Service Fabric 体系结构Service Fabric architecture

Service Fabric 是利用分层子系统而生成的。Service Fabric is built with layered subsystems. 这些子系统让你能够编写这样的应用程序:These subsystems enable you to write applications that are:

  • 高度可用Highly available
  • 可缩放Scalable
  • 可管理Manageable
  • 可测试Testable

下图显示 Service Fabric 的主要子系统。The following diagram shows the major subsystems of Service Fabric.

Service Fabric 体系结构示意图

在分布式系统中,在群集中的节点之间进行安全通信的能力至关重要。In a distributed system, the ability to securely communicate between nodes in a cluster is crucial. 堆栈底部是传输子系统,它在节点之间提供安全的通信。At the base of the stack is the transport subsystem, which provides secure communication between nodes. 传输子系统之上即是联合子系统,它将不同节点聚集为一个单一实体(名为群集)以便 Service Fabric 可以检测失败、执行群首选举并提供一致性路由。Above the transport subsystem lies the federation subsystem, which clusters the different nodes into a single entity (named clusters) so that Service Fabric can detect failures, perform leader election, and provide consistent routing. 联合子系统之上是可靠性子系统,它通过诸如复制、资源管理和故障转移等机制负责 Service Fabric 服务的可靠性。The reliability subsystem, layered on top of the federation subsystem, is responsible for the reliability of Service Fabric services through mechanisms such as replication, resource management, and failover. 联合子系统之上还有宿主和激活子系统,它管理单个节点上的应用程序的生命周期。The federation subsystem also underlies the hosting and activation subsystem, which manages the lifecycle of an application on a single node. 管理子系统管理应用程序和服务的生命周期。The management subsystem manages the lifecycle of applications and services. 可测试性子系统可帮助应用程序开发人员在将应用程序和服务部署到生产环境之前和之后通过模拟失败测试其服务。The testability subsystem helps application developers test their services through simulated faults before and after deploying applications and services to production environments. Service Fabric 能够通过其通信子系统来解析服务位置。Service Fabric provides the ability to resolve service locations through its communication subsystem. 向开发人员公开的应用程序编程模型则位于这些子系统以及用于启用工具的应用程序模型之上。The application programming models exposed to developers are layered on top of these subsystems along with the application model to enable tooling.

传输子系统Transport subsystem

传输子系统实现点对点数据报信道。The transport subsystem implements a point-to-point datagram communication channel. 此信道用于 Service Fabric 群集内部的通信以及 Service Fabric 群集与客户端之间的通信。This channel is used for communication within service fabric clusters and communication between the service fabric cluster and clients. 它支持单向和请求答复通信模式,为联合层中的广播和多播提供了基础。It supports one-way and request-reply communication patterns, which provides the basis for implementing broadcast and multicast in the Federation layer. 传输子系统通过使用 X509 证书或 Windows 安全性来保护通信安全。The transport subsystem secures communication by using X509 certificates or Windows security. 此子系统供 Service Fabric 内部使用,应用程序编程的开发人员不可直接进行访问。This subsystem is used internally by Service Fabric and is not directly accessible to developers for application programming.

联合子系统Federation subsystem

为了推论出分布式系统中的一组节点,需要一致的系统视图。In order to reason about a set of nodes in a distributed system, you need to have a consistent view of the system. 联合子系统使用传输子系统提供的通信基元,并将各个节点拼结为它可进行推论的单个统一群集。The federation subsystem uses the communication primitives provided by the transport subsystem and stitches the various nodes into a single unified cluster that it can reason about. 它提供其他子系统所需的系统基元 - 失败检测、群首选举和一致性路由。It provides the distributed systems primitives needed by the other subsystems - failure detection, leader election, and consistent routing. 联合子系统构建在具有 128 位令牌空间的分布式哈希表基础之上。The federation subsystem is built on top of distributed hash tables with a 128-bit token space. 该子系统在节点上方创建一个环形拓扑,环中的每个节点分配拥有一部分令牌空间。The subsystem creates a ring topology over the nodes, with each node in the ring being allocated a subset of the token space for ownership. 对于失败检测,该层使用基于信号检测和仲裁的租用机制。For failure detection, the layer uses a leasing mechanism based on heart beating and arbitration. 此外,联合子系统还通过复杂联接和偏离协议保证在任意时刻都只有一个令牌所有者退出。The federation subsystem also guarantees through intricate join and departure protocols that only a single owner of a token exists at any time. 这提供了群首选举和一致性路由保证。This provides leader election and consistent routing guarantees.

可靠性子系统Reliability subsystem

可靠性子系统通过使用复制器故障转移管理器资源平衡器提供一种机制,使得 Service Fabric 服务的状态高度可用。The reliability subsystem provides the mechanism to make the state of a Service Fabric service highly available through the use of the Replicator, Failover Manager, and Resource Balancer.

  • 复制器确保主服务副本中的状态更改自动复制到辅助副本,从而维护服务副本集中主副本和辅助副本之间的一致性。The Replicator ensures that state changes in the primary service replica will automatically be replicated to secondary replicas, maintaining consistency between the primary and secondary replicas in a service replica set. 复制器负责副本集中副本间的仲裁管理。The replicator is responsible for quorum management among the replicas in the replica set. 它与故障转移单元进行交互以获取要复制的操作列表,重新配置代理为其提供副本集的配置。It interacts with the failover unit to get the list of operations to replicate, and the reconfiguration agent provides it with the configuration of the replica set. 该配置指示操作需要复制到哪些副本。That configuration indicates which replicas the operations need to be replicated. Service Fabric 提供名为 Fabric Replicator 的默认复制器,编程模型 API 可使用它来使服务状态高度可用和高度可靠。Service Fabric provides a default replicator called Fabric Replicator, which can be used by the programming model API to make the service state highly available and reliable.
  • 故障转移管理器确保向群集添加节点或从群集中删除节点时,自动在可用节点间重新分发负载。The Failover Manager ensures that when nodes are added to or removed from the cluster, the load is automatically redistributed across the available nodes. 如果群集中的节点失败,群集自动重新配置服务副本以维持可用性。If a node in the cluster fails, the cluster will automatically reconfigure the service replicas to maintain availability.
  • 资源管理器将服务副本放置在群集的各个故障域中,并确保所有故障转移单元都可正常运行。The Resource Manager places service replicas across failure domains in the cluster and ensures that all failover units are operational. Resource Manager 还会平衡群集节点基础共享池中的服务资源,从而获得最佳的统一负载分布。The Resource Manager also balances service resources across the underlying shared pool of cluster nodes to achieve optimal uniform load distribution.

管理子系统Management subsystem

管理子系统提供端到端服务和应用程序生命周期管理。The management subsystem provides end-to-end service and application lifecycle management. PowerShell cmdlet 和管理 API 使你能够设置、部署、修补、升级和取消设置应用程序,而不会丢失可用性。PowerShell cmdlets and administrative APIs enable you to provision, deploy, patch, upgrade, and de-provision applications without loss of availability. 管理子系统通过以下服务执行此功能。The management subsystem performs this through the following services.

  • 群集管理器 :这是与可靠性子系统中的故障转移管理器交互的主服务,可基于服务放置约束在节点上放置应用程序。Cluster Manager: This is the primary service that interacts with the Failover Manager from reliability to place the applications on the nodes based on the service placement constraints. 故障转移子系统中的 Resource Manager 确保约束永远不会中断。The Resource Manager in failover subsystem ensures that the constraints are never broken. 群集管理器管理应用程序从设置到取消设置的生命周期。The cluster manager manages the lifecycle of the applications from provision to de-provision. 它与运行状况管理器集成,可确保在升级期间,从语义运行状况的角度来看应用程序可用性不会丢失。It integrates with the health manager to ensure that application availability is not lost from a semantic health perspective during upgrades.
  • 运行状况管理器 :此服务对应用程序、服务和群集实体启用运行状况监视。Health Manager: This service enables health monitoring of applications, services, and cluster entities. 群集实体(如节点、服务分区和副本)可以报告运行状况信息,此信息随后聚合到集中式运行状况存储中。Cluster entities (such as nodes, service partitions, and replicas) can report health information, which is then aggregated into the centralized health store. 此运行状况信息提供群集中多个节点间分布的服务和节点的总体时间点运行状况快照,可让你采取任何需要的纠正措施。This health information provides an overall point-in-time health snapshot of the services and nodes distributed across multiple nodes in the cluster, enabling you to take any needed corrective actions. 运行状况查询 API 使你能够查询向运行状况子系统报告的运行状况事件。Health query APIs enable you to query the health events reported to the health subsystem. 运行状况查询 API 为特定群集实体返回存储在运行状况存储中的原始运行状况数据,或已解释的聚合运行状况数据。The health query APIs return the raw health data stored in the health store or the aggregated, interpreted health data for a specific cluster entity.
  • 映像存储区 :此服务提供存储和分发应用程序二进制文件的功能。Image Store: This service provides storage and distribution of the application binaries. 此服务提供简单的分布式文件存储,应用程序可上传到该存储中或从该存储中下载。This service provides a simple distributed file store where the applications are uploaded to and downloaded from.

宿主子系统Hosting subsystem

群集管理器通知宿主子系统(在每个节点上运行)需要为特定节点管理的服务。The cluster manager informs the hosting subsystem (running on each node) which services it needs to manage for a particular node. 然后,宿主子系统管理该节点上的应用程序的生命周期。The hosting subsystem then manages the lifecycle of the application on that node. 它与可靠性和运行状况组件交互,可确保副本正确放置且正常运行。It interacts with the reliability and health components to ensure that the replicas are properly placed and are healthy.

通信子系统Communication subsystem

此子系统通过命名服务提供群集内部的可靠消息传送和服务发现。This subsystem provides reliable messaging within the cluster and service discovery through the Naming service. 命名服务将服务名称解析到群集中的某个位置,并允许用户管理服务名称和属性。The Naming service resolves service names to a location in the cluster and enables users to manage service names and properties. 使用命名服务,客户端可以安全地与群集中任一节点进行通信,以解析服务名称并检索服务元数据。Using the Naming service, clients can securely communicate with any node in the cluster to resolve a service name and retrieve service metadata. 使用一个简单的命名客户端 API,Service Fabric 的用户可以开发服务和客户端,这些服务和客户端能够解析当前网络位置,而不受节点动态性或群集重设大小的影响。Using a simple Naming client API, users of Service Fabric can develop services and clients capable of resolving the current network location despite node dynamism or the re-sizing of the cluster.

可测试性子系统Testability subsystem

可测试性是一套专为测试建立于Service Fabric 基础之上的服务而设计的工具。Testability is a suite of tools specifically designed for testing services built on Service Fabric. 这些工具让开发人员能够轻松地引发有意义的故障及运行测试方案来执行和验证服务在整个生命周期内要经历的大量状态和转换,所有一切都以受控且安全的方式进行。The tools let a developer easily induce meaningful faults and run test scenarios to exercise and validate the numerous states and transitions that a service will experience throughout its lifetime, all in a controlled and safe manner. 可测试性还提供了一种机制来运行更长时间的测试,可在不丢失可用性的情况下循环访问各种可能的故障。Testability also provides a mechanism to run longer tests that can iterate through various possible failures without losing availability. 这可以提供生产环境中的测试。This provides you with a test-in-production environment.