Configure system protection to enhance system stability - Microservices Engine

System protection provides system-wide traffic protection capabilities in different scenarios to handle various unexpected situations. For example, an interface is not configured with traffic protection rules. When the interface encounters traffic surges, system protection can provide traffic protection to ensure the stability of applications. Microservices Governance provides protection against CPU overload. Protection features for other scenarios will be available soon.

Prerequisites

Microservices Governance Enterprise Edition is activated. For more information, see Activate Microservices Governance.
Microservices Governance is enabled for your application. For more information, see Enable Microservices Governance for microservice applications in an ACK cluster and Connect microservice applications on ECS instances to Microservices Governance.

Procedure

Log on to the MSE console, and select a region in the top navigation bar.
In the left-side navigation pane, choose Microservices Governance > Application Governance.
On the Application list page, click the resource card of the destination application. In the left-side navigation pane, click Traffic management.
Click the System Protection tab and configure the relevant feature.

Adaptive overload protection

Note

To use adaptive overload protection, you must make sure that the version of the agent is V3.1.4 or later.

The system uses CPU utilization as the basis for measuring the system load and adaptively adjusts the traffic protection policies to throttle a specific percentage of ingress traffic. Ingress traffic refers to the interface traffic on the server in the interface details.

Parameter

Description

Status

Closed: The adaptive overload protection feature is disabled.
Simulated Execution: In this state, if the adaptive overload protection is triggered, only the relevant event is generated and the traffic protection policies are not adjusted.
Open: In this state, if adaptive overload protection is triggered, the traffic protection policies are adjusted to throttle a specific percentage of ingress traffic.

vCPU Utilization

The expected CPU utilization threshold. If adaptive overload protection is enabled, the system uses algorithms to adaptively adjust the probability of triggering interface throttling based on the actual CPU utilization and the configured CPU utilization threshold. This allows the system to reject specific requests in high load scenarios and keeps CPU utilization to be fluctuated within the configured threshold range.

References

For more information about traffic protection policies, see Traffic protection.