Mastering Alibaba Sentinel: Flow Control, Degradation, and Cluster Management Guide

What is Sentinel?

Sentinel is Alibaba's open‑source traffic‑defense guard, evolved over nearly ten years of Double‑11 shopping events. It protects services by monitoring traffic, circuit breaking, and system load.

Sentinel vs. Hystrix

Sentinel offers richer features and better performance than Hystrix; the article recommends replacing Hystrix with Sentinel.

Choosing Sentinel Version

When using Spring Cloud Alibaba, the version aligns with the spring-cloud-alibaba-dependencies BOM. For example, with BOM version 2.2.1.RELEASE, Sentinel version 1.7.1 is used.

Installing Sentinel Dashboard

Download the dashboard JAR from the official GitHub releases (e.g., sentinel-dashboard-1.7.1.jar) and start it with:

java -Dserver.port=8080 -Dcsp.sentinel.dashboard.server=localhost:8080 -Dproject.name=sentinel-dashboard -jar sentinel-dashboard-1.7.1.jar

The default login is sentinel/sentinel. Adjust the username and password from Sentinel 1.6.0 onward using JVM arguments such as -Dsentinel.dashboard.auth.username=admin and -Dsentinel.dashboard.auth.password=123.

Integrating a Microservice with Sentinel

Create a Spring Boot microservice (e.g., sentinel-service9008) and add the dependency spring-cloud-starter-alibaba-sentinel. Register the service with Nacos and configure Sentinel dashboard address in application.yml:

spring:
  cloud:
    sentinel:
      transport:
        dashboard: localhost:8080

After starting the service, it appears in the dashboard under the name sentinel-service. Lazy loading means a resource is monitored only after the first request; set eager=true to register at startup.

Configuring Flow Control

Flow control limits QPS or concurrent threads per resource. A FlowRule consists of resource, count, grade (1 for QPS, 0 for threads), limitApp, strategy, and controlBehavior. The dashboard UI visualises these fields.

Flow Control Effects

Fast Fail : Requests exceeding the threshold are immediately rejected with a FlowException.

Warm‑up : Uses a token‑bucket algorithm; traffic ramps up over a configurable warm‑up period (default coldFactor=3).

Queueing : Requests are paced uniformly using a leaky‑bucket algorithm; excess requests wait up to a configurable timeout.

Flow Control Modes

Direct reject (default).

Associated: a target resource’s threshold triggers limiting of another resource (e.g., limit /order when /pay is hot).

Chain: limits based on the entry resource of a call chain.

Degradation (Circuit Breaking) Rules

Sentinel supports three degradation strategies defined by DegradeRule:

Average response time (RT) – if RT exceeds count ms for a number of requests, the method is circuit‑broken for timeWindow seconds.

Exception ratio – if the exception ratio exceeds count within a statistical window, the method is degraded.

Exception count – if the number of exceptions in a minute exceeds count, degradation occurs.

Examples show a 3‑second sleep causing RT‑based degradation.

Hotspot Parameter Flow Control

Hotspot limiting protects frequently accessed parameter values (e.g., product IDs in a flash‑sale). Sentinel uses an LRU cache and token‑bucket algorithm. Rules are defined by ParamFlowRule specifying resource, paramIdx, and count. Exception items can raise the threshold for specific parameter values.

System Adaptive Flow Control

System rules protect the whole JVM based on load, CPU usage, average RT, thread count, or inbound QPS. The dashboard shows five rule types. Example demonstrates an entry‑QPS rule that throttles all endpoints when the threshold is exceeded.

Customizing Block Exception Messages

Use @SentinelResource with blockHandler (or blockHandlerClass) to return custom messages when a request is blocked. The block handler must be public and have the same return type plus a BlockException parameter.

Exception Handling and Fallback

Beyond flow‑control blocks, @SentinelResource also supports fallback (or fallbackClass) for business exceptions, and defaultFallback for a global fallback method. The article demonstrates handling a division‑by‑zero exception with a fallback that returns a friendly message.

Whitelist / Blacklist (Authority) Rules

Authority rules control access based on request origin. Define a AuthorityRule with resource, limitApp (comma‑separated origins), and strategy (white or black). Implement RequestOriginParser to extract the origin, e.g., from the client IP.

Persisting Rules with Nacos (Push Mode)

Sentinel stores rules in memory by default. To persist, configure sentinel-datasource-nacos and add datasource entries in application.yml for flow and degrade rules. Rules are stored as JSON in Nacos data IDs such as ${spring.application.name}-flow. The dashboard automatically pulls updates from Nacos.

Pushing Dashboard Changes Back to Nacos

By default, Nacos only pushes to the dashboard. To push modifications from the dashboard to Nacos, modify Sentinel’s dashboard source: replace the test‑scope Nacos dependency, copy the Nacos rule package to com.alibaba.csp.sentinel.dashboard.rule, and adapt FlowControllerV1 to use the Nacos provider and publisher. After rebuilding, rule changes are synchronized to Nacos.

Cluster Flow Control

Cluster flow control centralises token distribution across multiple instances. Two roles exist: Token Client (requests tokens) and Token Server (issues tokens). Modes are:

Alone (stand‑alone server) – suitable for a global rate limiter.

Embedded – the token server runs inside each instance, allowing peer‑to‑peer token sharing.

Configure one instance as the token server via the dashboard, others as clients, and define a cluster rule (e.g., QPS limit). The rule can also be stored in Nacos.

Gateway Flow Control

The article notes that gateway‑level flow control follows the same principles and refers to the official Sentinel gateway documentation for details.

Overall, the guide demonstrates end‑to‑end Sentinel usage: from installation, dashboard operation, rule definition, advanced features such as hotspot limiting, system adaptive protection, custom block handling, persistence, and cluster flow control, enabling robust traffic management for Java microservices.