alibaba/jvm-sandbox alibaba/jvm-sandbox

  • Stars
    star
    6,601
  • Rank 5,712 (Top 0.2 %)
  • Language
    Java
  • License
    GNU Lesser Genera...
  • Created almost 7 years ago
  • Updated 7 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
alibaba/jvm-sandbox
github

alibaba

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Real - time non-invasive AOP framework container based on JVM

BANNER

Build Status codecov Average time to resolve an issue Percentage of issues still open

JVM沙箱容器,一种JVM的非侵入式运行期AOP解决方案
Real - time non-invasive AOP framework container based on JVM

目标群体

  • BTRACE好强大,也曾技痒想做一个更便捷、更适合自己的问题定位工具,既可支持线上链路监控排查,也可支持单机版问题定位。
  • 有时候突然一个问题反馈上来,需要入参才能完成定位,但恰恰没有任何日志,甚至出现在别人的代码里,好想开发一个工具可以根据需要动态添加日志,最好还能按照业务ID进行过滤。
  • 系统间的异常模拟可以使用的工具很多,可是系统内的异常模拟怎么办,加开关或是用AOP在开发系统中实现,好想开发一个更优雅的异常模拟工具,既能模拟系统间的异常,又能模拟系统内的异常。
  • 好想获取行调用链路数据,可以用它识别场景、覆盖率统计等等,覆盖率统计工具不能原生支持,统计链路数据不准确。想自己开发一个工具获取行链路数据。
  • 我想开发录制回放、故障模拟、动态日志、行链路获取等等工具,就算我开发完成了,这些工具底层实现原理相同,同时使用,要怎么消除这些工具之间的影响,怎么保证这些工具动态加载,怎么保证动态加载/卸载之后不会影响其他工具,怎么保证在工具有问题的时候,快速消除影响,代码还原

如果你有以上研发诉求,那么你就是JVM-SANDBOX(以下简称沙箱容器)的潜在客户。沙箱容器提供

  1. 动态增强类你所指定的类,获取你想要的参数和行信息甚至改变方法执行
  2. 动态可插拔容器框架

项目简介

JVM-SANDBOX(沙箱)实现了一种在不重启、不侵入目标JVM应用的AOP解决方案。

沙箱的特性

  1. 无侵入:目标应用无需重启也无需感知沙箱的存在
  2. 类隔离:沙箱以及沙箱的模块不会和目标应用的类相互干扰
  3. 可插拔:沙箱以及沙箱的模块可以随时加载和卸载,不会在目标应用留下痕迹
  4. 多租户:目标应用可以同时挂载不同租户下的沙箱并独立控制
  5. 高兼容:支持JDK[6,11]

沙箱常见应用场景

  • 线上故障定位
  • 线上系统流控
  • 线上故障模拟
  • 方法请求录制和结果回放
  • 动态日志打印
  • 安全信息监测和脱敏

JVM-SANDBOX还能帮助你做很多很多,取决于你的脑洞有多大了。

实时无侵入AOP框架

在常见的AOP框架实现方案中,有静态编织和动态编织两种。

  1. 静态编织:静态编织发生在字节码生成时根据一定框架的规则提前将AOP字节码插入到目标类和方法中,实现AOP;
  2. 动态编织:动态编织则允许在JVM运行过程中完成指定方法的AOP字节码增强.常见的动态编织方案大多采用重命名原有方法,再新建一个同签名的方法来做代理的工作模式来完成AOP的功能(常见的实现方案如CgLib),但这种方式存在一些应用边界:
    • 侵入性:对被代理的目标类需要进行侵入式改造。比如:在Spring中必须是托管于Spring容器中的Bean
    • 固化性:目标代理方法在启动之后即固化,无法重新对一个已有方法进行AOP增强

要解决无侵入的特性需要AOP框架具备 在运行时完成目标方法的增强和替换。在JDK的规范中运行期重定义一个类必须准循以下原则

  1. 不允许新增、修改和删除成员变量
  2. 不允许新增和删除方法
  3. 不允许修改方法签名

JVM-SANDBOX属于基于Instrumentation的动态编织类的AOP框架,通过精心构造了字节码增强逻辑,使得沙箱的模块能在不违反JDK约束情况下实现对目标应用方法的无侵入运行时AOP拦截

核心原理

事件驱动

在沙箱的世界观中,任何一个Java方法的调用都可以分解为BEFORERETURNTHROWS三个环节,由此在三个环节上引申出对应环节的事件探测和流程控制机制。

// BEFORE
try {

   /*
    * do something...
    */

    // RETURN
    return;

} catch (Throwable cause) {
    // THROWS
}

基于BEFORERETURNTHROWS三个环节事件分离,沙箱的模块可以完成很多类AOP的操作。

  1. 可以感知和改变方法调用的入参
  2. 可以感知和改变方法调用返回值和抛出的异常
  3. 可以改变方法执行的流程
    • 在方法体执行之前直接返回自定义结果对象,原有方法代码将不会被执行
    • 在方法体返回之前重新构造新的结果对象,甚至可以改变为抛出异常
    • 在方法体抛出异常之后重新抛出新的异常,甚至可以改变为正常返回

类隔离策略

沙箱通过自定义的SandboxClassLoader破坏了双亲委派的约定,实现了和目标应用的类隔离。所以不用担心加载沙箱会引起应用的类污染、冲突。各模块之间类通过ModuleJarClassLoader实现了各自的独立,达到模块之间、模块和沙箱之间、模块和应用之间互不干扰。

jvm-sandbox-classloader

类增强策略

沙箱通过在BootstrapClassLoader中埋藏的Spy类完成目标类和沙箱内核的通讯

jvm-sandbox-enhance-class

整体架构

jvm-sandbox-architecture

快速安装

  • 下载并安装或自行打包

    # 下载最新版本的JVM-SANDBOX,oss已到期,或者oss链接不可访问时,可选择自行打包
wget https://ompc.oss-cn-hangzhou.aliyuncs.com/jvm-sandbox/release/sandbox-1.3.3-bin.zip

# 解压
unzip sandbox-1.3.3-bin.zip
    #自行打包
 cd bin
 ./sandbox-packages.sh
 #target路径下有多种构建件类型,选择一个合适的使用
 cd ../target

  • 挂载目标应用

    # 进入沙箱执行脚本
cd sandbox/bin

# 目标JVM进程33342
./sandbox.sh -p 33342

  • 挂载成功后会提示

    ./sandbox.sh -p 33342
           NAMESPACE : default
             VERSION : 1.2.0
                MODE : ATTACH
         SERVER_ADDR : 0.0.0.0
         SERVER_PORT : 55756
      UNSAFE_SUPPORT : ENABLE
        SANDBOX_HOME : /Users/vlinux/opt/sandbox
   SYSTEM_MODULE_LIB : /Users/vlinux/opt/sandbox/module
     USER_MODULE_LIB : ~/.sandbox-module;
 SYSTEM_PROVIDER_LIB : /Users/vlinux/opt/sandbox/provider
  EVENT_POOL_SUPPORT : DISABLE

  • 卸载沙箱

    ./sandbox.sh -p 33342 -S
jvm-sandbox[default] shutdown finished.

项目构建

当你修改了sandbox的代码后,想打包成自己需要的发行版,可以执行以下命令

脚本执行目录默认为项目主目录,后续不在另外说明

cd bin
./sandbox-package.sh

命令执行成功后会在target目录下生成sandbox-<版本号>-bin.zip文件

构建注意事项

  1. 必须用JDK1.8进行构建,工程自身和maven插件中使用了tools.jar
  2. 必须在Linux/Mac/Unix下进行构建,有部分测试用例没有考虑好$USER_HOME的目录路径在windows下的特殊性,会导致测试用例跑不通过。

修改sandbox版本号

sandbox的版本号需要修改所有的pom文件以及.//sandbox-core/src/main/resources/com/alibaba/jvm/sandbox/version,这里有一个脚本方便执行

cd bin
./set-version.sh -s 1.4.0

脚本第一个参数是[s|r]

  • s : SNAPSHOT版,会自动在版本号后边追加-SNAPSHOT
  • r : 正式版

本地仓库安装api包

如果本次你修改了sandbox-api、sandbox-common-api、sandbox-module-starter等本应该发布到中央仓库的包,但你需要本地测试验证,可以执行以下命令

mvn clean install

以下四个包将会安装到本地manven仓库

  • sandbox
  • sandbox-api
  • sandbox-common-api
  • sandbox-module-starter
  • sandbox-provider-api

项目背景

2014年GREYS第一版正式发布,一路看着他从无到有,并不断优化强大,感慨羡慕之余,也在想GREYS是不是只能做问题定位。

2015年开始根据GREYS的底层代码完成了人生的第一个字节码增强工具——动态日志。之后又萌生了将其拆解成录制回放故障模拟等工具的想法。扪心自问,我是想以一人一个团队的力量建立大而全的工具平台,还是做一个底层中台,让每一位技术人员都可以在它的基础上快速的实现业务功能。我选择了后者。

相关文档

More Repositories

1

arthas

Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas
Java
34,428
star
2

easyexcel

快速、简洁、解决大文件内存溢出的java处理Excel工具
Java
30,946
star
3

p3c

Alibaba Java Coding Guidelines pmd implements and IDE plugin
Kotlin
29,294
star
4

nacos

an easy-to-use dynamic service discovery, configuration and service management platform for building cloud native applications.
Java
28,956
star
5

canal

阿里巴巴 MySQL binlog 增量订阅&消费组件
Java
27,786
star
6

druid

阿里云计算平台DataWorks(https://help.aliyun.com/document_detail/137663.html) 团队出品,为监控而生的数据库连接池
Java
27,644
star
7

spring-cloud-alibaba

Spring Cloud Alibaba provides a one-stop solution for application development for the distributed solutions of Alibaba middleware.
Java
27,254
star
8

fastjson

FASTJSON 2.0.x has been released, faster and more secure, recommend you upgrade.
Java
25,603
star
9

flutter-go

flutter 开发者帮助 APP,包含 flutter 常用 140+ 组件的demo 演示与中文文档
Dart
23,552
star
10

Sentinel

A powerful flow control component enabling reliability, resilience and monitoring for microservices. (面向云原生微服务的高可用流控防护组件)
Java
21,947
star
11

weex

A framework for building Mobile cross-platform UI
C++
18,204
star
12

ice

🚀 ice.js: The Progressive App Framework Based On React(基于 React 的渐进式应用框架)
TypeScript
17,772
star
13

DataX

DataX是阿里云DataWorks数据集成的开源版本。
Java
14,952
star
14

ARouter

💪 A framework for assisting in the renovation of Android componentization (帮助 Android App 进行组件化改造的路由框架)
Java
14,228
star
15

lowcode-engine

An enterprise-class low-code technology stack with scale-out design / 一套面向扩展设计的企业级低代码技术体系
TypeScript
13,869
star
16

hooks

A high-quality & reliable React Hooks library.
TypeScript
13,353
star
17

tengine

A distribution of Nginx with some advanced features
C
12,583
star
18

vlayout

Project vlayout is a powerfull LayoutManager extension for RecyclerView, it provides a group of layouts for RecyclerView. Make it able to handle a complicate situation when grid, list and other layouts in the same recyclerview.
Java
10,804
star
19

formily

📱🚀 🧩 Cross Device & High Performance Normal Form/Dynamic(JSON Schema) Form/Form Builder -- Support React/React Native/Vue 2/Vue 3
TypeScript
10,716
star
20

COLA

🥤 COLA: Clean Object-oriented & Layered Architecture
Java
9,964
star
21

ali-dbhub

已迁移新仓库,此版本将不再维护
8,454
star
22

MNN

MNN is a blazing fast, lightweight deep learning framework, battle-tested by business-critical use cases in Alibaba
C++
8,307
star
23

atlas

A powerful Android Dynamic Component Framework.
Java
8,120
star
24

rax

🐰 Rax is a progressive framework for building universal application. https://rax.js.org
JavaScript
7,979
star
25

otter

阿里巴巴分布式数据库同步系统(解决中美异地机房)
Java
7,967
star
26

anyproxy

A fully configurable http/https proxy in NodeJS
JavaScript
7,726
star
27

fish-redux

An assembled flutter application framework.
Dart
7,341
star
28

AndFix

AndFix is a library that offer hot-fix for Android App.
C++
6,954
star
29

flutter_boost

FlutterBoost is a Flutter plugin which enables hybrid integration of Flutter for your existing native apps with minimum efforts
Dart
6,832
star
30

x-render

🚴‍♀️ 阿里 - 很易用的中后台「表单 / 表格 / 图表」解决方案
TypeScript
6,765
star
31

transmittable-thread-local

📌 TransmittableThreadLocal (TTL), the missing Java™ std lib(simple & 0-dependency) for framework/middleware, provide an enhanced InheritableThreadLocal that transmits values between threads even using thread pooling components.
Java
6,750
star
32

BizCharts

Powerful data visualization library based on G2 and React.
TypeScript
6,066
star
33

freeline

A super fast build tool for Android, an alternative to Instant Run
Java
5,497
star
34

UltraViewPager

UltraViewPager is an extension for ViewPager to provide multiple features in a single ViewPager.
Java
5,004
star
35

jetcache

JetCache is a Java cache framework.
Java
4,774
star
36

AliSQL

AliSQL is a MySQL branch originated from Alibaba Group. Fetch document from Release Notes at bottom.
C++
4,689
star
37

AliOS-Things

面向IoT领域的、高可伸缩的物联网操作系统,可去官网了解更多信息https://www.aliyun.com/product/aliosthings
C
4,540
star
38

dexposed

dexposed enable 'god' mode for single android application.
Java
4,483
star
39

QLExpress

QLExpress is a powerful, lightweight, dynamic language for the Java platform aimed at improving developers’ productivity in different business scenes.
Java
4,361
star
40

BeeHive

🐝 BeeHive is a solution for iOS Application module programs, it absorbed the Spring Framework API service concept to avoid coupling between modules.
Objective-C
4,286
star
41

HandyJSON

A handy swift json-object serialization/deserialization library
Swift
4,185
star
42

x-deeplearning

An industrial deep learning framework for high-dimension sparse data
PureBasic
4,185
star
43

butterfly

🦋Butterfly,A JavaScript/React/Vue2 Diagramming library which concentrate on flow layout field. (基于JavaScript/React/Vue2的流程图组件)
JavaScript
4,168
star
44

Tangram-Android

Tangram is a modular UI solution for building native page dynamically including Tangram for Android, Tangram for iOS and even backend CMS. This project provides the sdk on Android.
Java
4,107
star
45

coobjc

coobjc provides coroutine support for Objective-C and Swift. We added await method、generator and actor model like C#、Javascript and Kotlin. For convenience, we added coroutine categories for some Foundation and UIKit API in cokit framework like NSFileManager, JSON, NSData, UIImage etc. We also add tuple support in coobjc.
Objective-C
4,014
star
46

jstorm

Enterprise Stream Process Engine
Java
3,917
star
47

dragonwell8

Alibaba Dragonwell8 JDK
Java
3,826
star
48

LuaViewSDK

A cross-platform framework to build native, dynamic and swift user interface - 强大轻巧灵活的客户端动态化解决方案
Objective-C
3,707
star
49

f2etest

F2etest是一个面向前端、测试、产品等岗位的多浏览器兼容性测试整体解决方案。
JavaScript
3,562
star
50

Alink

Alink is the Machine Learning algorithm platform based on Flink, developed by the PAI team of Alibaba computing platform.
Java
3,479
star
51

GGEditor

A visual graph editor based on G6 and React
TypeScript
3,405
star
52

fastjson2

🚄 FASTJSON2 is a Java JSON library with excellent performance.
Java
3,353
star
53

cobar

a proxy for sharding databases and tables
Java
3,207
star
54

macaca

Automation solution for multi-platform. 多端自动化解决方案
3,159
star
55

designable

🧩 Make everything designable 🧩
TypeScript
3,120
star
56

GraphScope

🔨 🍇 💻 🚀 GraphScope: A One-Stop Large-Scale Graph Computing System from Alibaba | 一站式图计算系统
C++
3,103
star
57

lightproxy

💎 Cross platform Web debugging proxy
TypeScript
3,063
star
58

pont

🌉数据服务层解决方案
TypeScript
3,016
star
59

euler

A distributed graph deep learning framework.
C++
2,849
star
60

beidou

🌌 Isomorphic framework for server-rendered React apps
JavaScript
2,736
star
61

sentinel-golang

Sentinel Go enables reliability and resiliency for Go microservices
Go
2,684
star
62

pipcook

Machine learning platform for Web developers
TypeScript
2,497
star
63

kiwi

🐤 Kiwi-国际化翻译全流程解决方案
TypeScript
2,489
star
64

yugong

阿里巴巴去Oracle数据迁移同步工具(全量+增量,目标支持MySQL/DRDS)
Java
2,480
star
65

tsar

Taobao System Activity Reporter
C
2,446
star
66

jvm-sandbox-repeater

A Java server-side recording and playback solution based on JVM-Sandbox
Java
2,395
star
67

ChatUI

The UI design language and React library for Conversational UI
TypeScript
2,383
star
68

TProfiler

TProfiler是一个可以在生产环境长期使用的性能分析工具
Java
2,377
star
69

tidevice

tidevice can be used to communicate with iPhone device
Python
2,310
star
70

higress

Cloud Native API Gateway | 云原生API网关
Go
2,257
star
71

tair

A distributed key-value storage system developed by Alibaba Group
C++
2,128
star
72

dubbo-spring-boot-starter

Dubbo Spring Boot Starter
Java
2,099
star
73

RedisShake

redis-shake is a tool for synchronizing data between two redis databases. Redis-shake 是一个用于在两个 redis之 间同步数据的工具,满足用户非常灵活的同步、迁移需求。
Go
2,077
star
74

uirecorder

UI Recorder is a multi-platform UI test recorder.
JavaScript
2,052
star
75

LVS

A distribution of Linux Virtual Server with some advanced features. It introduces a new packet forwarding method - FULLNAT other than NAT/Tunneling/DirectRouting, and defense mechanism against synflooding attack - SYNPROXY.
C
1,947
star
76

EasyNLP

EasyNLP: A Comprehensive and Easy-to-use NLP Toolkit
Python
1,946
star
77

AliceMind

ALIbaba's Collection of Encoder-decoders from MinD (Machine IntelligeNce of Damo) Lab
Python
1,910
star
78

alpha

Alpha是一个基于PERT图构建的Android异步启动框架,它简单,高效,功能完善。 在应用启动的时候,我们通常会有很多工作需要做,为了提高启动速度,我们会尽可能让这些工作并发进行。但这些工作之间可能存在前后依赖的关系,所以我们又需要想办法保证他们执行顺序的正确性。Alpha就是为此而设计的,使用者只需定义好自己的task,并描述它依赖的task,将它添加到Project中。框架会自动并发有序地执行这些task,并将执行的结果抛出来。
HTML
1,873
star
79

GCanvas

A lightweight cross-platform graphics rendering engine. (超轻量的跨平台图形引擎) https://alibaba.github.io/GCanvas
C
1,857
star
80

Tangram-iOS

Tangram is a modular UI solution for building native page dynamically, including Tangram for Android, Tangram for iOS and even backend CMS. This project provides the sdk on iOS platform.
Objective-C
1,857
star
81

testable-mock

换种思路写Mock,让单元测试更简单
Java
1,800
star
82

LazyScrollView

An iOS ScrollView to resolve the problem of reusability in views.
Objective-C
1,775
star
83

compileflow

🎨 core business process engine of Alibaba Halo platform, best process engine for trade scenes. | 一个高性能流程编排引擎
Java
1,705
star
84

SREWorks

Cloud Native DataOps & AIOps Platform | 云原生数智运维平台
Java
1,696
star
85

EasyCV

An all-in-one toolkit for computer vision
Python
1,677
star
86

MongoShake

MongoShake is a universal data replication platform based on MongoDB's oplog. Redundant replication and active-active replication are two most important functions. 基于mongodb oplog的集群复制工具,可以满足迁移和同步的需求,进一步实现灾备和多活功能。
Go
1,648
star
87

xquic

XQUIC Library released by Alibaba is a cross-platform implementation of QUIC and HTTP/3 protocol.
C
1,604
star
88

mdrill

for千亿数据即席分析
Java
1,538
star
89

lowcode-demo

An enterprise-class low-code technology stack with scale-out design / 一套面向扩展设计的企业级低代码技术体系
TypeScript
1,536
star
90

ilogtail

Fast and Lightweight Observability Data Collector
C++
1,529
star
91

EasyRec

A framework for large scale recommendation algorithms.
Python
1,488
star
92

clusterdata

cluster data collected from production clusters in Alibaba for cluster management research
Jupyter Notebook
1,477
star
93

havenask

C++
1,463
star
94

async_simple

Simple, light-weight and easy-to-use asynchronous components
C++
1,455
star
95

Virtualview-Android

A light way to build UI in custom XML.
Java
1,454
star
96

kt-connect

A toolkit for Integrating with your kubernetes dev environment more efficiently
Go
1,453
star
97

tb_tddl

1,410
star
98

react-intl-universal

Internationalize React apps. Not only for Component but also for Vanilla JS.
JavaScript
1,316
star
99

data-juicer

A one-stop data processing system to make data higher-quality, juicier, and more digestible for LLMs! 🍎 🍋 🌽 ➡️ ➡️🍸 🍹 🍷为大语言模型提供更高质量、更丰富、更易”消化“的数据!
Python
1,292
star
100

graph-learn

An Industrial Graph Neural Network Framework
C++
1,252
star