Zuul API路由網關服務簡介
如上圖,這裏的API路由網關服務由Zuul實現,主要就是對外提供服務接口的時候,起到了請求的路由和過濾作用,也因此能夠隱藏內部服務的接口細節,從而有利於保護系統的安全性
Zuul API路由網關服務的應用
新建一個microservice-zuul-3001模塊,把zuul也註冊到eureka服務裏,端口爲3001;先修改下hosts文件,專門爲zuul搞個本地域名映射,在hosts文件里加下:
127.0.0.1 zuul.test.com
microservice-zuul-3001模塊的pom依賴如下:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.ue</groupId>
<artifactId>microservice</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>microservice-zuul-3001</artifactId>
<dependencies>
<dependency>
<groupId>com.ue</groupId>
<artifactId>microservice-common</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- zuul路由網關 -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zuul</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-eureka</artifactId>
</dependency>
<!-- actuator監控 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<!-- hystrix容錯 -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-hystrix</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-config</artifactId>
</dependency>
<!-- 修改後立即生效,熱部署 -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>springloaded</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
</dependency>
</dependencies>
</project>
microservice-zuul-3001模塊的application.yml配置如下:
server:
port: 3001
context-path: /
spring:
application:
name: microservice-zuul
eureka:
instance:
instance-id: microservice-zuul:3001
prefer-ip-address: true
client:
service-url:
defaultZone: http://eureka2001.test.com:2001/eureka/,http://eureka2002.test.com:2002/eureka/,http://eureka2003.test.com:2003/eureka/
info:
groupId: com.ue.microservice
artifactId: microservice-zuul-3001
version: 1.0-SNAPSHOT
contacts: Tom
phone: 123456
在啓動類加入@EnableZuulProxy註解:
package com.ue;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
@SpringBootApplication(exclude={DataSourceAutoConfiguration.class, HibernateJpaAutoConfiguration.class})
@EnableZuulProxy
public class MicroserviceZuul3001Application {
public static void main(String[] args) {
SpringApplication.run(MicroserviceZuul3001Application.class, args);
}
}
然後啓動一個eureka,再啓動1006服務提供者,帶feign的服務消費者以及zuul網關服務:
訪問註冊中心可以看到有兩個服務:
通過消費者http://localhost/student/getInfo訪問,能獲取到數據;通過zuul網關http://zuul.test.com:3001/microservice-student/student/list(域名+端口+服務名稱+請求地址),也能請求到數據:
但如果休眠的時間弄長一點,就會出現下面這種現象:
這種現象是由於接口響應時間超過了zuul網關默認的超時時間,解決方案如下:
關於使用zuul後的容錯處理:Zuul作爲服務網關爲了保證自己不被服務拖垮,本身已經集成了Hystrix對路由轉發進行隔離,爲了方便開發人員對服務短路進行自定義處理,可使用以下兩個接口來完成自定義的Hystrix Fallback:
ZuulFallbackProvider:Zuul提供了ZuulFallbackProvider接口,開發人員可以通過實現該接口來完成自定義Hystrix Fallback
FallbackProvider:SpringCloud Zuul提供了FallbackProvider替代了ZuulFallbackProvider接口
本篇博客通過實現ZuulFallbackProvider接口來進行解決,新建一個ZuulFallBack類:
package com.ue.fallback;
import org.springframework.cloud.netflix.zuul.filters.route.ZuulFallbackProvider;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.stereotype.Component;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@Component
public class ZuulFallBack implements ZuulFallbackProvider {
@Override
public String getRoute() {
return "*";
}
/**
* 在給zuul整合回退功能時,只要類實現ZuulFallbackProvider接口,並且註冊bean即可。
* 不過需要注意的時,這個回退只有服務掉線或者超時的情況下才會觸發(Camden.SR4版本測試是這樣),
* 如果服務程序出現異常,此回退程序是不能處理的,異常會直接返回給調用者,比如頁面。
*
* @return
*/
@Override
public ClientHttpResponse fallbackResponse() {
return new ClientHttpResponse() {
@Override
public HttpHeaders getHeaders() {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON_UTF8);//application/json;charset=UTF-8
return headers;
}
@Override
public InputStream getBody() throws IOException {
String msg = "服務繁忙,請稍後.....";
//new ByteArrayInputStream("{\"code\":-1,\"msg\":\"服務暫不可用\"}".getBytes(StandardCharsets.UTF_8))
return new ByteArrayInputStream(msg.getBytes());
}
@Override
public String getStatusText() throws IOException {
return HttpStatus.BAD_REQUEST.getReasonPhrase();//400
}
@Override
public HttpStatus getStatusCode() throws IOException {
return HttpStatus.BAD_REQUEST;
}
@Override
public int getRawStatusCode() throws IOException {
return HttpStatus.BAD_REQUEST.value();//"Bad Request"
}
@Override
public void close() {
}
};
}
}
然後再進行測試,結果會返回友好提示:
如果要修改zuul網關的默認超時時間,可在yml裏進行配置:
zuul:
host:
socket-timeout-millis: 60000
connect-timeout-millis: 60000
feign:
hystrix:
enabled: true
hystrix:
command:
default:
execution:
timeout:
enabled: true
isolation:
thread:
timeoutInMilliseconds: 15000
ribbon:
ReadTimeout: 6000
ConnectTimeout: 6000
MaxAutoRetries: 0
MaxAutoRetriesNextServer: 1
eureka:
enabled: true
圖解分佈式服務
路由映射規則配置
上面是zuul的簡單使用,接口地址很輕易的就暴露了服務提供者的唯一標識名microservice-student;有安全風險,所以需要將其隱藏,在yml文件中添加以下配置:
zuul:
routes:
studentServer.serviceId: microservice-student
studentServer.path: /studentServer/**
ignored-services: "*"
prefix: /javajl
ignored-services的作用是將原來的服務提供者唯一標識名禁用
Prefix的作用是給服務加前綴
配置後的測試效果如下:
請求過濾配置
比如登錄某個系統需要進行身份驗證,即驗證用戶名密碼啥的;當請求服務的時候,需要進行身份驗證,也就是過濾非法請求,Zuul可通過ZuulFilter過濾器來實現非法請求的過濾;一般具體實現的話每次經過Zuul服務網關的時候都要對帶來的token進行有效性驗證,這裏只是介紹如何使用,所以弄得比較簡單
先定義一個AccessFilter類:
package com.ue.filter;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import org.apache.log4j.Logger;
import javax.servlet.http.HttpServletRequest;
/**
* @Author LiJun
* @Date 2020/04/02
* @Time 11:27
*/
public class AccessFilter extends ZuulFilter {
Logger logger = Logger.getLogger(AccessFilter.class);
/**
* 判斷該過濾器是否要被執行
*/
@Override
public boolean shouldFilter() {
return true;
}
/**
* 過濾器的具體執行邏輯
*/
@Override
public Object run() throws ZuulException {
RequestContext ctx = RequestContext.getCurrentContext();
HttpServletRequest request = ctx.getRequest();
String parameter = request.getParameter("accessToken");
logger.info(request.getRequestURL().toString()+" 請求訪問");
if(parameter == null){
logger.error("accessToken爲空!");
ctx.setSendZuulResponse(false);
ctx.setResponseStatusCode(401);
ctx.setResponseBody("{\"result\":\"accessToken is empty!\"}");
return null;
}
//token判斷邏輯
logger.info(request.getRequestURL().toString()+" 請求成功");
return null;
}
/**
* 過濾器的類型 這裏用pre,代表會再請求被路由之前執行
*/
@Override
public String filterType() {
return "pre";
}
/**
* 過濾器的執行順序
*/
@Override
public int filterOrder() {
return 0;
}
}
然後再弄一個配置類開啓Filter:
package com.ue.config;
import com.ue.filter.AccessFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* @Author LiJun
* @Date 2020/04/02
* @Time 11:27
*/
@Configuration
public class ZuulConfig {
@Bean
public AccessFilter accessFilter(){
return new AccessFilter();
}
}
然後用攜帶token跟不攜帶token進行測試: