The production practice of Zhanku based on service grid ASM
Background
ZCOOL was founded in Beijing in August 2006 and has been deeply involved in the field of design for many years. It has gathered 15 million designers, photographers, illustrators, artists and creative people, and has a certain influence and appeal in the design creative community. At the beginning of its establishment, Zhanku has taken "making design more valuable" as its mission. Over the years, it has been committed to creating a "Zhanku original copyright ecosystem" with original design as the core.
At present, in addition to the main designer interaction platform "Zhanku.com", Zhanku.com also focuses on polishing the one-stop legitimate visual content trading platform - "Zhankuhailuo", and the one-stop creative marketing solution co-creation platform - "Zhanku.com". It is worth mentioning that Zhanku recently released the AIGC product - "AI Creation Lab". Through text input, high-quality images can be generated in one minute. Since the public beta, hundreds of thousands of images have been generated. In the future, an exclusive community for AIGC learning and sharing will also be formed.
We will continue to work hard in the field of artificial intelligence to help designers improve efficiency, better focus on the creativity of artistic works and stimulate creative inspiration. This series of ecological layout of Zhanku provides high-quality professional services for design and creative practitioners in all aspects of learning, exhibition, communication, employment, trading and entrepreneurship, and provides efficient copyright solutions and three-dimensional visual services for designers and enterprises' growth.
Technical challenges
In terms of Zhanku's business architecture, although the Kubernetes platform has solved the problem of business container production scheduling, it still faces many challenges in terms of service governance, observation and security.
1. Multi-language and multi-cluster service unified management
For Internet users, Zhanku.com provides various services such as Zhanku.com, Zhankuhailuo, and Zhanku.com Learning. These services are developed using multiple technology stacks such as node.js, Java, and php, and deployed in multiple Kubernetes clusters. How to uniformly manage these services through a unified business center is a big technical challenge.
2. Construction of service index observation system
For the above business architecture, it is difficult to achieve a unified observable system for different application services and conduct unified real-time monitoring of service indicators.
3. Automated integration of service governance
As Zhanku has built a unified business center, it has a strong demand for automatic configuration of service deployment, maintenance and governance. For scenarios of multi-cluster service governance, certain automation integration capabilities are required.
Production Practice of ASM Based on Service Grid
As a basic core technology used to manage application service communication, service grid brings secure, reliable, fast, and application-agnostic service governance, security, and observability for the invocation between application services. It provides a non-intrusive and efficient solution for the governance, observation and other challenges of multilingual application services.
As the first fully hosted Istio-compatible service grid in the industry, the Alibaba Cloud service grid product ASM maintains the consistency with the community and industry trends from the beginning. The components of the control plane are hosted on the Alibaba Cloud side, independent of the user clusters on the data side. ASM products are customized and implemented based on Istio, which is open source in the community, and provide component capabilities to support refined traffic management and security management on the control side of the hosting. Through the hosting mode, the life cycle management of Istio components and the managed K8s cluster is decoupled, which makes the architecture more flexible and improves the scalability of the system.
Compared with the community service grid Istio, the service grid ASM provides more powerful and practical capabilities, including multi-cluster unified hosting, plug-and-play plug-in center, and observability center that is deeply integrated with Alibaba Cloud products, which can better help Sitecool solve various technical challenges in business construction and significantly reduce operation and maintenance costs.
At present, all Internet user services of Zhanku have been connected to ASM, including Zhanku master station, Zhanku Hailuo, etc.
The business architecture of Zhanku is as follows:
1. Application service management under multi-cluster and multi-language
In the production practice of Zhanku, the multi-cluster and multi-language business architecture has brought a great challenge to unified management. For service grid, due to the non-intrusive nature of Sidecar mode, multilingual applications developed with different technology stacks can be managed in a unified way, achieving significant reduction in operation and maintenance costs. However, for Istio, a community service grid, the service governance under multiple clusters and the compatibility of different Kuberenets clusters are still a great challenge.
By using the service grid ASM, the unified management of multi-cluster, multi-form and multi-language services has become a very simple task. The managed service grid ASM provides unified traffic management capability, unified service security capability, unified service observability capability, and unified agent scalability capability in becoming the infrastructure for unified management of various heterogeneous types of computing services, thus building enterprise-level capabilities.
Managed architecture of service grid ASM
As shown in the figure above, the service grid ASM provides a unified control capability for the various data plane cluster forms provided by Alibaba Cloud container services, making the cluster form no longer a constraint on the production environment of the service grid.
At the same time, due to its managed architecture, the service grid ASM can uniformly control multiple data plane clusters. With the ability of ASM multi-cluster management and control, Zhanku can uniformly manage the services in its multiple dataplane clusters through an ASM instance, effectively solving the challenge of realizing unified management access for multi-cluster applications.
For multiple clusters of data planes, ASM uses the global namespace method to manage. Different namespaces in multiple data plane clusters are summarized into one ASM instance, and Sidecar injection configuration can be performed uniformly in the global namespace. At the same time, ASM also supports two-way one-click synchronization of namespace information between ASM instances and different dataplane clusters.
The global namespace management of the service grid ASM supports the configuration of Sidecar injection management under the namespaces of multiple clusters
2. Unification of north-south and east-west flow control
As the traffic entry of a series of services in the cluster such as Sitecool, Sitecool Hailuo, Sitecool Learning, etc., Sitecool has enabled multiple ASM gateways to forward and control the traffic of the services in the cluster.
Sitecool's services mainly use HTTP and gRPC protocols. ASM gateway has high support maturity for these protocols, and can natively support request load balancing, request routing based on a variety of rich matching conditions and other gateway capabilities.
On the basis of Istio's gateway in the community, ASM Enterprise Edition provides more enterprise-level advanced features, including index scaling (HPA), performance optimization based on the combination of software and hardware based on Intel MultiBuffer technology, gateway lossless upgrade, SLB elegant offline, etc., so that the gateway really reaches the production availability level and can well support various enterprise-level services.
ASM gateway also supports graphical configuration of upstream services, domain name certificates, etc., significantly improving the operation and maintenance efficiency
3. Use ASM observation center for real-time monitoring of the whole business
After the main business services are migrated to the service grid platform, using the log and indicator reporting capabilities of the service grid Sidecar, we can naturally build a unified observable capability for different services in the grid and the ASM gateway itself.
In the grid observable management center, the service grid ASM provides a complete grid observable scheme. It not only provides a variety of observable forms such as log center, Prometheus monitoring, grid topology, etc., but also has deep integration with other observable cloud products of Alibaba Cloud (SLS log service, ARMS monitoring service, etc.) (and is compatible with open source observable solutions), and can configure the dashboard of various observable indicators in a one-stop manner.
In the production environment, Zhanku mainly uses the log center to build grid observability. ASM provides automatic collection of gateway and grid Sidecar logs by integrating with log service, and provides log dashboards for gateway and grid Sidecar access logs, providing monitoring of practical indicators including request error rate, P95 delay, etc., to achieve unified observability of multi-cluster heterogeneous applications.
ASM Observable Management Center and Log Dashboard
4. Plug-in market - use ASM plug-in to activate expansion capability
In the process of migrating to the service grid ASM, Sitecool found that there are certain compatibility problems between the service grid platform and its own business architecture. Specifically, the data side Sidecar of the service grid will convert the headers in the request and response to lowercase by default. Although this behavior is not a problem for most http services, it still affects services that are sensitive to header case.
This problem can be solved by activating the plug-in expansion capability of Sidecar on the data side and allowing it to retain the case of the header. The service grid ASM provides a plug-and-play plug-in market in the plug-in expansion center. For various actual business scenarios, a variety of plug-and-play plug-ins are provided. After a few simple parameter configurations, various expansion capabilities of the data side Sidecar can be quickly enabled. By taking advantage of the ASM plug-in market, Zhanku has solved the problems encountered in business migration in a short time.
ASM plug-in market, providing a series of plug-in expansion capabilities that can be enabled with one button
5. Automation API integration
On the basis of providing various features of the enterprise service grid platform, automation integration is also a key part of the grid platform. In production practice, because of its own business center, Zhanku will have a strong demand for automation integration of the service grid platform.
As an Alibaba Cloud product, the service grid ASM, in addition to the general OpenAPI/SDK integration method, also provides other diversified product function module integration methods, including Kube API, Terraform, etc. The major function modules provided by the product can not only be accessed through the ASM console, but also be integrated into the manufacturer's own business center in the form of API to help grid operation and maintenance automation.
For example, in the production practice of Zhanku, the global namespace management function mentioned above is integrated into its own business center in the form of Open API by Zhanku, realizing complete automatic management of multiple clusters in the grid. For grid configuration, Kube API is used to achieve smooth docking with the original GitOps platform.
Expectation
With the continuous transformation of station cool business services, it will continue to obtain more rich and convenient enterprise-level features based on Alibaba Cloud service grid ASM products to help reduce costs and increase efficiency, including but not limited to:
1. Provide convenient intra-grid service security and authentication scheme: ASM has now provided the ASM security policy center to help quickly configure the gateway and intra-grid service security authentication scheme
2. More refined traffic governance capability: With the deepening of the service transformation of the station, we will continue to explore a number of enterprise-level traffic governance features provided by ASM, such as full-link grayscale release, local current limit, and interface-level fuse.
ZCOOL was founded in Beijing in August 2006 and has been deeply involved in the field of design for many years. It has gathered 15 million designers, photographers, illustrators, artists and creative people, and has a certain influence and appeal in the design creative community. At the beginning of its establishment, Zhanku has taken "making design more valuable" as its mission. Over the years, it has been committed to creating a "Zhanku original copyright ecosystem" with original design as the core.
At present, in addition to the main designer interaction platform "Zhanku.com", Zhanku.com also focuses on polishing the one-stop legitimate visual content trading platform - "Zhankuhailuo", and the one-stop creative marketing solution co-creation platform - "Zhanku.com". It is worth mentioning that Zhanku recently released the AIGC product - "AI Creation Lab". Through text input, high-quality images can be generated in one minute. Since the public beta, hundreds of thousands of images have been generated. In the future, an exclusive community for AIGC learning and sharing will also be formed.
We will continue to work hard in the field of artificial intelligence to help designers improve efficiency, better focus on the creativity of artistic works and stimulate creative inspiration. This series of ecological layout of Zhanku provides high-quality professional services for design and creative practitioners in all aspects of learning, exhibition, communication, employment, trading and entrepreneurship, and provides efficient copyright solutions and three-dimensional visual services for designers and enterprises' growth.
Technical challenges
In terms of Zhanku's business architecture, although the Kubernetes platform has solved the problem of business container production scheduling, it still faces many challenges in terms of service governance, observation and security.
1. Multi-language and multi-cluster service unified management
For Internet users, Zhanku.com provides various services such as Zhanku.com, Zhankuhailuo, and Zhanku.com Learning. These services are developed using multiple technology stacks such as node.js, Java, and php, and deployed in multiple Kubernetes clusters. How to uniformly manage these services through a unified business center is a big technical challenge.
2. Construction of service index observation system
For the above business architecture, it is difficult to achieve a unified observable system for different application services and conduct unified real-time monitoring of service indicators.
3. Automated integration of service governance
As Zhanku has built a unified business center, it has a strong demand for automatic configuration of service deployment, maintenance and governance. For scenarios of multi-cluster service governance, certain automation integration capabilities are required.
Production Practice of ASM Based on Service Grid
As a basic core technology used to manage application service communication, service grid brings secure, reliable, fast, and application-agnostic service governance, security, and observability for the invocation between application services. It provides a non-intrusive and efficient solution for the governance, observation and other challenges of multilingual application services.
As the first fully hosted Istio-compatible service grid in the industry, the Alibaba Cloud service grid product ASM maintains the consistency with the community and industry trends from the beginning. The components of the control plane are hosted on the Alibaba Cloud side, independent of the user clusters on the data side. ASM products are customized and implemented based on Istio, which is open source in the community, and provide component capabilities to support refined traffic management and security management on the control side of the hosting. Through the hosting mode, the life cycle management of Istio components and the managed K8s cluster is decoupled, which makes the architecture more flexible and improves the scalability of the system.
Compared with the community service grid Istio, the service grid ASM provides more powerful and practical capabilities, including multi-cluster unified hosting, plug-and-play plug-in center, and observability center that is deeply integrated with Alibaba Cloud products, which can better help Sitecool solve various technical challenges in business construction and significantly reduce operation and maintenance costs.
At present, all Internet user services of Zhanku have been connected to ASM, including Zhanku master station, Zhanku Hailuo, etc.
The business architecture of Zhanku is as follows:
1. Application service management under multi-cluster and multi-language
In the production practice of Zhanku, the multi-cluster and multi-language business architecture has brought a great challenge to unified management. For service grid, due to the non-intrusive nature of Sidecar mode, multilingual applications developed with different technology stacks can be managed in a unified way, achieving significant reduction in operation and maintenance costs. However, for Istio, a community service grid, the service governance under multiple clusters and the compatibility of different Kuberenets clusters are still a great challenge.
By using the service grid ASM, the unified management of multi-cluster, multi-form and multi-language services has become a very simple task. The managed service grid ASM provides unified traffic management capability, unified service security capability, unified service observability capability, and unified agent scalability capability in becoming the infrastructure for unified management of various heterogeneous types of computing services, thus building enterprise-level capabilities.
Managed architecture of service grid ASM
As shown in the figure above, the service grid ASM provides a unified control capability for the various data plane cluster forms provided by Alibaba Cloud container services, making the cluster form no longer a constraint on the production environment of the service grid.
At the same time, due to its managed architecture, the service grid ASM can uniformly control multiple data plane clusters. With the ability of ASM multi-cluster management and control, Zhanku can uniformly manage the services in its multiple dataplane clusters through an ASM instance, effectively solving the challenge of realizing unified management access for multi-cluster applications.
For multiple clusters of data planes, ASM uses the global namespace method to manage. Different namespaces in multiple data plane clusters are summarized into one ASM instance, and Sidecar injection configuration can be performed uniformly in the global namespace. At the same time, ASM also supports two-way one-click synchronization of namespace information between ASM instances and different dataplane clusters.
The global namespace management of the service grid ASM supports the configuration of Sidecar injection management under the namespaces of multiple clusters
2. Unification of north-south and east-west flow control
As the traffic entry of a series of services in the cluster such as Sitecool, Sitecool Hailuo, Sitecool Learning, etc., Sitecool has enabled multiple ASM gateways to forward and control the traffic of the services in the cluster.
Sitecool's services mainly use HTTP and gRPC protocols. ASM gateway has high support maturity for these protocols, and can natively support request load balancing, request routing based on a variety of rich matching conditions and other gateway capabilities.
On the basis of Istio's gateway in the community, ASM Enterprise Edition provides more enterprise-level advanced features, including index scaling (HPA), performance optimization based on the combination of software and hardware based on Intel MultiBuffer technology, gateway lossless upgrade, SLB elegant offline, etc., so that the gateway really reaches the production availability level and can well support various enterprise-level services.
ASM gateway also supports graphical configuration of upstream services, domain name certificates, etc., significantly improving the operation and maintenance efficiency
3. Use ASM observation center for real-time monitoring of the whole business
After the main business services are migrated to the service grid platform, using the log and indicator reporting capabilities of the service grid Sidecar, we can naturally build a unified observable capability for different services in the grid and the ASM gateway itself.
In the grid observable management center, the service grid ASM provides a complete grid observable scheme. It not only provides a variety of observable forms such as log center, Prometheus monitoring, grid topology, etc., but also has deep integration with other observable cloud products of Alibaba Cloud (SLS log service, ARMS monitoring service, etc.) (and is compatible with open source observable solutions), and can configure the dashboard of various observable indicators in a one-stop manner.
In the production environment, Zhanku mainly uses the log center to build grid observability. ASM provides automatic collection of gateway and grid Sidecar logs by integrating with log service, and provides log dashboards for gateway and grid Sidecar access logs, providing monitoring of practical indicators including request error rate, P95 delay, etc., to achieve unified observability of multi-cluster heterogeneous applications.
ASM Observable Management Center and Log Dashboard
4. Plug-in market - use ASM plug-in to activate expansion capability
In the process of migrating to the service grid ASM, Sitecool found that there are certain compatibility problems between the service grid platform and its own business architecture. Specifically, the data side Sidecar of the service grid will convert the headers in the request and response to lowercase by default. Although this behavior is not a problem for most http services, it still affects services that are sensitive to header case.
This problem can be solved by activating the plug-in expansion capability of Sidecar on the data side and allowing it to retain the case of the header. The service grid ASM provides a plug-and-play plug-in market in the plug-in expansion center. For various actual business scenarios, a variety of plug-and-play plug-ins are provided. After a few simple parameter configurations, various expansion capabilities of the data side Sidecar can be quickly enabled. By taking advantage of the ASM plug-in market, Zhanku has solved the problems encountered in business migration in a short time.
ASM plug-in market, providing a series of plug-in expansion capabilities that can be enabled with one button
5. Automation API integration
On the basis of providing various features of the enterprise service grid platform, automation integration is also a key part of the grid platform. In production practice, because of its own business center, Zhanku will have a strong demand for automation integration of the service grid platform.
As an Alibaba Cloud product, the service grid ASM, in addition to the general OpenAPI/SDK integration method, also provides other diversified product function module integration methods, including Kube API, Terraform, etc. The major function modules provided by the product can not only be accessed through the ASM console, but also be integrated into the manufacturer's own business center in the form of API to help grid operation and maintenance automation.
For example, in the production practice of Zhanku, the global namespace management function mentioned above is integrated into its own business center in the form of Open API by Zhanku, realizing complete automatic management of multiple clusters in the grid. For grid configuration, Kube API is used to achieve smooth docking with the original GitOps platform.
Expectation
With the continuous transformation of station cool business services, it will continue to obtain more rich and convenient enterprise-level features based on Alibaba Cloud service grid ASM products to help reduce costs and increase efficiency, including but not limited to:
1. Provide convenient intra-grid service security and authentication scheme: ASM has now provided the ASM security policy center to help quickly configure the gateway and intra-grid service security authentication scheme
2. More refined traffic governance capability: With the deepening of the service transformation of the station, we will continue to explore a number of enterprise-level traffic governance features provided by ASM, such as full-link grayscale release, local current limit, and interface-level fuse.
Related Articles
-
A detailed explanation of Hadoop core architecture HDFS
Knowledge Base Team
-
What Does IOT Mean
Knowledge Base Team
-
6 Optional Technologies for Data Storage
Knowledge Base Team
-
What Is Blockchain Technology
Knowledge Base Team
Explore More Special Offers
-
Short Message Service(SMS) & Mail Service
50,000 email package starts as low as USD 1.99, 120 short messages start at only USD 1.00
