基於Zuul的限流器
快速開始
克隆, 編譯,安裝
git clone https://github.com/tangaiyun/zuul-redislimiter-spring-boot.git
cd zuulredislimiter/zuul-redislimiter-spring-boot-starter
mvn clean install
新建一個Zuul項目
參考項目 "zuulredislimiter/zuulapp"創建一個zuul網關項目,在pom.xml文件裏添加必須的依賴
package com.tay.zuulapp;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
@SpringBootApplication
@EnableZuulProxy
public class ZuulappApplication {
public static void main(String[] args) {
SpringApplication.run(ZuulappApplication.class, args);
}
}
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-zuul</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.tay</groupId>
<artifactId>zuul-redislimiter-spring-boot-starter</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
</dependencies>
配置
修改 resources/application.yml
加入以下配置
server:
port: 8000
spring:
application:
name: service-zuul
zuul:
routes:
service1: /s1/**
service2: /s2/**
redis-limiter:
redis-host: 127.0.0.1 #Redis 服務器
policy-map:
api-a: #serviceId爲api-a的限流規則
order: -1 #規則排序,但一個請求有多條規則複合時,排序值最小的規則生效
baseExp: Headers['userid'] #基於HTTP header裏key爲“userid”的值聚合統計
pathRegExp: /s1/.* #請求URI的匹配正則表達式
timeUnit: MINUTES #時間單位,支持SECONDS,MINUTES,HOURS,DAYS
permits: 2 #單位時間內可訪問的次數
api-a1:
order: 0
baseExp: Cookies['userid']
pathRegExp: /s1.*
timeUnit: MINUTES
permits: 3
api-b:
order: 2
baseExp: Headers['userid']
pathRegExp: /s2/.*
timeUnit: MINUTES
permits: 5
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
prefer-ip-address: true
參考項目zuulredislimiter/service1創建一個簡單微服務
package com.tay.service1;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/demo1")
public class Controller1 {
@GetMapping("/test11")
public String test1() {
return "test11!";
}
@GetMapping("/test12")
public String test2() {
return "test12!";
}
}
server:
port: 8001
spring:
application:
name: service1
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
prefer-ip-address: true
參考項目zuulredislimiter/service2創建一個簡單微服務
package com.tay.service2;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/demo2")
public class Controller2 {
@GetMapping("/test21")
public String test1() {
return "test21!";
}
@GetMapping("/test22")
public String test2() {
return "test22!";
}
}
server:
port: 8002
spring:
application:
name: service2
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
prefer-ip-address: true
參考項目zuulredislimiter/eurekaserver,創建一個Eureka server項目負責服務註冊
package com.tay.eurekaserver;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;
@EnableEurekaServer
@SpringBootApplication
public class EurekaserverApplication {
public static void main(String[] args) {
SpringApplication.run(EurekaserverApplication.class, args);
}
}
server:
port: 8761
eureka:
client:
register-with-eureka: false
fetch-registry: false
Start Redis server
在本機啓動Redis或者用Docker啓動Redis,指令如下:
sudo docker run -d -p 6379:6379 redis
啓動Eureka server項目
啓動zuul網關項目
啓動微服務service1
啓動微服務service2
測試
你可以用一個HTTP Client工具像Postman、Restd或者curl,用GET形式訪問“http://localhost:8000/s2/demo2/test21”,記得在header裏面塞入userid=tom,重複請求多次,你會發現1分鐘內,你最多隻能成功請求5次。 通過查看配置可以得知,應該是這條限流策略生效了, 因爲URI爲/s2/demo2/test21跟pathRegExp: /s2/.*:匹配。
api-b:
order: 2
baseExp: Headers['userid']
pathRegExp: /s2/.*
timeUnit: MINUTES
permits: 5
高級指南
所有的配置項
spring:
redis-limiter:
redis-host: 127.0.0.1 # redis server IP default:127.0.0.1
redis-port: 6379 # redis service port default:6379
redis-password: test # redis password default:null
redis-connection-timeout: 2000 # redis connection timeout default:2000
redis-pool-max-idle: 50 # redis pool max idle default: 50
redis-pool-min-idle: 10 # redis pool mim idle default:10
redis-pool-max-wait-millis: -1 # max wait time for get connection default:-1
redis-pool-max-total: 200 # max total connection default:200
redis-key-prefix: #RL # key prefix for visit footprint default: #RL
check-action-timeout: 100 # check action execution timeout default: 100
channel: #RLConfigChannel # conf change event pub/sub channel default: #RLConfigChannel
policy-map: # rate limiting policies
api-a: # unique service id
order: -1 # order
baseExp: Headers['userid'] # value to base on, Spel expression without "#", supports Headers['xxx'] or Cookies['xxx']
pathRegExp: /s1/.* # URI path pattern, a Regular expression
timeUnit: MINUTES # timeUnit supports SECONDS, MINUTES, HOURS,DAYS
permits: 2 # Number of visits allowed per a timeUnit
api-a1:
order: 0
baseExp: Headers['userid']
pathRegExp: /s1.*
timeUnit: MINUTES
permits: 3
...
動態配置
通過內置的Restful接口,我們可以動態的變更限流規則,當然這些API應該受限訪問的,不過API安全性是另外一個故事,這裏不展開.
@RequestMapping("/zuullimiterpolicy")
public class LimitingPolicyResource {
...
@PostMapping
public void add(@RequestBody LimitingPolicy limitingPolicy, HttpServletResponse response) throws IOException{
...
}
@PutMapping
public void update(@RequestBody LimitingPolicy limitingPolicy, HttpServletResponse response) throws IOException {
...
}
@GetMapping("/{serviceId}")
public LimitingPolicy get(@PathVariable("serviceId") String serviceId) {
...
}
@DeleteMapping("/{serviceId}")
public void delete(@PathVariable("serviceId") String serviceId) {
...
}
目前,限流規則支持增刪查改(add, update, query, delete).
比如,在示例項目裏面
GET http://localhost:8000/zuullimiterpolicy/api-a,訪問值如下:
{
"serviceId": "api-a",
"order": -1,
"baseExp": "Headers['userid']",
"pathRegExp": "/s1/.*",
"timeUnit": "MINUTES",
"permits": 2,
"delete": false
}
更新限流規則,指定Content-Type爲“application/json”, 請求 PUT http://localhost:8000/zuullimiterpolicy, 請求request body爲:
{
"serviceId": "api-a",
"order": -1,
"baseExp": "Headers['userid']",
"pathRegExp": "/s1/.*",
"timeUnit": "MINUTES",
"permits": 10,
"delete": false
}
刪除限流規則,規則的serviceId爲"api-b", 執行 DELETE http://localhost:8000/zuullimiterpolicy/api-b。
新增限流規則,指定Content-Type爲“application/json”, 請求 POST http://localhost:8000/zuullimiterpolicy, 請求request body爲:
{
"serviceId": "api-d",
"order": -1,
"baseExp": "Headers['userid']",
"pathRegExp": "/s3/.*",
"timeUnit": "MINUTES",
"permits": 10,
"delete": false
}
注意,新增限流規則時,新增規則的serviceId和pathRegExp不能跟已經存在的規則相同,不然新增失敗。