All Products
Search
Document Center

Alibaba Cloud Service Mesh:Use the ASM traffic scheduling suite to control traffic for a distributed system

Last Updated:Nov 22, 2024

The Service Mesh (ASM) traffic scheduling suite provides a non-intrusive and scalable dynamic traffic scheduling architecture for centralized management and control of all traffic in a distributed system. This helps you enhance the reliability of cloud-native distributed applications, reduce costs, and improve resource utilization. This topic describes the ASM traffic scheduling suite and its features.

What is the ASM traffic scheduling suite?

The ASM traffic scheduling suite is an ASM-based centralized traffic scheduling architecture model, and a collective name for various traffic scheduling policies developed based on this architecture model. It is designed to schedule and manage requests in cloud-native distributed applications in a centralized manner. These capabilities can enhance the reliability of cloud-native distributed applications as well as reducing costs and improving resource utilization.

The core architecture of the ASM traffic scheduling suite mainly consists of the ASM request scheduling controller and the ASM request scheduling agent. When a sidecar proxy forwards inbound or outbound requests of a pod, the sidecar proxy interacts with the ASM request scheduling agent to obtain traffic scheduling decisions from the agent. Then, the sidecar proxy performs throttling and queuing on the requests. The ASM traffic scheduling suite provides a series of preset traffic scheduling policies. These policies are published by the ASM request scheduling controller to the ASM request scheduling agent to dynamically control traffic scheduling.

image

Enable the ASM traffic scheduling suite

Note
  • Before you enable the ASM traffic scheduling suite, make sure that storageclasses named alibabacloud-cnfs-nas exists in the corresponding cluster on the data plane. For more information about how to create a StorageClass, see StorageClasses.

  • ACK Serverless does not support the ASM traffic scheduling suite.

To use the ASM traffic scheduling suite, make sure that the version of your ASM instance is 1.21.6.82 or later and that a Kubernetes cluster is added to your ASM instance. For more information, see Add a cluster to an ASM instance.

To enable the ASM traffic scheduling suite, perform the following steps:

  1. Use kubectl to connect to the ASM instance. For more information, see Use kubectl on the control plane to access Istio resources.

  2. Run the following command:

    kubectl patch asmmeshconfig default --type=merge --patch='{"spec":{"adaptiveSchedulerConfiguration":{"enabled":true,"schedulerScopes":[{"namespace":"default"}]}}}'

Traffic scheduling policies supported by the ASM traffic scheduling suite

The following table describes the policies supported by the ASM traffic scheduling suite.

Policy

Description

References

Traffic rate limiting

A traffic rate limiting policy is created by using the RateLimtingPolicy CustomResourceDefinition (CRD). Such a policy provides global throttling for specified services in an ASM instance. Compared with the throttling solution provided by open source Istio, a policy created by using the RateLimtingPolicy CRD supports advanced throttling features such as user-specific throttling, setting burst traffic windows, and configuring a custom consumption rate for request tokens.

Use RateLimitingPolicy to implement user-specific throttling

Priority-based request scheduling based on the average latency

A priority-based request scheduling policy compares the real-time latency with the historical average latency to determine whether traffic overload occurs. If traffic overload occurs, scheduling mechanisms based on token bucket and priority are used to schedule requests. When the system is overloaded, high-priority requests can be processed preferentially.

Use AverageLatencySchedulingPolicy to implement priority-based request scheduling

Concurrency control

Concurrency control maintains a record of requests that are being processed (that is, requests that have been sent but not yet responded to). When the number of requests that are being processed exceeds the specified limit, subsequent incoming requests are rejected.

Use ConcurrencyLimitingPolicy to implement request concurrency limiting

Priority-based request scheduling under controlled concurrency

ConcurrencySchedulingPolicy determines whether traffic is overloaded based on the limits on concurrent requests. When the number of concurrent requests exceeds the specified upper limit, subsequent requests are queued and scheduled based on their priorities.

Use ConcurrencySchedulingPolicy to implement priority-based request scheduling under controlled concurrency

Progressive service release policy

The ASM traffic scheduling suite supports progressive service release policies. When you release a new service, you can configure a progressive release policy to gradually increase the traffic received by the service. This ensures that the service is smoothly released.

Use LoadRampingPolicy to implement progressive service release

Priority-based request scheduling with a specified request quota

When the number of requests being processed in a unit time in the system exceeds the specified quota, subsequent requests will be queued and high-priority requests can be processed preferentially.

Use QuotaSchedulingPolicy to implement request call quota management

Configurations for collecting the monitoring metrics of ASM traffic scheduling suite

If your Kubernetes clusters are integrated with Managed Service for Prometheus instances or self-built Prometheus instances, you can perform the following configurations to collect the monitoring metric of an ASM request scheduling agent. In this way, you can verify whether a specific policy in ASM traffic scheduling suite takes effect.

Managed service for Prometheus

You can run the following codes to add a custom collection rule. For more information, see Other Prometheus service discovery configurations.

scrape_configs:
- job_name: asm-adaptive-scheduler-stats
  scrape_interval: 30s
  scrape_timeout: 30s
  metrics_path: /metrics
  scheme: http
  kubernetes_sd_configs:
  - role: pod
  relabel_configs:
  - source_labels:
    - __meta_kubernetes_namespace
    action: keep
    regex: istio-system
  - source_labels:
    - __meta_kubernetes_pod_container_port_name
    action: keep
    regex: server
  - source_labels:
    - __meta_kubernetes_pod_container_name
    action: keep
    regex: aperture-agent

Self-built Prometheus instances

You need to add the JSON file of Managed service for Prometheus to the scrape_configs nodes of Prometheus instances. For more information, see Prometheus configuration.