The description of the port part in the “12 elements” of cloud native applications “provides services through port binding, and Internet applications provide services through port binding”. In the same concept in Kato, the component definition port actually defines the service provided by the current component. Port control includes operations such as port number, port protocol, port access control, internal component port alias variable setting, etc. The following figure is a schematic diagram of different teams and different port components after different access controls are enabled:
Port Number Setting
The component port corresponds to the port monitored by the internal program of the container. That is to say, when the port monitored by the program is 8080, the port of the component should be set to 8080. You can add other ports to the component through the [Add Port] function. You need to ensure that the added port is consistent with the port that the program listens to, and select the corresponding port protocol.
Kato does not recommend developers to set the component’s listening port to 80, which may conflict with Kato mesh layer communication management. It is recommended that the component code supports identifying the value of the environment variable
PORT to establish a listener. In this way, the monitoring port of the component code can be dynamically adjusted on the platform.
A component can have multiple ports, which may have different opening strategies. For example, a port provides HTTP services to the outside world. A port provides data query services for internal components.
For components built from source code, if the monitoring port configuration is not defined in the source code, the system defaults to add a port number of 5000.
The port can specify different protocol types. Currently Kato supports
MySQL protocols. Please make sure that the selected protocol is consistent with the protocol that your program monitors.
The choice of protocol will affect the subsequent operations of the component:
Performance analysis function
After the performance analysis plug-in is activated for components of different protocols, the performance analysis methods will be different. For example, the HTTP protocol will analyze the data related to HTTP, and the MySQL protocol will analyze the data related to the MySQL statement.
Open access to external components
When the port is opened for external components, the HTTP protocol will assign the default domain name, and the non-HTTP protocol will assign the IP+port access method.
Mesh layer governance
Providing several layers of governance for components is directly related to the protocol of component ports.
Port Access Control
Port access control is divided into two categories:
Here in refers to the team, the access permission of the component to the team is turned on, then the current component port will be registered in the team’s internal component available pool, and the components within the team can be added through [Add Dependent component] to access the component. Refer to Communication between components
After opening the external component, the platform will register the component port to the team’s external component available pool. At this time, the application gateway can access the component with the access policy configured by the user. At this time, outside the platform and The components of other teams within the platform can be accessed through the domain name or IP assigned by the application gateway. Refer to Extranet Access Components
After the port is opened for the internal service, if other components want to connect to the component, you need to [add dependent components] to establish an association, and then connect via connection address or environment variable.
Port access control can be turned on and off as needed. It can be turned on separately or all. If the component is a worker program, only other components need to be connected. There is no need to open port access without port monitoring.
Component Access Policy Management
Kato automatically generates a default domain name for each HTTP component. Generally, this domain name is relatively long and not easy to remember. You can quickly bind a custom domain name in the component port management panel. For several management and advanced settings of component access policies, please refer to Extranet Access Components