蓝色小药丸 2017-12-28
Netflix uses Zuul for the following:
Authentication 认证 Insights 洞察力 Stress Testing 压力测试 Canary Testing 金丝雀测试 Dynamic Routing 动态路由 Service Migration 服务迁移 Load Shedding 减载 Security 安全 Static Response handling 静态响应处理 Active/Active traffic management
如果以后想设计网关,可按照上面进行対飚设计。
使用代理,方便前端调用后端服务,避免CORS(跨域资源访问)和权限问题,
The default HTTP client used by zuul is now backed by the Apache HTTP Client instead of the deprecated Ribbon RestClient.
To use RestClient or to use the okhttp3.OkHttpClient set ribbon.restclient.enabled=true or ribbon.okhttp.enabled=true
现在默认使用apache client.
对cookie和headers敏感,就是说可以制定headers的规则来过滤请求。Spring Cloud Netflix 1.1 以上版本才有此功能。
zuul: routes: users: path: /myusers/** sensitiveHeaders: Cookie,Set-Cookie,Authorization # blacklist,如果不过滤,则须显式设为空。 url: https://downstream set globally by setting zuul.sensitiveHeaders
应用如何由老版本向新版本?
小文件可以通过zuul proxy,大文件通过 Spring DispatcherServlet。
The result can be different than the original input if it was encoded using Javascript’s encodeURIComponent() method for example. While this causes no issues in most cases, some web servers can be picky with the encoding of complex query string.
zuul: forceOriginalQueryStringEncoding: true
Note: This special flag only works with SimpleHostRoutingFilter and you loose the ability to easily override query parameters with RequestContext.getCurrentContext().setRequestQueryParams(someOverriddenParameters) since the query string is now fetched directly on the original HttpServletRequest.
默认会使用很多filters,可采用如下方式禁止
set zuul.
zuul.SendResponseFilter.post.disable=true
If Zuul is using service discovery than you need to configure these timeouts via Ribbon properties, ribbon.ReadTimeout and ribbon.SocketTimeout.
If Zuul is fronting a web application then there may be a need to re-write the Location header when the web application redirects through a http status code of 3XX。==当通过3XX重定向时,需要重写header,否则会重定向到web url而不是zuul url.==
重写 filter
import org.springframework.cloud.netflix.zuul.filters.post.LocationRewriteFilter; ... @Configuration @EnableZuulProxy public class ZuulConfig { @Bean public LocationRewriteFilter locationRewriteFilter() { return new LocationRewriteFilter(); } }
==Note==:不一定适应所有情况,万一就是要重定向到外部url.
Zuul is implemented as a ==Servlet==. For the general cases, Zuul is ==embedded into the Spring Dispatch mechanism==. This allows Spring MVC to be in control of the routing.
zuul是servlet.zuul嵌入springd的请求转发机制,这样spring mvc由它来控制路由。
zuul一般配置缓存请求,当大文件上传时例外。
by default:/zuul. zuul.servlet-path
RequestContext
@EnableZuulProxy > @EnableZuulServer, 多了路由功能。The additional filters in the "proxy" enable routing functionality.
extends ZuulFilter 继承以下三类过滤器:
The SendErrorFilter is only run if RequestContext.getThrowable() is not null.
It then sets specific javax.servlet.error.* attributes in the request and forwards the request to the Spring Boot error page. 如何设置该属性?
ajax请求如何处理?
Ribbon clients are by default lazily loaded up by Spring Cloud on first call.Ribbon clients默认为延迟加载
修改配置,让其在应用启动时加载:
zuul: ribbon: eager-load: enabled: true
stripPrefix默认为true。This means that all calls such as "/myusers/101" will be forwarded to "/101" on the "users" service.
spring.application.name=gateway-service-zuul server.port=8888 #这里的配置表示,访问/it/** 直接重定向到http://www.ityouknow.com/** zuul.routes.baidu.path=/it/** zuul.routes.baidu.url=http://www.ityouknow.com/
zuul: routes: producer: path: /wifi/** serviceId: wifi-service strip-prefix: true
zuul.host.connect-timeout-millis zuul.host.socket-timeout-millis zuul.eureka.[service id].semaphore.maxSemaphores: 128 spring.cloud.loadbalancer.retry.enabled=true hystrix.command.default.execution.isolation.thread.timeoutInMilliseconds=10000 hello-service.ribbon.ConnectTimeout=250 hello-service.ribbon.ReadTimeout=1000
API GateWay(网关)那些儿事
zuul高可用: nginx(负载均衡) + zuul集群
在实际使用中我们会发现直接使用Zuul会存在诸多问题,包括:
性能问题:当存在大量请求超时后会造成Zuul阻塞,目前只能通过横向扩展Zuul实例实现对高并发的支持;
WebSocket的支持问题: Zuul中并不直接提供对WebSocket的支持,需要添加额外的过滤器实现对WebSocket的支持;
zuul多个节点启动,自身也可以作为服务,注册到eureka上。
High availability when client is not a Eureka Client. The Zuul instances, in this case, will be running behind a load balancer such as HAProxy, or a hardware load balancer like NetScaler:
选择haproxy,理由如下:
如果担心LB单点问题,可采用keepalived+haproxy.
网站并发达到一定程度之后,为了提高稳定性和转发效率,可以使用LVS、毕竟LVS比Nginx/HAproxy要更稳定,转发效率也更高。不过维护LVS对维护人员的要求也会更高,投入成本也更大。
zuul已经开源几年了,现在已有新的开源项目Spring Cloud Gateway,刚开源不久,还不成熟。从其公布的特性,集成了服务发现、断路器、限流等功能。
Spring Cloud Gateway features:
tips:本文属于自己学习和实践过程的记录,很多图和文字都粘贴自网上文章,没有注明引用请包涵!如有任何问题请留言或邮件通知,我会及时回复。
2、架构图zuul 像其他微服务一样作为一个微服务向eureka server注册,并且能够通过注册列表获取所有的可用服务,其内部默认实现了ribbon,可达到负载均衡的目的,此时的微服务架构图如下: