Issues-translate-bot
commented
1 year ago Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑🤝🧑👫🧑🏿🤝🧑🏻👩🏾🤝👨🏿👬🏿
Title: Rainbond plug-in mechanism design
Purpose
- Realize the microkernel, and the complete functions of the platform can be extended through plug-ins, which is convenient for open source ecological expansion
- Through the plug-in system, developers can easily share code
- Simplified installation, expand functions on demand
- Support the expansion or editing of some capabilities in K8s
Design ideas
Currently, the plug-ins that can be planned include large-screen system, monitoring system, workflow, security system or source code construction system.
There are currently two ideas for plug-in design:
- UI extension, backend interface extension. That is, both the UI and the backend interface provide an extensible way. When developing a plug-in, you can customize the UI and back-end interface. The advantage is that it is extremely flexible and can meet some customizations of the UI by users. However, the development is difficult and the existing system cannot be reused.
- Deploy the plug-in as a special type of application, and view and manage it uniformly after the platform recognizes it. The advantage is that we can reuse our application market as much as possible. For user production, existing application market capabilities can also be reused.
Expansion capability mainly refers to how to reuse some existing Kubernetes capabilities to achieve functional expansion. It can be understood that capabilities are standard implementations in K8s, can be directly edited through the platform, and synchronized with cluster resources.
final effect
-
Plug-ins are uniformly stored in the application market, and can be installed and upgraded from the application market
-
There is a plug-in configuration page
- After the user implements the plug-in release, it can be recognized on the platform
- The identified plug-ins can be viewed through the interface
- After the official plug-in is installed, it can trigger the corresponding page of the platform, or support the configuration of the secondary menu
-
Support the injection and use of various ServiceMesh frameworks. Support users to use their own GatewayAPI implementation, and support users to customize the ability to edit directly on the platform.
Business Process
Plugins
Plug-ins installed by users are divided into official plug-ins/unofficial plug-ins: official plug-ins will display hidden entrances on the UI; unofficial plug-ins will not.
- Users manage various parameter configurations of plug-ins at the application level
- On the platform management page, the user can globally manage the plug-in information under each cluster, and can jump to the application or directly access
Extendability
The platform administrator deploys CRD resources in the cluster (defining the resource types that Rainbond needs to watch), and the console can see all the resources of the corresponding resource group.
If the watched resource type is integrated with the platform, you can configure the corresponding parameters on the page. Such as application governance mode, GatewayClass and other resources.
If it cannot be integrated with the platform, you can only edit the yaml file directly on this page.
Technical realization
Plugins
- After the user installs the plug-in, two types of resources will be created:
- Rainbond application template: the plugin itself is an application that provides complete capabilities
- RainbondPluginCR: Rainbond's plug-in defines CR resources, mainly including plug-in metadata (for page display), plug-in type (which can be split according to platform functions, such as construction type plug-ins [platform construction components], display type plug-ins [big screen ], etc.), plug-in author information, etc.
- The Console will call the rbd-api interface to obtain the currently available plug-in resources and installation status. Plug-in resources will only be displayed on the page if they are installed. Plugins need to be displayed in clusters. By switching clusters, you can see the plugins in a certain cluster. When deploying multiple sets, the plugin will display multiple.
apiVersion: rainbow.io/v1alpha1
kind: RainbowPlugin
spec:
name: large-screen
description: This is Linkerd Plugin
pluginType: Monitor # Custom
author: "goodrain"Extendability
- Users can create a RainbondAbilityCR resource in the cluster by themselves, which can define resource types that require Watch.
- The console will query all the resources in RainbowdAbilityCR that need to be Watched, and display the relevant resources in the extension capability. Here, the resources are synchronized with the K8s cluster and can be modified. Deletion is not allowed.
Use of ServiceMesh capabilities
apiVersion: rainbow.io/v1alpha1
kind: Rainbow Ability
spec:
name: ServiceMesh
description: "xxxxx"
watchGroups:
- apiVersion: rainbow.io/v1alpha1
kind: RBDServiceMesh
apiVersion: rainbow.io/v1alpha1
kind: RBDServiceMesh
spec:
name: linkerd
description: "xxxxx"
inject:
- method: label # label/annotation
key: istio/enable-sidecar
value: "true"Two types of CRD resources are required, RainbondAbility and RainbondServiceMesh.
- The injection method and description of the ServiceMesh framework can be defined in the RainbondServiceMesh CR resource.
- The RainbowAbility definition needs to watch the RainbowServiceMesh resource, so that the resource created in the first step can be edited on the page, and at the same time, it can trigger the console management mode switching function.
Use of GatewayAPI capabilities
- Deploy the RainbondAbility resource, define the resource type that needs to be watched, and platform management-ability will list all the resources of GatewayClass, eg: envoy
apiVersion: rainbow.io/v1alpha1 kind: Rainbow Ability spec: name: gateway description: "xxxxx" watchGroups: - apiVersion: gateway.networking.k8s.io/v1beta1 kind: GatewayClass - The user installs envoy Gateway in the cluster, and a gatewayClass resource will be generated at this time
- On the gateway page, when adding a policy, the user can select the corresponding gateway implementation and select envoy. The parameters only support standard Gateway HttpRoute and TCPRoute.
- When the application is running, the generated resource type is no longer ingress, but Gateway and HttpRoute resources.
Plug-in planning
- [ ] Plugin base framework
- [ ] function extension
- [ ] pipeline
- [ ] CI capability expansion
- [ ] automatic testing
- [ ] Code static checking
- [ ] CD ability expansion
- [ ] Canary release/AB test
- [ ] Process review
- [ ] Observability extension
- [ ] Collect plugins
- [ ] display plugin
- [ ] Service Mesh framework plugin
- [ ] Linkerd
- [ ] dapr
- [ ] Other governance frameworks that support sidecar injection
- [ ] Gateway plugin
- [ ] Higress
- [ ] Envoy Gateway
- [ ] Other implementations that support the Gateway API
- [ ] Device plugin (run as DeamonSet)
- [ ] GPU
- [ ] Other drivers that need to be combined with hardware
- [ ] Cloud provider (automatically connect to cloud platform through API)
- [ ] Alibaba Cloud ACK
- [ ] HUAWEI CLOUD CCE
- [ ] Workload type extension plug-in (support extension on existing application model)
- [ ] Knative
- [ ] Volcano
- [ ] Edge computing support (special support for installation/docking/application distribution)
- [ ] kubedge
- [ ] SuperEdge
- [ ] Security and policy plugins (extended security capabilities)
- [ ] Storage plug-in (ability to connect to storage)
目的
设计思路
当前可以规划的插件大概有大屏系统、监控系统、工作流、安全类系统或源码构建系统。
插件设计当前会有以下两种思路:
扩展能力主要是指如何能复用已有的 Kubernetes 上的一些能力,实现功能的扩充,可以理解为能力是 K8s 中标准实现,通过平台能直接编辑,与集群资源同步。
最终效果
插件统一存放到应用市场,可以从应用市场安装和升级
有插件配置页面
支持多种 ServiceMesh 框架的注入和使用。支持用户使用自己的 GatewayAPI 实现,支持用户自定义想要直接在平台上编辑的能力。
业务流程
插件
用户安装插件,分为官方插件/非官方插件:官方插件会在UI上展示隐藏入口;非官方插件则不会。
扩展能力
平台管理员在集群中部署 CRD 资源(定义Rainbond 需要 Watch 的资源类型),控制台可以看到对应资源组的全部资源。
如果 Watch 到的资源类型与平台集成,则可以在页面上配置对应的参数。如应用治理模式、GatewayClass等资源。
如果不能与平台集成,那么在该页面只能直接编辑 yaml 文件修改。
技术实现
插件
扩展能力
ServiceMesh能力的使用
需要两类CRD资源,RainbondAbility 和 RainbondServiceMesh。
GatewayAPI能力的使用
插件规划