Re: [discuss][java-chassis] new feature for inspect internal statusof a microservice instance
do you mean microservice instance provide RESTful api and a standalone instance to provide UI? seems like another governance entry.. bismy 于2019年3月6日周三 下午4:13写道: > I have an general idea to do this: > > > 1. We do not need to create a new port for this feature, and share the > microservice port. It has same security constraints like REST api. > 2. We can provide both ui and REST api for this feature. Provided we need > to easily access the ui from edge service(Is this possible to do it > easily?). > 3. We can start a new project, e.g. servicecomb-admin (or a module like in > edge service do), users start this admin service along with microservices. > So they can access admin service easily, do not need to care much about > security constraints like service center console. > > > > > > > -- 原始邮件 -- > 发件人: "willem.jiang"; > 发送时间: 2019年3月5日(星期二) 下午2:12 > 收件人: "dev"; > > 主题: Re: [discuss][java-chassis] new feature for inspect internal statusof > a microservice instance > > > > I think we can start from the instance troubleshooting solution first, > then we can consider to let management console redirect the request to > the certain instance. > > Willem Jiang > > Twitter: willemjiang > Weibo: 姜宁willem > > On Tue, Mar 5, 2019 at 11:54 AM wjm wjm wrote: > > > > @yaohai...@huawei.com agree to you. > > but > > 1.graphical user interface is not a problem, network is a problem > > browser maybe can not connect to the instance directly > > 2.we must provide these features by governance console, the problem is if > > we will provide it by instance also? > > when provide by governance console, it's more powerful than by instance > > because instance can only have self information, but governance can > show > > related instance's information. > > > > yhs0092 于2019年3月5日周二 上午11:23写道: > > > > > Here is just my personal consideration. It's indeed a complex problem > when > > > get involved in security issues. > > > > > > > > > Once we decide this function is only provided directly by the service > > > instances, users can only log into the micro-service clusters to get > access > > > to these informations. In such case we can assume that the security > should > > > be guaranteed by users themselves. > > > There are still several problems: > > > 1. Usually there are all Linux OS servers in a cluster, with no > graphical > > > user interface. It may be hard to find a browser to read the > informations. > > > 2. If the instances enable Mutual TLS authentication, it may be > difficult > > > to get access to the informations directly. Or we can provide an > isolated > > > port for this feature, but it makes us further away from our security > goal. > > > > > > > > > If we provide a separate console service, maybe we can solve these > > > problem. The console can be split into web page and backend service. > The > > > backend service can be deployed into the service cluster. It can be > treated > > > as a common micro-service, which means the security options of it can > keep > > > the same as other services. The web pages, if they are static page with > > > html+js, can be deployed in the edge service. If users are concerned > about > > > the security issues, they can add authorization by themselves. > > > I think this solution is flexible, but complex for many users. > > > > > > > > > On conclusion, I guess if this feature is provided by service instances > > > directly, it is less complex for us to implement it. While it may be > not so > > > practical in production environment. If this feature is provided by > another > > > console service, it's more complex, but there are more chances to > apply it > > > into a production environment. > > > > > > > > > Yours sincerely > > > > > > > > > Yao Haishi > > > yhs0...@163.com > > > > > > > > > On 3/5/2019 10:37,wjm wjm wrote: > > > this feature should be for both development and production > environment, so > > > must conside security problem. > > > currently i'm not sure what's the best way to control it. > > > > > > yhs0092 于2019年3月5日周二 上午10:28写道: > > > > > > That's a great idea! > > > What is the positioning of this feature? If it's designed for > development > > > environment trouble-shooting, I guess it's okay the web pages are > provided > > > by the micro-service instances directly. But if this feature is > expected to > > > work in production environment, which may contains massive > micro-service > > > instances, maybe it's better that service instances provide RESTful > > > interfaces, and users get access to these informations via the console > > > service. > > > > > > > > > Yours sincerely > > > > > > > > > Yao Haishi > > > yhs0...@163.com > > > > > > > > > On 3/5/2019 09:52,wjm wjm wrote: > > > @zhang_lei > > > > > > ServiceComb can run with spring boot, but will not depend on spring > boot. > > > > > > > > > wjm wjm 于2019年3月5日周二 上午9:49写道: > > > > > > href of gif: > > > > > > >
Re: [dicusssion]upgrade spring boot 2 dependency
+1 for upgrading the spring-boot version both 2.x and 1.5.x. Willem Jiang Twitter: willemjiang Weibo: 姜宁willem On Wed, Mar 6, 2019 at 4:22 PM bismy wrote: > > Now java chassis depend on spring boot 2 2.0.0.RELEASE, this version is quite > old fashioned. Although users can use dependency management to use other > versions, but sometimes it is difficult to do so. Spring boot 2 changed > rapidly and many compatible problems with spring 5 version. > > > So I suggest to upgrade spring boot 2 to 2.1.2.RELEASE. > > > Any ideas?
Re: [dicusssion]upgrade spring boot 2 dependency
+1 bismy 于2019年3月6日周三 下午4:22写道: > Now java chassis depend on spring boot 2 2.0.0.RELEASE, this version is > quite old fashioned. Although users can use dependency management to use > other versions, but sometimes it is difficult to do so. Spring boot 2 > changed rapidly and many compatible problems with spring 5 version. > > > So I suggest to upgrade spring boot 2 to 2.1.2.RELEASE. > > > Any ideas?
Re: Release of ServiceComb
+1 Please merge my PR https://github.com/apache/servicecomb-pack/pull/420 before this coolbeevip BOCO > 在 2019年3月6日,下午2:29,Willem Jiang 写道: > > It's time for us to think about ServiceComb release now. > > As usual, we will release ServiceComb Java-Chassis 1.2.0, ServiceComb > ServiceCenter 1.2.0 at the end of this month, then we will release > ServiceComb Pack 0.4.0. > > Please reply the mail if you have any questions about the release plan. > > Willem Jiang > > Twitter: willemjiang > Weibo: 姜宁willem
[dicusssion]upgrade spring boot 2 dependency
Now java chassis depend on spring boot 2 2.0.0.RELEASE, this version is quite old fashioned. Although users can use dependency management to use other versions, but sometimes it is difficult to do so. Spring boot 2 changed rapidly and many compatible problems with spring 5 version. So I suggest to upgrade spring boot 2 to 2.1.2.RELEASE. Any ideas?
?????? [discuss][java-chassis] new feature for inspect internal statusof a microservice instance
I have an general idea to do this: 1. We do not need to create a new port for this feature, and share the microservice port. It has same security constraints like REST api. 2. We can provide both ui and REST api for this feature. Provided we need to easily access the ui from edge service(Is this possible to do it easily?). 3. We can start a new project, e.g. servicecomb-admin (or a module like in edge service do), users start this admin service along with microservices. So they can access admin service easily, do not need to care much about security constraints like service center console. -- -- ??: "willem.jiang"; : 2019??3??5??(??) 2:12 ??: "dev"; : Re: [discuss][java-chassis] new feature for inspect internal statusof a microservice instance I think we can start from the instance troubleshooting solution first, then we can consider to let management console redirect the request to the certain instance. Willem Jiang Twitter: willemjiang Weibo: willem On Tue, Mar 5, 2019 at 11:54 AM wjm wjm wrote: > > @yaohai...@huawei.com agree to you. > but > 1.graphical user interface is not a problem, network is a problem > browser maybe can not connect to the instance directly > 2.we must provide these features by governance console, the problem is if > we will provide it by instance also? > when provide by governance console, it's more powerful than by instance > because instance can only have self information, but governance can show > related instance's information. > > yhs0092 ??2019??3??5?? 11:23?? > > > Here is just my personal consideration. It's indeed a complex problem when > > get involved in security issues. > > > > > > Once we decide this function is only provided directly by the service > > instances, users can only log into the micro-service clusters to get access > > to these informations. In such case we can assume that the security should > > be guaranteed by users themselves. > > There are still several problems: > > 1. Usually there are all Linux OS servers in a cluster, with no graphical > > user interface. It may be hard to find a browser to read the informations. > > 2. If the instances enable Mutual TLS authentication, it may be difficult > > to get access to the informations directly. Or we can provide an isolated > > port for this feature, but it makes us further away from our security goal. > > > > > > If we provide a separate console service, maybe we can solve these > > problem. The console can be split into web page and backend service. The > > backend service can be deployed into the service cluster. It can be treated > > as a common micro-service, which means the security options of it can keep > > the same as other services. The web pages, if they are static page with > > html+js, can be deployed in the edge service. If users are concerned about > > the security issues, they can add authorization by themselves. > > I think this solution is flexible, but complex for many users. > > > > > > On conclusion, I guess if this feature is provided by service instances > > directly, it is less complex for us to implement it. While it may be not so > > practical in production environment. If this feature is provided by another > > console service, it's more complex, but there are more chances to apply it > > into a production environment. > > > > > > Yours sincerely > > > > > > Yao Haishi > > yhs0...@163.com > > > > > > On 3/5/2019 10:37??wjm wjm wrote?? > > this feature should be for both development and production environment, so > > must conside security problem. > > currently i'm not sure what's the best way to control it. > > > > yhs0092 ??2019??3??5?? 10:28?? > > > > That's a great idea! > > What is the positioning of this feature? If it's designed for development > > environment trouble-shooting, I guess it's okay the web pages are provided > > by the micro-service instances directly. But if this feature is expected to > > work in production environment, which may contains massive micro-service > > instances, maybe it's better that service instances provide RESTful > > interfaces, and users get access to these informations via the console > > service. > > > > > > Yours sincerely > > > > > > Yao Haishi > > yhs0...@163.com > > > > > > On 3/5/2019 09:52??wjm wjm wrote?? > > @zhang_lei > > > > ServiceComb can run with spring boot, but will not depend on spring boot. > > > > > > wjm wjm ??2019??3??5?? 9:49?? > > > > href of gif: > > > > https://issues.apache.org/jira/secure/attachment/12961084/swaggerAndDocument.gif > > and more question: > > how to define the security of the new feature > > should open a new port for the feature? > > > > > > wjm wjm ??2019??3??5?? 9:20?? > > > > currently it's difficult to collect internal status of a microservice > > instance when some problem happened. > > eg: > > routing depend on cached instances,
?????? Release of ServiceComb
+1 we have many important modifications since last release -- -- ??: "zzzwjm"; : 2019??3??6??(??) 2:56 ??: "dev"; : Re: Release of ServiceComb ok Willem Jiang ??2019??3??6?? 2:53?? > It's time for us to think about ServiceComb release now. > > As usual, we will release ServiceComb Java-Chassis 1.2.0, ServiceComb > ServiceCenter 1.2.0 at the end of this month, then we will release > ServiceComb Pack 0.4.0. > > Please reply the mail if you have any questions about the release plan. > > Willem Jiang > > Twitter: willemjiang > Weibo: willem >
