As a next-generation Internet protocol, migration to IPv6 is the general trend in the future. However, due to the large-scale application of the IPv4 protocol in the current Internet, there is no way for users to specify a time and date. From that moment on, all devices on the Internet will use IPv6, which is unrealistic. One-time migration is not only unfeasible at the infrastructure level, but for enterprise users, even if the infrastructure can be prepared, it is unacceptable for enterprise users to shut down at least hundreds or even thousands of application instances for a period of time for protocol stack migration, no matter in terms of risk or cost! Since it cannot be done in one step, gradual IP address migration has become the current mainstream choice. This article will introduce some mainstream gradual IP address migration methods.
background
The IPv4 protocol (hereinafter referred to as IPv4) has made important contributions to the development and popularization of the Internet, but in recent years, with the explosive growth of applications, data and IT services. The IPv4 address used to describe the 32-bit binary number format used in the protocol design process has been exhausted in 2011 [1], and since then, the whole world has been in a situation where no new addresses are available.
The IPv6 protocol (hereafter referred to as IPv6) is the next-generation Internet protocol adopted after IPv4. Compared with the IPv4 protocol, which uses 32 bits to represent IP addresses, the number of address representation bits has been expanded to 128 bits, and the number of addresses is 2 to the 96th power that IPv4 can provide. Simply looking at the numbers may seem unintuitive. Instead, it is more intuitive and classic to describe the number of IPv6 addresses: "IPv6, which uses 128 bits to represent addresses, can assign an IP address to every grain of sand on the earth"! In addition, the IPv6 protocol can not only solve the address shortage problem in the IPv4 protocol, but also provide more efficient and secure network communication for the Internet. The IPv6 protocol provides many new functions and advantages in network communication. For example, in terms of data transmission and routing, its new design improves efficiency and reliability, reducing network congestion and packet loss. In addition, in the field of security, its built-in support for IPSec can better protect the security of data transmission in the network and prevent hackers from attacking and stealing data. As a next-generation Internet protocol, migration to IPv6 is the general trend in the future. In my country, since 2014, relevant agencies have gradually stopped allocating IPv4 addresses to new users and applications, and started to fully commercialize the IPv6 protocol (Computer Network (Seventh Edition) Xie Xiren). According to government guidance, in recent years, a series of related guidance documents have been issued successively, such as: Action Plan for Promoting Internet Protocol Version 6 (IPv6) Scale Deployment” issued by the State Council in 2017, and “IPv6 Traffic Improvement Three-Year Special Action Plan (2021-2023) issued by the Ministry of Industry and Information Technology in 2021, the Guiding Opinions on Promoting IPv6 Scale Deployment issued by the Cyberspace Administration of China 4 protocol migration to IPv6 protocol. However, due to the large-scale application of the IPv4 protocol in the current Internet, there is no way for users to specify a time and date. From that moment on, all devices on the Internet will use IPv6, which is unrealistic. One-time migration is not only unfeasible at the infrastructure level, but for enterprise users, even if the infrastructure can be prepared, it is unacceptable for enterprise users to shut down at least hundreds or even thousands of application instances for a period of time for protocol stack migration, no matter in terms of risk or cost! Since it cannot be done in one step, gradual IP address migration has become the current mainstream choice. Next, this article will introduce some mainstream gradual IP address migration methods.
Migration scheme
Although the IPv6 protocol has many advantages, its promotion and application still face many challenges. The popularization of IPv6 requires supporting infrastructure measures and support on a global scale, including updating of network equipment, personnel training, promotion of policies and regulations, and so on. At the same time, the compatibility between IPv6 and IPv4 is also an important issue, which needs to be solved through technical means and transition mechanism. Common IP protocol gradual migration coexistence solutions mainly include dual stack (Dual Stack), tunneling (Tunneling) and other technologies. Among them, dual-stack technology is a widely used IPv4/IPv6 coexistence technology in the industry. Its purpose is to install IPv4 and IPv6 dual protocol stacks for devices before the Internet completely transitions to IPv6. A dual-stack device can communicate with a single-IPv4, single-IPv6, or dual-stack device. By allowing various protocol stacks to coexist, the migration of the IP protocol stack is carried out gradually. For example, Kubernetes has already supported dual-stack function very early. Tunneling technology is a method of encapsulating IPv6 addresses into IPv4 datagrams. After the data is sent from the IPv6 single protocol stack, in the process of passing through the IPv4 single stack network environment, the IPv6 address is encapsulated into the IPv4 datagram as the content of the IPv4 datagram, and then transmitted through the IPv4 protocol stack. After passing through the IPv4 single-stack environment, when coming to the IPv6 single-stack environment, the content of the IPv6 data segment in the datagram is parsed out, and a new IPv6 datagram is constructed for transmission in the IPv6 protocol stack environment.
Microservice dual-stack migration solution
The solutions presented above are more of a generalized methodology. But specifically in the microservice system, how does the remote call process realize the coexistence of multiple protocol stacks so as to help enterprise users smoothly migrate the protocol stacks?
The above figure is the remote call process architecture diagram commonly used between services in the current microservice system in the industry. Next, this article introduces how to implement the common method of smooth migration of the protocol stack of the microservice application based on the dual-stack technology.
Double registration and double subscription to achieve smooth migration of the protocol stack
In the microservice system, compared with the single-stack environment, there is only one IP address, and the registration and discovery process of the microservice is based on the address to complete the service remote call. In an environment where multiple protocol stacks coexist, the essence is to solve the problem of how to use IP addresses during service registration and discovery. After sorting out the problem, it is not difficult to find that the method based on double registration and double subscription can better solve the problem of coexistence of multiple protocol stacks in the microservice system, so as to realize the smooth migration of the protocol stack of the microservice system. The service registration and subscription process of this solution can be described as shown in the following figure:
The process of using double registration and double subscription to realize the smooth IP protocol stack migration of the microservice system can be roughly described as the following steps:
- Before the new application is upgraded or released, upgrade the IP address protocol stack of the host machine where the relevant microservice application is located, so that it supports both IPv4 and IPv6 dual protocol stacks.
- For the microservice application transformed in step 1, at the microservice framework level, a dual-stack address extraction module extracts valid IPv4 and IPv6 addresses in the application host, and registers both dual-stack addresses to the registration center through the service registration module.
- The consumer subscribes to the IPv4 and IPv6 dual-stack addresses of a service in the registration center, and compares the protocol stack type supported by the host through the dual-stack address resolution module at the application service framework level. If the host only supports IPv4 protocol, use the provider’s IPv4 address to initiate a service call; if it only supports IPv6 or supports both dual stacks, use the provider’s IPv6 address to initiate a service call;
- After all the microservices in the system support the IPv6 protocol stack, gradually close the IPv4 protocol stack for all application hosts, so as to smoothly complete the migration of the large-scale microservice system from the IPv4 protocol stack to the IPv6 protocol stack.
Realize smooth migration of protocol stack based on DNS technology
Although the method of dual registration and dual subscription is natural and clear, it will reduce the service capacity of the registration center because an additional record corresponding to the IP address will be registered for the application in the dual-stack environment during the service registration process. Therefore, it is also possible to realize the coexistence of multiple protocol stacks based on DNS technology, and to solve the method of protocol stack migration in the microservice system. Its essence is to change the original process of registering the service instance address into the registration service instance domain name (the domain name here is more of an instance identification function), which can realize the coexistence of multiple protocol stacks through the additional DNS domain name system to store the dual-stack IP address corresponding to the service domain name under the condition that the number of registered service instance records in the registry remains unchanged. The service registration and subscription process using this scheme is shown in the following figure:
The process of implementing smooth IP address migration in a microservice system based on DNS technology can be roughly described as the following steps:
- Before the new application is upgraded or released, the IP address protocol stack of the relevant micro-service application is transformed so that it supports both IPv4 and IPv6 dual protocol stacks. The modified application needs to register the dual-stack IP address information of the machine and the domain name characteristic of this application instance to the DNS service of the system.
- After completing the domain name registration, the application instance registers the local domain name to the registration center.
- The consumer subscribes to the domain name of all instances of a certain service in the registration center, and initiates a request based on domain name resolution to the DNS service in the system through the domain name resolution module at the application framework level. After obtaining the IP address corresponding to the example domain name through DNS, compare the protocol stack type supported by the host machine. If the host machine only supports IPv4, use the IPv4 address to initiate the service call; if the host machine only supports IPv6 or supports both stacks at the same time, use the IPv6 address to initiate the service call;
- After all the microservices in the system support the IPv6 protocol stack, gradually close the IPv4 protocol stack for all application hosts, so as to smoothly complete the migration of the large-scale microservice system from the IPv4 protocol stack to the IPv6 protocol stack. Compared with the double registration and double subscription method, the DNS-based method can better solve the redundant pressure on the registration center during the double registration and double subscription process, but the high availability of DNS is also a point that enterprise users need to pay special attention to.
practice
As a widely used microservice framework, Spring Cloud Alibaba has provided a solution for interoperability and coexistence of different protocol stack applications in microservice scenarios in version 2021.0.5.0, so as to help enterprise users realize the protocol stack migration capability of large-scale microservice systems. The community solution is based on the implementation of dual registration and dual subscription. After the application is started, the IPv4 address and IPv6 address of the microservice will be registered in the registration center by default. The IPv4 address will be stored under the IP field in the Nacos service list, and the IPv6 address will be in the metadata field of Nacos. When a service consumer calls a service provider, it will select an appropriate IP address type to initiate a service call according to its own IP protocol stack support. Specific rules:
- If the service consumer itself supports IPv4 and IPv6 dual protocol stacks or only supports the IPv6 protocol stack, the service consumer will use the IPv6 address provided by the service to initiate a service call;
- If the service consumer itself only supports IPv4 single protocol stack, the service consumer will use the IPv4 address provided by the service to initiate a service call.
Application configuration
Compared with the general use of Spring Cloud Alibaba to build microservices, the following configuration needs to be added to the application to use the protocol stack coexistence migration function:
Service Registration
At present, after using the Spring Cloud Alibaba version that supports the protocol stack coexistence and migration function, the service provider does not need to do any configuration during the service registration process, and will check the protocol stack supported by the current application by default. If the default is a single IPv6 or IPv4 protocol stack, only the corresponding address will be registered. If the application supports dual-stack, it will automatically obtain the IPv6 address of the application, and then register the IPv6 address in the registration center as the service instance metadata of the application instance.
Service Consumption
If the application uses the Spring Cloud Alibaba 2021.0.5.0 version, the Spring Cloud LoadBalancer load balancing strategy is used by default, and the following configuration needs to be added to the consumer application application.properties configuration file to enable the protocol stack coexistence migration function:
spring.cloud.loadbalancer.ribbon.enabled=false
spring.cloud.loadbalancer.nacos.enabled=true
Effect demonstration
For the convenience of demonstration, this article builds a dual-stack environment directly based on Aliyun Container Service ACK to demonstrate service registration and consumption in a dual-stack environment.
Service Registration
The Pod information of the service provider instance used in this article is as follows:
Based on the coexistence and migration function of the Spring Cloud Alibaba protocol stack, its service instance list information on the registration center:
Service Consumption
Single-stack environment service consumer:
After the service call is successful, the service provider will print the calling IP address of the calling consumer:
From the above returned results, consumers in the IPv4 single-stack environment always initiate requests to dual-stack service providers through the IPv4 protocol stack because they only support single-stack. Dual-stack environment service consumer:
After the service call is successful, the service provider will print the calling IP address of the calling consumer, and you can see that the IPv6 address of the consumer is printed:
From the above returned results, consumers in the IPv4/IPv6 dual-stack environment support IPv6, and in order to realize the migration of the protocol stack to IPv6, they always send requests to the dual-stack service provider through the IPv6 protocol stack by default.