2020年回顾

2020让我受益最大的资料 📚

翻开印象笔记，我回顾了一下最有价值的资料:

Service Mesh

• 深度理解 Istio 如何路由 TCP 流量

Container

• Under the hood of Docker — Janos Pasztor
• Understanding resource limits in kubernetes: cpu time
• CPU limits and aggressive throttling in Kubernetes
• Unthrottled: Fixing CPU Limits in the Cloud
• Under the hood of Docker
• All things Linux containers
• Implementing Container Runtime Shim
• Seccomp in Kubernetes
• Containerization Mechanisms: Cgroups

Linux

• Learn about different I/O Access Methods and what we chose for Scylla
• [Book: BPF Performance Tools]

GraphQL

• How Netflix Scales its API with GraphQL Federation

学到的技术⛷

• Docker/Container 实现原理和架构的入门

$ pip install md-translate

export

md-translate -s Google -S en -T zh-CN ./java-native-mem.md

Ref

https://github.com/ilyachch/md_docs-trans-app

https://shaharmike.com/cpp/vtable-part2/

https://tenzir.com/blog/production-debugging-bpftrace-uprobes/
https://shaharmike.com/cpp/vtable-part1/

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

#include <iostream>

class Parent {
 public:
  virtual void Foo() {}
  virtual void FooNotOverridden() {}
};

class Derived : public Parent {
 public:
  void Foo() override {}
};

int main() {
  Parent p1, p2;
  Derived d1, d2;

  std::cout << "done" << std::endl;
}

$ # compile our code with debug symbols and start debugging using gdb
$ clang++ -std=c++14 -stdlib=libc++ -g main.cpp && gdb ./a.out
...
(gdb) # ask gdb to automatically demangle C++ symbols
(gdb) set print asm-demangle on
(gdb) set print demangle on
(gdb) # set breakpoint at main
(gdb) b main
Breakpoint 1 at 0x4009ac: file main.cpp, line 15.
(gdb) run
Starting program: /home/shmike/cpp/a.out

Breakpoint 1, main () at main.cpp:15
15	  Parent p1, p2;
(gdb) # skip to next line
(gdb) n
16	  Derived d1, d2;
(gdb) # skip to next line
(gdb) n
18	  std::cout << "done" << std::endl;
(gdb) # print p1, p2, d1, d2 - we'll talk about what the output means soon
(gdb) p p1
$1 = {_vptr$Parent = 0x400bb8 <vtable for Parent+16>}
(gdb) p p2
$2 = {_vptr$Parent = 0x400bb8 <vtable for Parent+16>}
(gdb) p d1
$3 = {<Parent> = {_vptr$Parent = 0x400b50 <vtable for Derived+16>}, <No data fields>}
(gdb) p d2
$4 = {<Parent> = {_vptr$Parent = 0x400b50 <vtable for Derived+16>}, <No data fields>}

Here’s what we learned from the above:

https://netflixtechblog.com/predictive-cpu-isolation-of-containers-at-netflix-91f014d856c7

https://www.youtube.com/watch?v=spzfupads2o#fromHistory

Envoy Internals Deep Dive - Matt Klein, Lyft

Terminology

• Cluster: a logical service with a set of endpoints that Envoy forwards requests to.

• Downstream: an entity connecting to Envoy. This may be a local application (in a sidecar model) or a network node. In non-sidecar models, this is a remote client.

• Endpoints: network nodes that implement a logical service. They are grouped into clusters. Endpoints in a cluster are upstream of an Envoy proxy.

• Filter: a module in the connection or request processing pipeline providing some aspect of request handling. An analogy from Unix is the composition of small utilities (filters) with Unix pipes (filter chains).

tcmalloc，通过-define tcmalloc=disabled禁用

https://blog.gmem.cc/envoy-study-note

https://istio.cn/t/topic/299

Envoy源码分析之Dispatcher：https://developer.aliyun.com/article/659277

线程相关 Misc：

• Envoy进程由一个Main Thread和多个Worker Thread 组成
• 每个Main和Worker包含一个eventloop，所有的处理都是由eventloop触发开始
• Main负责xDS等功能，Worker负责处理连接和请求
• 当一个client向Envoy建立连接的时候，因为所有Worker的EventLoop都注册了listening fd(启用SO_PORTREUSE除外)，会由内核决定分配给哪个Worker
• 当一个下游client连接到了Envoy，在保持连接不断的情况下，会和同一个Worker进行通讯

HTTP/1.1 Header Casing

https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/header_casing#config-http-conn-man-header-casing

When handling HTTP/1.1, Envoy will normalize the header keys to be all lowercase. While this is compliant with the HTTP/1.1 spec, in practice this can result in issues when migrating existing systems that might rely on specific header casing.

To support these use cases, Envoy allows configuring a formatting scheme for the headers, which will have Envoy transform the header keys during serialization.

• To configure this formatting on response headers, specify the format in the http_protocol_options.
• To configure this for upstream request headers, specify the formatting in http_protocol_options in the cluster’s extension_protocol_options.

Currently Envoy supports two mutually exclusive types of header key formatters:

config.core.v3.Http1ProtocolOptions

https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#config-core-v3-http1protocoloptions

[config.core.v3.Http1ProtocolOptions proto]

1
2
3
4
5
6
7
8
9

{
  "allow_absolute_url": "{...}",
  "accept_http_10": "...",
  "default_host_for_http_10": "...",
  "header_key_format": "{...}",
  "enable_trailers": "...",
  "allow_chunked_length": "...",
  "override_stream_error_on_invalid_http_message": "{...}"
}

• allow_absolute_url

  (BoolValue) Handle HTTP requests with absolute URLs in the requests. These requests are generally sent by clients to forward/explicit proxies. This allows clients to configure envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the http_proxy environment variable.

Enable debug log by command line

https://projectcontour.io/docs/v1.10.0/troubleshooting/envoy-debug-log/

The envoy command has a --log-level flag that can be useful for debugging. By default, it’s set to info. To change it to debug, edit the envoy DaemonSet in the projectcontour namespace and replace the --log-level info flag with --log-level debug. Setting the Envoy log level to debug can be particilarly useful for debugging TLS connection failures.

Enable debug log by API

列出 logger 名字：