU
    "VUI 4ZTUFN 8BJU
    $FOUSBM
    %PHNB
    4VQQPSUT %FTJHO
    $POTJEFSBUJPOT
    GPS
    B
    /FX
    4ZTUFN

12. "HFOEB • #BDLHSPVOE
    
    $POUFYU • 0VS
    $IBMMFOHFT • $FOUSBM
    %PHNB
    $POUSPM
    1MBOF
    • 4JEFDBSMFTT
    4FSWJDF
    .FTI •

    3FDBQ
    
    'VUVSF
    8PSL

13. :PVS
    "QQ $POUSPM
    1MBOF • 4FSWJDF
    SFHJTUSZ • 1PMJDJFT • "DDFTT
    DPOUSPM • -PBE
    CBMBODJOH

    • ;POFBXBSF
    SPVUJOH • "VUPNBUJD
    SFUSJFT • $JSDVJU
    CSFBLFST • ʜ Your Pod Your Pod Your Pod Your Pod Your Pod 1IZTJDBM
    BOE
    7JSUVBM
    .BDIJOFT • "DDFTT
    DPOUSPM • $PODVSSFODZ
    DPOUSPM • 5SBGpD
    DPOUSPM • .FUSJDT • ʜ Y%4
    1SPUPDPM 1SPKFDU
    .BOBHFNFOU
    5PPM
    1.$ 0UIFS
    "QQ 0VUCPVOE 4JEFDBS *OCPVOE 4JEFDBS 0UIFS
    "QQ • "DDFTT
    DPOUSPM • $MJFOUTJEF
    MPBE
    CBMBODJOH • $JSDVJU
    CSFBLFS • "VUPNBUJD
    SFUSJFT • ʜ ,T
    &OEQPJOU
    
    1MVHJO %ZOBNJD
    3FHJTUSBUJPO

14. 'SPN
    -FHBDZ
    4DIFNB
    UP
    Y%4
    3FTPVSDFT // Legacy schema { "zone": "DC-1", "groups": [ {

    "name": "iPad" } ], "pmcProjectId": "foo", "pmcFarmId": "foo-BETA", "hostname": "foo-beta1-dev", "ip": "10.10.10.11", "port": 8080, "weight": 1000, "status": "NORMAL", "slow_start": 0.05 }, ... // xDS resources "locality": { "zone": "DC-1" }, "lbEndpoints": [ { "endpoint": { "address": { "socketAddress": { "address": "10.10.10.11", "portValue": 8080 } }, "hostname": "foo-beta1-dev" }, "metadata": { "filterMetadata": { "jp.co.lycorp.attributes": { "slowStart": 0.05 } } }, "loadBalancingWeight": 1000, "healthStatus": "HEALTHY" }, ... #VJME
    ZPVS
    PXO
    QMVHJO
    BOE
    TFBNMFTTMZ
    JOUFHSBUF
    XJUI
    Y%4
    Š JU`T
    FBTJFS
    UIBO
    ZPV
    UIJOL

15. 'SPN
    LT
    $POUSPM
    1MBOF
    UP
    Y%4
    3FTPVSDFT Control Plane Watch Changes // Registered via XdsKubernetesService //

    on Central Dogma { "name": "groups/foo/k8s/endpointAggregators/foo/beta", "clusterName": "groups/foo/k8s/clusters/foo/beta", "localityLbEndpoints": [ { "watcher": { "serviceName": "foo-beta", "portName": "foo-port", "kubeconfig": { "controlPlaneUrl": "https://foo.com/v1/abcdef-ghijk", "credentialId": "foo-beta-cred" } }, "locality": { "zone": "dc-1" } }] }

16. "VUPNBUJD
    3FHJTUSBUJPO
    PO
    4UBSUVQ // Register via gRPC or HTTP API. rpc RegisterLocalityLbEndpoint(RegisterLocalityLbEndpointRequest)

    returns (LocalityLbEndpoint) { option (google.api.http) = { patch: "/api/v1/xds/{endpoint_name=groups/*/endpoints/**}:registerLocalityLbEndpoint" body: "locality_lb_endpoint" }; }

17. • "
    TFSWJDF
    NFTI
    DPOUSPM
    QMBOF • *NQMFNFOUT
    UIF
    JOEVTUSZ
    TUBOEBSE
    Y%4
    QSPUPDPM • %FTJHOFE
    XJUI
    -:`T
    IFUFSPHFOFPVT
    JOGSBTUSVDUVSF
    JO
    NJOE •
    "MM
    FYJTUJOH
    $FOUSBM
    %PHNB
    BEWBOUBHFT • (JU0QT#BTFE
    8PSLGMPX

    
    )JHI
    3FMJBCJMJUZ
    3PCVTU
    "VUIPSJ[BUJPO $FOUSBM
    %PHNB
    $POUSPM
    1MBOF

18. "HFOEB • #BDLHSPVOE
    
    $POUFYU • 0VS
    $IBMMFOHFT • $FOUSBM
    %PHNB
    $POUSPM
    1MBOF • 4JEFDBSMFTT
    4FSWJDF
    .FTI
    •

    3FDBQ
    
    'VUVSF
    8PSL

19. 3FDBQ
    "
    5ZQJDBM
    ,T
    "QQMJDBUJPO "VUPNBUFE
    EFQMPZNFOU
    TDBMJOH
    BOE
    NBOBHFNFOU
    PG
    DPOUBJOFSJ[FE
    BQQMJDBUJPOT

20. 3FDBQ
    "EEJOH
    *TUJP
    JOUP
    UIF
    1JDUVSF *OGSBTUSVDUVSF
    MBZFS
    UIBU
    HJWFT
    BQQMJDBUJPOT
    DBQBCJMJUJFT
    MJLF [FSPUSVTU
    TFDVSJUZ
    PCTFSWBCJMJUZ
    BOE
    BEWBODFE
    USBGGJD
    NBOBHFNFOU • 4FSWJDF
    SFHJTUSZ • "DDFTT
    DPOUSPM

    • "EWBODFE
    MPBE
    CBMBODJOH
    FH
    ;POFBXBSF
    SPVUJOH • "VUPNBUJD
    SFUSJFT • $JSDVJU
    CSFBLFST • 

21. 3FDBQ
    8JUI
    $%$1 5IF
    GVODUJPOBMJUZ
    PG
    *TUJP
    DBO
    CF
    SFQMBDFE
    XJUI
    UIF
    $FOUSBM
    %PHNB
    $POUSPM
    1MBOF

22. 5FDIOJDBMMZ
    UIF
    FYUFSOBM
    BQQMJDBUJPO
    DBO
    BMTP
    TFOE
    SFRVFTUT
    UISPVHI
    BO
    FOWPZ
    TJEFDBS /PU
    NBOBHFE
    CZ
    LT
    NFBOT • *ODSFBTFE
    EFQMPZNFOUNBOBHFNFOU
    DPNQMFYJUZ • "OPUIFS
    QPJOU
    PG
    GBJMVSF 4JODF
    NJHSBUJOH
    FWFSZ
    TFSWJDF
    UP
    LT
    BU
    PODF
    NBZ
    OPU
    CF
    USJWJBM $BMMJOH
    GSPN
    &YUFSOBM
    &OWJSPONFOUT

23. "MM
    PG
    UIF
    VTVBM
    HPPEJFT • ;FSPUSVTU
    TFDVSJUZ
    PCTFSWBCJMJUZ
    BOE
    BEWBODFE
    USBGpD
    NBOBHFNFOU "EEFE
    CPOVT • -FTT
    OFUXPSL
    IPQT
    MFTT
    MBUFODZ
    BOE
    MFTT
    QPJOUT
    PG
    GBJMVSFT

    (PJOH
    4JEFDBSMFTT

24. "SNFSJB JT
    B
    NJDSPTFSWJDF
    GSBNFXPSL
    VTFE
    FYUFOTJWFMZ
    XJUIJO
    -: (PJOH
    4JEFDBSMFTT
    XJUI
    "SNFSJB

25. 4P
    8IBU
    JT
    "SNFSJB "SNFSJB JT
    ZPVS
    HPUP
    NJDSPTFSWJDF
    GSBNFXPSL
    GPS
    BOZ
    TJUVBUJPO
    :PV
    DBO
    CVJME
    BOZ
    UZQF
    PG
    NJDSPTFSWJDF
    MFWFSBHJOH
    ZPVS
    GBWPSJUF
    UFDIOPMPHJFT
    JODMVEJOH
    H31$
    5ISJGU
    ,PUMJO

    
    3FUSPpU
    3FBDUJWF
    4USFBNT
    4QSJOH
    #PPU
    BOE
    %SPQXJ[BSE *U
    JT
    PQFOTPVSDFE
    CZ
    UIF
    DSFBUPS
    PG
    /FUUZ
    BOE
    IJT
    DPMMFBHVFT
    BU
    -:
    $PSQPSBUJPO // A simple HTTP client var client = WebClient.of("http://my-endpoint.com") .decorator(CircuitBreakerClient.newDecorator(..)) .decorator(RetryingClient.newDecorator(..)) .build(); // send a GET request var response = client.get("/").aggregate().join(); 8IBU
    JG
    "SNFSJB PGGFSFE
    B
    TQFDJBM
    DMJFOU
    XIJDI
    DPVME
    BDU
    BT
    B
    EBUB
    QMBOF

26. "SNFSJB BT
    B
    %BUB
    1MBOF var bootstrapStr = """ dynamic_resources: lds_config: ... cluster_name:

    controlplane_cluster static_resources: clusters: - name: controlplane_cluster load_assignment: ... socket_address: address: my-control-plane.com """; var xdsBootstrap = XdsBootstrap.of(fromYaml(bootstrap)); %JTDMBJNFS
    5IF
    EFTJHO
    BOE
    JNQMFNFOUBUJPO
    JT
    JO
    QSPHSFTT
    BOE
    NBZ
    CF
    TVCKFDU
    UP
    DIBOHF "
    UZQJDBM
    FOWPZ
    CPPUTUSBQ DPOpHVSBUJPO 1BSTF
    UIF
    CPPUTUSBQ
    JOUP
    BO
    9ET#PPUTUSBQ
    5IF
    "SNFSJB DMJFOU
    XJMM
    VTF
    UIJT
    CPPUTUSBQ
    JOGPSNBUJPO
    UP
    BDU
    BT
    B
    EBUB
    QMBOF 8IJDI
    DPOUSPM
    QMBOF
    TIPVME
    XF
    VTF
    UP
    GFUDI
    SFTPVSDFT "
    SFTPVSDF JT
    B
    DPMMFDUJPO
    PG
    QPMJDJFT
    PG
    IPX
    UP
    SPVUF
    SFRVFTUT %FGJOFT
    IPX
    UP
    DPOOFDU
    UP
    B
    DPOUSPM
    QMBOF    

27. "SNFSJB BT
    B
    %BUB
    1MBOF var xdsBootstrap = XdsBootstrap.of(bootstrap); var client = WebClient.of(ofListener("my-listener",

    xdsBootstrap)); var res = client.get("/").aggregate().join(); Disclaimer: The design and implementation is in progress and may be subject to change How to connect to the control plane. Which resource should be used to route requests. A resource represents a collection of routing policies. The client automatically fetches the resource from the control plane and sends requests, effectively acting as a data plane. Create a client based on the resource name and the bootstrap configuration.    

28. %ZOBNJD
    3FDPOGJHVSBUJPO var xdsBootstrap = XdsBootstrap.of(bootstrap); var client = WebClient.of(ofListener("my-listener", xdsBootstrap));

    var res = client.get("/").aggregate().join(); // A simple HTTP client var client = WebClient.of("http://my-endpoint.com") .decorator(CircuitBreakerClient.newDecorator(..)) .decorator(RetryingClient.newDecorator(..)) .build(); // send a GET request var response = client.get("/").aggregate().join(); /PUJDF
    UIBU • /P
    OFFE
    UP
    TQFDJGZ
    UIF
    FOEQPJOU
    63- • /P
    OFFE
    UP
    TQFDJGZ
    $JSDVJU
    #SFBLFS DPOGJHVSBUJPOT • /P
    OFFE
    UP
    TQFDJGZ
    3FUSZJOH DPOGJHVSBUJPOT &WFSZUIJOH
    JT
    %ZOBNJD

29. *NBHJOF
    HPJOH
    DPNQMFUFMZ
    4JEFDBSMFTT We can still use envoy in k8s, but we

    can also go completely sidecar-less. (if you would like!) Less hops means: • Less latency • Less points of failures • Less complexity • Easier debugging

30. )PX
    -*/&
    TFOET
    1VTI
    3FRVFTUT Tune into the  Main Room C session for

    details on how this was done. "Pushsphere: LINE's Secret Recipe for Reliable, Prompt and High-Volume Push Notifications"

31. "HFOEB • #BDLHSPVOE
    
    $POUFYU • 0VS
    $IBMMFOHFT • $FOUSBM
    %PHNB
    $POUSPM
    1MBOF • 4JEFDBSMFTT
    4FSWJDF
    .FTI •

    3FDBQ
    
    'VUVSF
    8PSL

32. • $FOUSBM
    %PHNB
    $POUSPM
    1MBOF • "
    TFSWJDF
    NFTI
    DPOUSPM
    QMBOF EFTJHOFE
    GPS
    IFUFSPHFOFPVT
    JOGSBTUSVDUVSF • *OIFSJUT
    BMM
    UIF
    QSPWFO
    TUSFOHUIT
    PG
    $FOUSBM
    %PHNB • (PJOH
    4JEFDBSMFTT •

    $BMM
    LT
    TFSWJDFT
    GSPN
    FYUFSOBM
    FOWJSPONFOUT
    FBTJFS
    NJHSBUJPO • -FTT
    DPNQMFYJUZ
    MFTT
    IPQT
    MFTT
    GBJMVSF • 4VQQPSUFE
    CZ
    "SNFSJB 3FDBQ

33. • $FOUSBM
    %PHNB
    $POUSPM
    1MBOF • 6TFS
    *OUFSGBDF • *NQSPWFE
    3FTPVSDF
    "VUIPSJ[BUJPO • 4JEFDBSMFTT
    %BUB
    1MBOF • #FUUFS
    *OUFSPQ
    XJUI
    UIF
    Y%4
    1SPUPDPM

    • %FCVH
    .FOV • $VTUPN
    'JMUFS
    3FHJTUSZ 'VUVSF
    8PSL 8F
    DBO
    CVJME
    UIJT
    UPHFUIFS
    

34. HJUIVCDPNMJOFDFOUSBMEPHNB HJUIVCDPNMJOFBSNFSJB