1, Gateway concept
Emergence: we know that a large system is often divided into many micro services when it is designed. So how can a client call so many microservices? The client can directly send a request to the microservice. Each microservice has a public URL that can be directly mapped to a specific microservice. If there is no gateway, we can only record the address of each microservice on the client and call it separately. Such an architecture will have many problems. For example, the client requesting different microservices may increase the complexity of client code or configuration. In addition, each service needs independent authentication when invoked. And there are cross domain requests, which also improves the complexity of the code to a certain extent. Based on the problems in the design and implementation of microservice architecture, in order to simplify the front-end call logic in the project, simplify the complexity of mutual calls between internal services, and better protect internal services, the concept of gateway is proposed.
Definition: the role of gateway is as an API architecture to protect, enhance and control access to API services. API gateway is a system before applications or services (providing REST API interface services), which is used to manage authorization, access control and traffic restrictions. In this way, REST API interface services are protected by API gateway and transparent to all callers. Therefore, the business system hidden behind the API gateway can focus on creating and managing services without dealing with these strategic infrastructure.
Function:
Advantages and disadvantages of spring cloud gateway:
advantage:
- Strong performance: 1.6 times that of Zuul, the first generation gateway.
- Powerful: built in many practical functions, such as forwarding, monitoring, current limiting, etc
- Elegant design, easy to expand.
Disadvantages:
- Relying on Netty and Webflux (spring 5.0) is not the traditional Servlet Programming Model (Spring MVC is implemented based on this model), and the learning cost is high.
- Spring boot version 2.0 and above is required to support
2, Gateway implementation
1. Import pom dependency
<!--gateway-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>2. Add profile
server:
port: 9000
spring:
application:
name: sca-gateway
cloud: #Microservices
nacos:
discovery:
server-addr: localhost:8848
sentinel:
transport:
dashboard: localhost:8180 #Sentinel console address
port: 8719 #The occupied port of the client monitoring API will increase
eager: true #Cancel the lazy loading of Sentinel console, that is, the project starts and connects
gateway:
routes: #Definition of gateway route (multiple routes can be defined later, and the unique id is id)
- id: router01 #Custom, unique
# uri: http://localhost:8081 / # defines the uri of request forwarding, which is fixed here. We need load balancing, so the comment
uri: lb://SCA provider #lb is a service prefix and cannot be written arbitrarily
predicates: #Request logic design, also known as predicate, http://localhost:9000/nacos/provider/echo/sca
- Path=/nacos/provider/echo/**
filters: #Filter rule definition: when the return value of predictions is true, the filter is executed
- StripPrefix=1 #StripPrefix identifies the first level directory in the access path pathRoute is one of the most basic components in gateway. It represents a specific route information carrier and mainly defines the following information:
- id, Route identifier, which is different from other routes.
- uri, the destination uri pointed by the route, that is, the micro service to which the client request is finally forwarded.
- Predicate, the function of assertion (predicate) is to judge conditions. Routing will be executed only when the assertions return true. Here, we use to judge the first layer directory and others, such as time, request header, etc
- filter, which is used to modify request and response information.
3. Create a startup class for testing
package com.cy;
@SpringBootApplication
public class GatewayApplication {
public static void main(String[] args) {
SpringApplication.run(GatewayApplication.class,args);
}
}
Access the destination address with the predicate
Access successful
3, Gateway load balancing
The gateway is the entrance to service access. All services will be mapped at the gateway level. Therefore, when accessing services, you should find the corresponding services based on the service service ID (service name), and let the requests be evenly forwarded from the gateway layer to balance the processing capacity of service instances.
1. Import pom dependency
Add nacos service discovery dependency
<dependency> <groupId>com.alibaba.cloud</groupId> <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId> </dependency>
2. Modify the configuration file
Replace the original fixed uri with the service name prefixed with lb
gateway:
routes: #Definition of gateway route (multiple routes can be defined later, and the unique id is id)
- id: router01 #Custom, unique
# uri: http://localhost:8081 / # defines the uri of request forwarding, which is fixed here. We need load balancing, so the comment
uri: lb://SCA provider #lb is a service prefix and cannot be written arbitrarily
predicates: #Request logic design, also known as predicate, http://localhost:9000/nacos/provider/echo/sca
- Path=/nacos/provider/echo/**
## - Header=X-Request-Id, \d+
filters: #Filter rule definition: when the return value of predictions is true, the filter is executed
- StripPrefix=1 #StripPrefix identifies the first level directory in the access path path3. Test gateway load balancing
You can see that the load balancing test is successful
4, Execution process of gateway
The client sends a request to the Spring Cloud Gateway. If the Gateway Handler Mapping determines that the request matches the routes by asserting the collection of predictions, it sends it to the Gateway Web Handler. The Gateway Web Handler chain invokes the Filter through the Filter set configured in the determined route (that is, the so-called responsibility chain mode). The reason why filters are separated by dashed lines is that filters can run logic before and after sending proxy requests. The processing logic is that when processing a request, the Filter in the front row executes first, and when the processing returns the corresponding, the Filter in the back row executes first.
Key concepts:
5, Design and implementation of gateway current limiting
The gateway is the public entrance for all external requests, so the current can be limited in the gateway, and there are many ways to limit the current. We use Sentinel component to realize the current limit of the gateway.
1. Import pom dependency
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
</dependency>
//Gateway current limiting (routing level)
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-alibaba-sentinel-gateway</artifactId>
</dependency>
2. Add Sentinel profile
sentinel:
transport:
dashboard: localhost:8180 #Sentinel console address
port: 8719 #Port of client monitoring API
eager: true #Cancel the lazy loading of Sentinel console, that is, the project starts and connects
3. Start the gateway and check whether the gateway menu of sentinel console changes
You need to add jvm parameters when starting, so that the gateway service can display different menus in sentinel
-Dcsp.sentinel.app.type=1
Restart Sentinel service to check menu changes
This indicates that the configuration is successful
4. Set current limiting strategy
Note: the API name should be the same as the routing id in the configuration file
5. Test
The test is successful and frequent access is limited
6. Current limiting based on request attributes
Test in postman
7. User defined API dimension current limit
Custom API grouping is a more fine-grained definition of flow restriction rules. It allows us to use the API provided by sentinel to group request paths, and then set flow restriction rules on the group.
Add API Group:
New grouping flow control rule:
Test
aa or bb can only be accessed once every 5 seconds, otherwise an error is reported
8. Custom exception
System defined exception handling return
The exceptions customized by the system cannot meet our needs. We need to customize the error return value
@Configuration
public class GatewayConfig {
public GatewayConfig(){
GatewayCallbackManager.setBlockHandler( new BlockRequestHandler() {
@Override
public Mono<ServerResponse> handleRequest(ServerWebExchange serverWebExchange, Throwable throwable) {
Map<String,Object> map=new HashMap<>();
map.put("state",429);
map.put("message","two many request");
String jsonStr=JSON.toJSONString(map);
return ServerResponse.ok().body(Mono.just(jsonStr),String.class);
}
});
}
}
summary
- What is the background of the birth of gateway? (first: unified access to microservices; second: protection of system services; third, unified authentication, authorization and current restriction)
- Gateway selection? (Netifix Zuul,Spring Cloud Gateway,…)
- Entry implementation of Spring Cloud Gateway (add dependency, routing configuration, startup class)
- Load balancing in Spring Cloud Gateway? (gateway service registration, service discovery, accessing specific service instances based on uri:lb: / / service id)
- Assertion configuration in Spring Cloud Gateway? (it's enough to master the common ones. You can check them through the search engine)
- Filter configuration in Spring Cloud Gateway? (master the two types of filters - local and global)
- Current limiting design in Spring Cloud Gateway? (route ID, API grouping)