How High‑Availability Container Cloud Powers Scalable Services: Real‑World Practices

High‑Availability Architecture Overview

High availability is a fundamental requirement for internet‑scale systems; a well‑designed architecture delivers cost‑effective, flexible services, while poor designs cause costly complexity, frequent outages, and hinder business growth.

Why Adopt Container Cloud?

Traditional server scaling is slow and cumbersome, environment inconsistencies cause instability, and mixed deployments lead to resource contention; container clouds address these issues by enabling rapid scaling, consistent environments, and isolated services.

Qianlong Technology Container Cloud Architecture

Qianlong uses Kubernetes as the scheduler with master and node clusters, NFS storage, and a layered stack: infrastructure (storage, network), container layer (K8s, Calico, Harbor, Clair, NPS), and resource‑management layer (container management, auto‑scaling, deployment, permissions).

High availability is ensured by three master nodes (APIServer, controller‑manager, scheduler, kube‑proxy, Kubelet) with data stored in etcd, and HA‑Proxy load‑balancing nodes to masters; Calico provides resilient networking.

UCloud API High‑Availability Deployment & Gray Release

UCloud offers API services for automated cloud resource management, supporting dynamic scaling, graceful degradation, and multi‑region deployment to ensure continuity even if a city‑level data center fails.

Key pain points include slow feature iteration, incomplete pre‑release environments, lack of release granularity, and uncontrolled impact scope.

Gray Release System Design

The system provides hot‑updatable rules, open APIs for integration, a web UI for non‑technical users, and extensible rule definitions based on request headers or bodies.

Implementation with OpenResty

OpenResty (Nginx + Lua) powers the gray release service, enabling high‑concurrency handling, non‑blocking I/O, and seamless integration with backend services such as MySQL, PostgreSQL, Redis, etc.

High‑Availability Gateway in Microservice Architecture

Qianlong selected Zuul (Spring Cloud) over Kong for its Java ecosystem, deploying a gateway cluster behind WAF and ULB, with routing rules stored in MySQL and synchronized to Zookeeper; Redis caches H5 tokens.

Zuul Filters

Four standard filter types manage request lifecycle: PRE (authentication, routing decisions), ROUTING (forwarding to services), POST (response enrichment, metrics), and ERROR (error handling).

Monitoring, Alerting, and Security

Qianlong built custom metrics and alert platforms; security includes dual‑protocol support, merchant‑only API access, IP whitelists/blacklists, public‑private key encryption, DES3 key exchange, salted MD5 signatures, and 24‑hour token validation for H5.

Rate Limiting and Circuit Breaking

Platform‑level rate limiting uses a pre‑filter token bucket; service‑level isolation employs Hystrix for circuit breaking and fallback handling.

Performance Optimizations

RSA key generation for H5/App requests is pre‑computed nightly and cached to avoid runtime overhead.

Anti‑Crawling Measures

Gateway inspects headers, tracks IP/account activity, serves critical data as images, and applies JS obfuscation to deter crawlers.

Dynamic Filters

Groovy‑based Zuul filters can be updated on‑the‑fly without service restarts, enabling real‑time request interception for special business needs.