Dissertatsiya 3.1-bo'lim

Mikroservis arxitekturasi

9 ta mustaqil mikroservis: domain-driven design, hexagonal arxitektura, Zero Trust security, gRPC inter-service, REST/WebSocket external, Kubernetes auto-scaling.

Ma'lumot oqimi

Tarmoq paketidan to yakuniy qaror chiqarilgunga qadar 

[Tarmoq paketi]
       │
       ▼
┌────────────────────────────┐  raw_packet (Kafka)
│  1. Network Capture        │ ──────────────────┐
│     C++ + Rust + eBPF/XDP  │                   │
│     10 Gbit/s, P95 < 12ms │                   │
└────────────────────────────┘                   │
       │                                          │
       ▼                                          │
┌────────────────────────────┐  protocol_decoded │
│  2. DPI Engine             │ ──────────────────┤
│     Rust + nDPI            │                   │
│     TLS 1.3, JA3, Modbus,  │                   │
│     DNP3, IEC 61850, OPC UA│                   │
└────────────────────────────┘                   │
       │                                          ▼
       ▼                                  ┌──────────────┐
┌────────────────────────────┐            │   Kafka      │
│  3. Session Manager        │◄───────────┤  (event bus) │
│     Go + Redis             │            └──────┬───────┘
│     JWT, concurrent, idle  │                   │
└────────────────────────────┘                   │
       │ session_features                         │
       ▼                                          │
┌────────────────────────────┐                   │
│  4. ML Pipeline            │ ──────────────────┤
│     Python + PyTorch       │                   │
│     RF + XLM-RoBERTa       │                   │
│     Bayes α=0.35           │                   │
└────────────────────────────┘                   │
       │ classification + confidence              │
       ▼                                          │
┌────────────────────────────┐                   │
│  5. Anomaly Detector       │ ──────────────────┤
│     Python + sklearn       │                   │
│     Isolation/STL/UBA      │                   │
└────────────────────────────┘                   │
       │ anomaly_score                            │
       ▼                                          │
┌────────────────────────────┐                   │
│  6. Decision Engine        │ ──────────────────┤
│     Go + AHP + OPA Rego    │                   │
│     8 kriteriya, GDPR/PCI  │                   │
│     allow/alert/redact/block                   │
└────────────────────────────┘                   │
       │ action                                   │
       ▼                                          ▼
┌────────────────────────────┐          ┌──────────────────────┐
│  7. Alert & Audit          │ ◄────────┤  PostgreSQL + ES     │
│     Go + Kafka + Notifier  │          │  (incidents, audit)  │
│     Slack/Telegram/Email   │          └──────────────────────┘
└────────────────────────────┘
       │
       ▼
┌────────────────────────────┐ REST/WS  ┌──────────────────────┐
│  8. Admin API              │ ─────────►   9. Admin Web Panel │
│     Go + chi + JWT         │           │  Vue 3 + Element Plus│
│     Multi-tenant RLS       │           │  superadmin.cs.uz    │
└────────────────────────────┘           └──────────────────────┘

9 mikroservis (3.1-jadval)

#1

Network Capture

C++ + Rust + eBPF/XDP

Kernel-level paket ushlash. DPDK 10 Gbit/s, P95 < 12 ms.

10 GB RAM, 4 yadro
#2

DPI Engine

Rust + nDPI

TLS 1.3 metadata, JA3/JA3S, Modbus/DNP3/IEC 61850/OPC UA industrial.

8 GB RAM, 4 yadro
#3

ML Pipeline

Python + PyTorch

Random Forest screening + XLM-RoBERTa fine-tune. Bayes ensemble.

16 GB RAM + GPU
#4

Decision Engine

Go + Rego (OPA)

AHP/MCDM 8 kriteriya + GDPR/PCI/SOX/O'zR compliance Rego.

4 GB RAM, 2 yadro
#5

Session Manager

Go + Redis 7

JWT lifecycle, concurrent limit (5), revocation, device binding.

8 GB RAM, 2 yadro
#6

Anomaly Detector

Python + sklearn

Isolation Forest + STL + UBA (per-user) + Mahalanobis multivariate.

8 GB RAM, 2 yadro
#7

Alert & Audit

Go + Kafka + ES

Deduplication + Slack/Telegram/PagerDuty/SMTP notifier, ES search.

8 GB RAM, 2 yadro
#8

Admin API

Go + grpc-go + chi

REST + gRPC kirish nuqtasi. Multi-tenant RLS, JWT auth, audit.

4 GB RAM, 2 yadro
#9

Admin Web Panel

Vue 3 + TypeScript

Element Plus + Pinia + ECharts. Real-time WebSocket dashboard.

static (Nginx)

Storage stack

PostgreSQL 16
Transactional store, RLS multi-tenant, pgvector
Redis 7
Session cache, queues, rate limiting
ClickHouse 24
Analytics, time-series, dashboard agregatlar
MinIO (S3)
ML model registry, incidents, backups

Three Pillars of Observability

Production-grade monitoring stack

Metrics

Prometheus 15s scrape + 11 SLO alert + 6 KPI Grafana dashboard

Logs

Grafana Loki + Promtail (Docker + K8s + audit_log shipping)

Traces

Jaeger + OpenTelemetry (OTLP gRPC) — har request trace