基于Zuul的限流器
快速开始
克隆, 编译,安装
git clone https://github.com/tangaiyun/zuul-redislimiter-spring-boot.git
cd zuulredislimiter/zuul-redislimiter-spring-boot-starter
mvn clean install
新建一个Zuul项目
参考项目 "zuulredislimiter/zuulapp"创建一个zuul网关项目,在pom.xml文件里添加必须的依赖
package com.tay.zuulapp;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
@SpringBootApplication
@EnableZuulProxy
public class ZuulappApplication {
public static void main(String[] args) {
SpringApplication.run(ZuulappApplication.class, args);
}
}
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-zuul</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.tay</groupId>
<artifactId>zuul-redislimiter-spring-boot-starter</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
</dependencies>
配置
修改 resources/application.yml
加入以下配置
server:
port: 8000
spring:
application:
name: service-zuul
zuul:
routes:
service1: /s1/**
service2: /s2/**
redis-limiter:
redis-host: 127.0.0.1 #Redis 服务器
policy-map:
api-a: #serviceId为api-a的限流规则
order: -1 #规则排序,但一个请求有多条规则复合时,排序值最小的规则生效
baseExp: Headers['userid'] #基于HTTP header里key为“userid”的值聚合统计
pathRegExp: /s1/.* #请求URI的匹配正则表达式
timeUnit: MINUTES #时间单位,支持SECONDS,MINUTES,HOURS,DAYS
permits: 2 #单位时间内可访问的次数
api-a1:
order: 0
baseExp: Cookies['userid']
pathRegExp: /s1.*
timeUnit: MINUTES
permits: 3
api-b:
order: 2
baseExp: Headers['userid']
pathRegExp: /s2/.*
timeUnit: MINUTES
permits: 5
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
prefer-ip-address: true
参考项目zuulredislimiter/service1创建一个简单微服务
package com.tay.service1;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/demo1")
public class Controller1 {
@GetMapping("/test11")
public String test1() {
return "test11!";
}
@GetMapping("/test12")
public String test2() {
return "test12!";
}
}
server:
port: 8001
spring:
application:
name: service1
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
prefer-ip-address: true
参考项目zuulredislimiter/service2创建一个简单微服务
package com.tay.service2;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/demo2")
public class Controller2 {
@GetMapping("/test21")
public String test1() {
return "test21!";
}
@GetMapping("/test22")
public String test2() {
return "test22!";
}
}
server:
port: 8002
spring:
application:
name: service2
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
prefer-ip-address: true
参考项目zuulredislimiter/eurekaserver,创建一个Eureka server项目负责服务注册
package com.tay.eurekaserver;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;
@EnableEurekaServer
@SpringBootApplication
public class EurekaserverApplication {
public static void main(String[] args) {
SpringApplication.run(EurekaserverApplication.class, args);
}
}
server:
port: 8761
eureka:
client:
register-with-eureka: false
fetch-registry: false
Start Redis server
在本机启动Redis或者用Docker启动Redis,指令如下:
sudo docker run -d -p 6379:6379 redis
启动Eureka server项目
启动zuul网关项目
启动微服务service1
启动微服务service2
测试
你可以用一个HTTP Client工具像Postman、Restd或者curl,用GET形式访问“http://localhost:8000/s2/demo2/test21”,记得在header里面塞入userid=tom,重复请求多次,你会发现1分钟内,你最多只能成功请求5次。 通过查看配置可以得知,应该是这条限流策略生效了, 因为URI为/s2/demo2/test21跟pathRegExp: /s2/.*:匹配。
api-b:
order: 2
baseExp: Headers['userid']
pathRegExp: /s2/.*
timeUnit: MINUTES
permits: 5
高级指南
所有的配置项
spring:
redis-limiter:
redis-host: 127.0.0.1 # redis server IP default:127.0.0.1
redis-port: 6379 # redis service port default:6379
redis-password: test # redis password default:null
redis-connection-timeout: 2000 # redis connection timeout default:2000
redis-pool-max-idle: 50 # redis pool max idle default: 50
redis-pool-min-idle: 10 # redis pool mim idle default:10
redis-pool-max-wait-millis: -1 # max wait time for get connection default:-1
redis-pool-max-total: 200 # max total connection default:200
redis-key-prefix: #RL # key prefix for visit footprint default: #RL
check-action-timeout: 100 # check action execution timeout default: 100
channel: #RLConfigChannel # conf change event pub/sub channel default: #RLConfigChannel
policy-map: # rate limiting policies
api-a: # unique service id
order: -1 # order
baseExp: Headers['userid'] # value to base on, Spel expression without "#", supports Headers['xxx'] or Cookies['xxx']
pathRegExp: /s1/.* # URI path pattern, a Regular expression
timeUnit: MINUTES # timeUnit supports SECONDS, MINUTES, HOURS,DAYS
permits: 2 # Number of visits allowed per a timeUnit
api-a1:
order: 0
baseExp: Headers['userid']
pathRegExp: /s1.*
timeUnit: MINUTES
permits: 3
...
动态配置
通过内置的Restful接口,我们可以动态的变更限流规则,当然这些API应该受限访问的,不过API安全性是另外一个故事,这里不展开.
@RequestMapping("/zuullimiterpolicy")
public class LimitingPolicyResource {
...
@PostMapping
public void add(@RequestBody LimitingPolicy limitingPolicy, HttpServletResponse response) throws IOException{
...
}
@PutMapping
public void update(@RequestBody LimitingPolicy limitingPolicy, HttpServletResponse response) throws IOException {
...
}
@GetMapping("/{serviceId}")
public LimitingPolicy get(@PathVariable("serviceId") String serviceId) {
...
}
@DeleteMapping("/{serviceId}")
public void delete(@PathVariable("serviceId") String serviceId) {
...
}
目前,限流规则支持增删查改(add, update, query, delete).
比如,在示例项目里面
GET http://localhost:8000/zuullimiterpolicy/api-a,访问值如下:
{
"serviceId": "api-a",
"order": -1,
"baseExp": "Headers['userid']",
"pathRegExp": "/s1/.*",
"timeUnit": "MINUTES",
"permits": 2,
"delete": false
}
更新限流规则,指定Content-Type为“application/json”, 请求 PUT http://localhost:8000/zuullimiterpolicy, 请求request body为:
{
"serviceId": "api-a",
"order": -1,
"baseExp": "Headers['userid']",
"pathRegExp": "/s1/.*",
"timeUnit": "MINUTES",
"permits": 10,
"delete": false
}
删除限流规则,规则的serviceId为"api-b", 执行 DELETE http://localhost:8000/zuullimiterpolicy/api-b。
新增限流规则,指定Content-Type为“application/json”, 请求 POST http://localhost:8000/zuullimiterpolicy, 请求request body为:
{
"serviceId": "api-d",
"order": -1,
"baseExp": "Headers['userid']",
"pathRegExp": "/s3/.*",
"timeUnit": "MINUTES",
"permits": 10,
"delete": false
}
注意,新增限流规则时,新增规则的serviceId和pathRegExp不能跟已经存在的规则相同,不然新增失败。