Skip to main content
Version: 2.6.0

Flow Control

Many applications consist of intricate networks of interconnected services that drive essential features. While both monolithic and decoupled architectures offer various advantages, they also introduce new challenges and complexities. During periods of high traffic, a critical service may experience queue buildup, triggering a detrimental positive feedback loop and leading to cascading failures. As a result, the application becomes unresponsive, causing disruptions to crucial end-user transactions.

Absence of flow control Absence of flow control

Applications are governed by Little’s Law, which describes the relationship between concurrent requests in the system, arrival rate of requests, and response times. For the application to remain stable, the concurrent requests in the system must be limited. Indirect techniques to stabilize applications such as rate-limiting and auto-scaling fall short in enabling good user experiences or business outcomes. Rate-limiting individual users is insufficient in protecting services. Auto-scaling is slow to respond and can be cost-prohibitive. As the number of services scales, these techniques get harder to deploy.

Reliability with flow control Reliability with flow control

This is where flow control comes in. Applications can degrade gracefully in real-time when using flow control techniques with Aperture, by prioritizing high-importance features over others. Reliable operations at web-scale are impossible without effective flow control.

Aperture splits the process of flow control into two layers:

  • Governing the flow control process and making high-level decisions. This is done by the Aperture Controller through Policies.
  • Actual execution of flow control is performed by Aperture Agent through Load Samplers, Load Schedulers and Rate Limiters. Additionally, the Agent handles other flow-control related tasks, like gathering metrics through Flux Meters and classifying traffic through Classifiers. This chapter describes flow control capabilities at the Agent.

Insertion

For Aperture to be able to act at any of the Control Points, you need to install integrations that will communicate with the Aperture Agent.

  • HTTP Control Points: Web framework and service-mesh based integrations expose Control Points at in the traffic path of a service.

    In principle, any web proxy or web framework can be integrated with Aperture in this way. These integrations use Envoy's External Authorization API. Integrations with several popular web frameworks are available.

    Integration instructions for Istio/Envoy are provided, and the Control Point can be named to identify a particular filter chain in Envoy. If insertion is done through Istio, the default filter configuration assigns ingress and egress Control Points as identified by Istio.

  • Feature Control Points: Aperture SDKs are available for popular programming languages. Aperture SDK wraps any function call or code snippet inside the service code as a Feature Control Point. Every invocation of the feature is a flow from the perspective of Aperture.

    The SDK provides an API to begin a flow, which translates to a flowcontrol.v1.Check call into Agent. The response of this call contains a decision on whether to allow or reject the flow. The execution of a feature might be gated based on this decision. There is an API to end a flow, which sends an OpenTelemetry span representing the flow to the Agent as telemetry.