istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
istio.io/archive/v0.6/blog/2017/mixer-spof-myth.html

2 lines
21 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html><html lang="en" itemscope itemtype="https://schema.org/WebPage"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><meta name="theme-color" content="#466BB0"/><meta name="title" content="Mixer and the SPOF Myth"><meta name="description" content="Improving availability and reducing latency"><meta name="og:title" content="Mixer and the SPOF Myth"><meta name="og:description" content="Improving availability and reducing latency"><meta name="og:url" content="/blog/2017/mixer-spof-myth.html"><meta name="og.site_name" content="Istio"><title>Istioldie 0.6 / Mixer and the SPOF Myth</title><script> window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)};ga.l=+new Date; ga('create', 'UA-98480406-2', 'auto'); ga('send', 'pageview'); </script> <script async src='https://www.google-analytics.com/analytics.js'></script><link rel="alternate" type="application/rss+xml" title="Istio Blog RSS" href="/v0.6/feed.xml"><link rel="shortcut icon" href="/v0.6/favicons/favicon.ico" ><link rel="apple-touch-icon" href="/v0.6/favicons/apple-touch-icon-180x180.png" sizes="180x180"><link rel="icon" type="image/png" href="/v0.6/favicons/favicon-16x16.png" sizes="16x16"><link rel="icon" type="image/png" href="/v0.6/favicons/favicon-32x32.png" sizes="32x32"><link rel="icon" type="image/png" href="/v0.6/favicons/android-36x36.png" sizes="36x36"><link rel="icon" type="image/png" href="/v0.6/favicons/android-48x48.png" sizes="48x48"><link rel="icon" type="image/png" href="/v0.6/favicons/android-72x72.png" sizes="72x72"><link rel="icon" type="image/png" href="/v0.6/favicons/android-96x196.png" sizes="96x196"><link rel="icon" type="image/png" href="/v0.6/favicons/android-144x144.png" sizes="144x144"><link rel="icon" type="image/png" href="/v0.6/favicons/android-192x192.png" sizes="192x192"><link rel="manifest" href="/v0.6/manifest.json"><meta name="apple-mobile-web-app-title" content="Istio"><meta name="application-name" content="Istio"><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic"><link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous"><link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.6/css/all.css"><link rel="stylesheet" href="/v0.6/css/light_theme.css" title="light"><link rel="alternate stylesheet" href="/v0.6/css/dark_theme.css" title="dark"> <script src="/v0.6/js/styleSwitcher.min.js"></script></head><body class="language-unknown theme-unknown"><header role="banner"><nav class="navbar navbar-expand-md navbar-dark fixed-top bg-dark"> <a class="navbar-brand" href="/v0.6/" style="visibility: visible"> <img class="logo" src="/v0.6/img/istio-logo.svg" alt="Istio Logo"/> <span class="brand-name">Istioldie 0.6</span> </a> <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarCollapse" aria-controls="navbarCollapse" aria-expanded="false" aria-label="Toggle navigation"> <span class="navbar-toggler-icon"></span> </button><div class="collapse navbar-collapse justify-content-end" id="navbarCollapse"><ul class="navbar-nav"><li class="nav-item"> <a class="nav-link " href="/v0.6/about/intro.html">About</a></li><li class="nav-item"> <a class="nav-link active" href="/v0.6/blog/2018/traffic-mirroring.html">Blog</a></li><li class="nav-item"> <a class="nav-link " href="/v0.6/docs/">Docs</a></li><li class="nav-item"> <a class="nav-link " href="/v0.6/help/">Help</a></li><li class="nav-item"> <a class="nav-link " href="/v0.6/community.html">Community</a></li><li class="nav-item dropdown" id="gearDropdown" style="white-space: nowrap"> <a href="" class="nav-link dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <i style="width: 1em" class='fa fa-lg fa-cog'></i> </a><ul class="dropdown-menu" aria-labelledby="gearDropdown"><h6 class="dropdown-header">Other versions of this site</h6><li> <a href="https://istio.io">Current Release</a></li><li> <a href="https://preliminary.istio.io">Next Release</a></li><li> <a href="https://archive.istio.io">Older Releases</a></li><li class="dropdown-divider"></li><li> <i class='fa fa-check light'></i> <a href="" onclick="setActiveStyleSheet('light');return false;">Light Theme</a></li><li> <i class='fa fa-check dark'></i> <a href="" onclick="setActiveStyleSheet('dark');return false;">Dark Theme</a></li></ul></li></ul><form name="cse" id="searchbox" class="form-inline justify-content-end" role="search"> <input type="hidden" name="cx" value="013699703217164175118:iwwf17ikgf4" /> <input type="hidden" name="ie" value="utf-8" /> <input type="hidden" name="hl" value="en" /><div class="input-group"> <input name="q" class="form-control search-box" type="text" size="30" /> <button class="btn btn-search input-group-addon my-2 my-sm-0 fa fa-search" type="submit"></button></div></form></div></nav></header><div class="container-fluid blog"><div class="row row-offcanvas row-offcanvas-left"><div class="col-6 col-md-3 col-xl-2 sidebar-offcanvas"><nav class="sidebar"><div class="spacer"></div><div class="directory" role="tablist"><div class="card"><div class="card-header" role="tab" id="header1"> <a data-toggle="collapse" href="#collapse1" title="Blog posts for 2018" role="button" aria-controls="collapse1"><div> 2018 Posts</div></a></div><div id="collapse1" class="collapse" data-parent="#sidebar" role="tabpanel" aria-labelledby="header1"><div class="card-body"><ul class="tree"><li> <a title="An introduction to safer, lower-risk deployments and release to production" href="/v0.6/blog/2018/traffic-mirroring.html">Traffic mirroring with Istio for testing in production</a></li><li> <a title="Describes a simple scenario based on Istio Bookinfo sample" href="/v0.6/blog/2018/egress-tcp.html">Consuming External TCP Services</a></li><li> <a title="Describes a simple scenario based on Istio Bookinfo sample" href="/v0.6/blog/2018/egress-https.html">Consuming External Web Services</a></li></ul></div></div></div><div class="card"><div class="card-header" role="tab" id="header5"> <a data-toggle="collapse" href="#collapse5" title="Blog posts for 2017" role="button" aria-controls="collapse5"><div> 2017 Posts</div></a></div><div id="collapse5" class="collapse show" data-parent="#sidebar" role="tabpanel" aria-labelledby="header5"><div class="card-body"><ul class="tree"><li> <span class="current" title="Improving availability and reducing latency">Mixer and the SPOF Myth</span></li><li> <a title="Provides an overview of the Mixer plug-in architecture" href="/v0.6/blog/2017/adapter-model.html">Mixer Adapter Model</a></li><li> <a title="Istio 0.2 announcement" href="/v0.6/blog/2017/0.2-announcement.html">Announcing Istio 0.2</a></li><li> <a title="How Kubernetes Network Policy relates to Istio policy" href="/v0.6/blog/2017/0.1-using-network-policy.html">Using Network Policy with Istio</a></li><li> <a title="Using Istio to create autoscaled canary deployments" href="/v0.6/blog/2017/0.1-canary.html">Canary Deployments using Istio</a></li><li> <a title="Istio Auth 0.1 announcement" href="/v0.6/blog/2017/0.1-auth.html">Using Istio to Improve End-to-End Security</a></li><li> <a title="Istio 0.1 announcement" href="/v0.6/blog/2017/0.1-announcement.html">Introducing Istio</a></li></ul></div></div></div><div class="text-center" style="margin-top: 1em; font-size: 1.2em;" > <a href="/v0.6/feed.xml"> <img style="width: 1.4em;" src="/v0.6/img/rss.svg" alt="RSS"/> Subscribe </a></div></div></nav></div><div class="col-12 col-md-9 col-lg-7 col-xl-8"><p class="d-md-none"> <label class="sidebar-toggler" data-toggle="offcanvas"> <i class="fa fa-chevron-right"></i> </label></p><main role="main"><h1>Mixer and the SPOF Myth</h1><p class="subtitle">Improving availability and reducing latency</p><p class="byline"> By <span class="attribution">Martin Taillefer</span> / <span class="publish_date">December 7, 2017</span></p><p>As <a href="/v0.6/docs/concepts/policy-and-control/mixer.html">Mixer</a> is in the request path, it is natural to question how it impacts overall system availability and latency. A common refrain we hear when people first glance at Istio architecture diagrams is “Isnt this just introducing a single point of failure?”</p><p>In this post, well dig deeper and cover the design principles that underpin Mixer and the surprising fact Mixer actually increases overall mesh availability and reduces average request latency.</p><p>Istios use of Mixer has two main benefits in terms of overall system availability and latency:</p><ul><li><p><strong>Increased SLO</strong>. Mixer insulates proxies and services from infrastructure backend failures, enabling higher effective mesh availability. The mesh as a whole tends to experience a lower rate of failure when interacting with the infrastructure backends than if Mixer were not present.</p></li><li><p><strong>Reduced Latency</strong>. Through aggressive use of shared multi-level caches and sharding, Mixer reduces average observed latencies across the mesh.</p></li></ul><p>Well explain this in more detail below.</p><h2 id="how-we-got-here">How we got here</h2><p>For many years at Google, weve been using an internal API &amp; service management system to handle the many APIs exposed by Google. This system has been fronting the worlds biggest services (Google Maps, YouTube, Gmail, etc) and sustains a peak rate of hundreds of millions of QPS. Although this system has served us well, it had problems keeping up with Googles rapid growth, and it became clear that a new architecture was needed in order to tamp down ballooning operational costs.</p><p>In 2014, we started an initiative to create a replacement architecture that would scale better. The result has proven extremely successful and has been gradually deployed throughout Google, saving in the process millions of dollars a month in ops costs.</p><p>The older system was built around a centralized fleet of fairly heavy proxies into which all incoming traffic would flow, before being forwarded to the services where the real work was done. The newer architecture jettisons the shared proxy design and instead consists of a very lean and efficient distributed sidecar proxy sitting next to service instances, along with a shared fleet of sharded control plane intermediaries:</p><div class="figure" style="width: 75%;"><div class="wrapper-with-intrinsic-ratio" style="padding-bottom: 74.79%"><figure> <a href="./img/mixer-spof-myth-1.svg"> <img class="element-to-stretch" src="./img/mixer-spof-myth-1.svg" alt="Google System Topology" title="Google System Topology" /> </a></figure></div><p>Google's API &amp; Service Management System</p></div><p>Look familiar? Of course: its just like Istio! Istio was conceived as a second generation of this distributed proxy architecture. We took the core lessons from this internal system, generalized many of the concepts by working with our partners, and created Istio.</p><h2 id="architecture-recap">Architecture recap</h2><p>As shown in the diagram below, Mixer sits between the mesh and the infrastructure backends that support it:</p><div class="figure" style="width: 75%;"><div class="wrapper-with-intrinsic-ratio" style="padding-bottom: 65.89%"><figure> <a href="./img/mixer-spof-myth-2.svg"> <img class="element-to-stretch" src="./img/mixer-spof-myth-2.svg" alt="Istio Topology" title="Istio Topology" /> </a></figure></div><p>Istio Topology</p></div><p>The Envoy sidecar logically calls Mixer before each request to perform precondition checks, and after each request to report telemetry. The sidecar has local caching such that a relatively large percentage of precondition checks can be performed from cache. Additionally, the sidecar buffers outgoing telemetry such that it only actually needs to call Mixer once for every several thousands requests. Whereas precondition checks are synchronous to request processing, telemetry reports are done asynchronously with a fire-and-forget pattern.</p><p>At a high level, Mixer provides:</p><ul><li><p><strong>Backend Abstraction</strong>. Mixer insulates the Istio components and services within the mesh from the implementation details of individual infrastructure backends.</p></li><li><p><strong>Intermediation</strong>. Mixer allows operators to have fine-grained control over all interactions between the mesh and the infrastructure backends.</p></li></ul><p>However, even beyond these purely functional aspects, Mixer has other characteristics that provide the system with additional benefits.</p><h2 id="mixer-slo-booster">Mixer: SLO booster</h2><p>Contrary to the claim that Mixer is a SPOF and can therefore lead to mesh outages, we believe it in fact improves the effective availability of a mesh. How can that be? There are three basic characteristics at play:</p><ul><li><p><strong>Statelessness</strong>. Mixer is stateless in that it doesnt manage any persistent storage of its own.</p></li><li><p><strong>Hardening</strong>. Mixer proper is designed to be a highly reliable component. The design intent is to achieve &gt; 99.999% uptime for any individual Mixer instance.</p></li><li><p><strong>Caching and Buffering</strong>. Mixer is designed to accumulate a large amount of transient ephemeral state.</p></li></ul><p>The sidecar proxies that sit next to each service instance in the mesh must necessarily be frugal in terms of memory consumption, which constrains the possible amount of local caching and buffering. Mixer, however, lives independently and can use considerably larger caches and output buffers. Mixer thus acts as a highly-scaled and highly-available second-level cache for the sidecars.</p><p>Mixers expected availability is considerably higher than most infrastructure backends (those often have availability of perhaps 99.9%). Its local caches and buffers help mask infrastructure backend failures by being able to continue operating even when a backend has become unresponsive.</p><h2 id="mixer-latency-slasher">Mixer: Latency slasher</h2><p>As we explained above, the Istio sidecars generally have fairly effective first-level caching. They can serve the majority of their traffic from cache. Mixer provides a much greater shared pool of second-level cache, which helps Mixer contribute to a lower average per-request latency.</p><p>While its busy cutting down latency, Mixer is also inherently cutting down the number of calls your mesh makes to infrastructure backends. Depending on how youre paying for these backends, this might end up saving you some cash by cutting down the effective QPS to the backends.</p><h2 id="work-ahead">Work ahead</h2><p>We have opportunities ahead to continue improving the system in many ways.</p><h3 id="config-canaries">Config canaries</h3><p>Mixer is highly scaled so it is generally resistant to individual instance failures. However, Mixer is still susceptible to cascading failures in the case when a poison configuration is deployed which causes all Mixer instances to crash basically at the same time (yeah, that would be a bad day). To prevent this from happening, config changes can be canaried to a small set of Mixer instances, and then more broadly rolled out.</p><p>Mixer doesnt yet do canarying of config changes, but we expect this to come online as part of Istios ongoing work on reliable config distribution.</p><h3 id="cache-tuning">Cache tuning</h3><p>We have yet to fine-tune the sizes of the sidecar and Mixer caches. This work will focus on achieving the highest performance possible using the least amount of resources.</p><h3 id="cache-sharing">Cache sharing</h3><p>At the moment, each Mixer instance operates independently of all other instances. A request handled by one Mixer instance will not leverage data cached in a different instance. We will eventually experiment with a distributed cache such as memcached or Redis in order to provide a much larger mesh-wide shared cache, and further reduce the number of calls to infrastructure backends.</p><h3 id="sharding">Sharding</h3><p>In very large meshes, the load on Mixer can be great. There can be a large number of Mixer instances, each straining to keep caches primed to satisfy incoming traffic. We expect to eventually introduce intelligent sharding such that Mixer instances become slightly specialized in handling particular data streams in order to increase the likelihood of cache hits. In other words, sharding helps improve cache efficiency by routing related traffic to the same Mixer instance over time, rather than randomly dispatching to any available Mixer instance.</p><h2 id="conclusion">Conclusion</h2><p>Practical experience at Google showed that the model of a slim sidecar proxy and a large shared caching control plane intermediary hits a sweet spot, delivering excellent perceived availability and latency. Weve taken the lessons learned there and applied them to create more sophisticated and effective caching, prefetching, and buffering strategies in Istio. Weve also optimized the communication protocols to reduce overhead when a cache miss does occur.</p><p>Mixer is still young. As of Istio 0.3, we havent really done significant performance work within Mixer itself. This means when a request misses the sidecar cache, we spend more time in Mixer to respond to requests than we should. Were doing a lot of work to improve this in coming months to reduce the overhead that Mixer imparts in the synchronous precondition check case.</p><p>We hope this post makes you appreciate the inherent benefits that Mixer brings to Istio. Dont hesitate to post comments or questions to <a href="https://groups.google.com/forum/#!forum/istio-integrations">istio-integrations@</a>.</p></main></div><div class="col-12 col-md-2 d-none d-lg-block"><nav class="toc"><div class="spacer"></div><div class="directory" role="directory"><ul><li><a href="#how-we-got-here">How we got here</a></li><li><a href="#architecture-recap">Architecture recap</a></li><li><a href="#mixer-slo-booster">Mixer: SLO booster</a></li><li><a href="#mixer-latency-slasher">Mixer: Latency slasher</a></li><li><a href="#work-ahead">Work ahead</a><ul><li><a href="#config-canaries">Config canaries</a></li><li><a href="#cache-tuning">Cache tuning</a></li><li><a href="#cache-sharing">Cache sharing</a></li><li><a href="#sharding">Sharding</a></li></ul></li><li><a href="#conclusion">Conclusion</a></li></ul></div></nav></div></div></div><div class="footer"><footer><div class="container-fluid"><div class="row"><div class="col-sm-2"></div><nav class=" col-12 col-sm-3" role="navigation"><ul class="first"><li><a class="header" href="/v0.6/docs/">Docs</a></li><li><a href="/v0.6/docs/concepts/">Concepts</a></li><li><a href="/v0.6/docs/setup/">Setup</a></li><li><a href="/v0.6/docs/tasks/">Tasks</a></li><li><a href="/v0.6/docs/guides/">Guides</a></li><li><a href="/v0.6/docs/reference/">Reference</a></li></ul></nav><nav class="col-12 col-sm-3" role="navigation"><ul><li><a class="header" href="/v0.6/help/">Help</a></li><li><a href="/v0.6/help/faq/index.html">FAQ</a></li><li><a href="/v0.6/help/glossary.html">Glossary</a></li><li><a href="/v0.6/help/troubleshooting.html">Troubleshooting</a></li><li><a href="/v0.6/help/bugs.html">Report Bugs</a></li><li><a href="https://github.com/istio/istio.github.io/issues/new?title=Issue with _blog/2017/mixer-spof-myth.md" target="_blank" rel="noopener">Doc Bugs & Gaps</a></li><li><a href="https://github.com/istio/istio.github.io/edit/master/_blog/2017/mixer-spof-myth.md" target="_blank" rel="noopener">Edit This Page</a></li></ul></nav><nav class="col-12 col-sm-3" role="navigation"><ul><li><a class="header" href="/v0.6/community.html">Community</a></li><li> <a href="https://groups.google.com/forum/#!forum/istio-users" target="_blank" rel="noopener">User</a> | <a href="https://groups.google.com/forum/#!forum/istio-dev" target="_blank" rel="noopener">Dev Mailing Lists</a></li><li><a href="https://twitter.com/IstioMesh" target="_blank" rel="noopener">Twitter</a></li><li><a href="https://stackoverflow.com/questions/tagged/istio" target="_blank" rel="noopener">Stack Overflow</a></li><li><a href="https://github.com/istio/community/" target="_blank" rel="noopener">GitHub</a></li><li><a href="https://github.com/istio/community/blob/master/WORKING-GROUPS.md" target="_blank" rel="noopener">Working Groups</a></li></ul></nav></div><div class="row"><div class="col-12"><p class="description text-center" role="contentinfo"> Istio Archive 0.6, Copyright &copy; 2018 Istio Authors<br> Archived on 02-Apr-2018</p></div></div></div></footer></div><script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js"></script> <script src="https://www.google.com/cse/brand?form=searchbox"></script> <script src="/v0.6/js/misc.min.js"></script></body></html>
Reference in New Issue View Git Blame Copy Permalink