zuul网关

Zuul路由网管简介及基本使用

简介

Zuul API路由网关服务简介

 

 

 

请看上图,这里的API 路由网关服务 由Zuul实现,主要就是对外提供服务接口的时候,

起到了请求的路由和过滤作用,也因此能够隐藏内部服务的接口细节,从来有利于保护系统的安全性;

 

路由配置

Zuul 路由配置

 

我们新建一个module  microservice-zuul-3001

这里我们的zuul也注册到eureka服务里,端口3001;

我们修改下Hosts,专门为zuul搞个本地域名映射 

hosts文件 加下:

1 127.0.0.1  zuul.yuan.com

 

 

 

 

完整pom.xml

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
 4     <modelVersion>4.0.0</modelVersion>
 5     <parent>
 6         <groupId>com.yuan</groupId>
 7         <artifactId>t226microservice</artifactId>
 8         <version>1.0-SNAPSHOT</version>
 9     </parent>
10     <artifactId>microservice-zuul-3001</artifactId>
11 
12     <properties>
13         <java.version>1.8</java.version>
14     </properties>
15 
16     <dependencies>
17         <dependency>
18             <groupId>org.springframework.boot</groupId>
19             <artifactId>spring-boot-starter-web</artifactId>
20         </dependency>
21         <dependency>
22             <groupId>org.springframework.boot</groupId>
23             <artifactId>spring-boot-starter-test</artifactId>
24             <scope>test</scope>
25         </dependency>
26         <dependency>
27             <groupId>org.springframework.cloud</groupId>
28             <artifactId>spring-cloud-starter-eureka</artifactId>
29         </dependency>
30         <!-- actuator监控 -->
31         <dependency>
32             <groupId>org.springframework.boot</groupId>
33             <artifactId>spring-boot-starter-actuator</artifactId>
34         </dependency>
35         <!-- hystrix容错 -->
36         <dependency>
37             <groupId>org.springframework.cloud</groupId>
38             <artifactId>spring-cloud-starter-hystrix</artifactId>
39         </dependency>
40         <dependency>
41             <groupId>org.springframework.cloud</groupId>
42             <artifactId>spring-cloud-starter-config</artifactId>
43         </dependency>
44         <!--zuul网关-->
45         <dependency>
46             <groupId>org.springframework.cloud</groupId>
47             <artifactId>spring-cloud-starter-zuul</artifactId>
48         </dependency>
49     </dependencies>
50 
51     <build>
52         <plugins>
53             <plugin>
54                 <groupId>org.springframework.boot</groupId>
55                 <artifactId>spring-boot-maven-plugin</artifactId>
56             </plugin>
57         </plugins>
58     </build>
59 </project>

添加application.yml 配置

 1 server:
 2   port: 3001
 3   context-path: /
 4 spring:
 5   application:
 6     name: microservice-zuul
 7 eureka:
 8   instance:
 9     instance-id: microservice-zuul:3001
10     prefer-ip-address: true
11   client:
12     service-url:
13       defaultZone: http://eureka2001.yuan.com:2001/eureka/,http://eureka2002.yuan.com:2002/eureka/,http://eureka2003.yuan.com:2003/eureka/
14 info:
15   groupId: com.yuan.testSpringcloud
16   artifactId: microservice-zuul-3001
17   version: 1.0-SNAPSHOT
18   userName: http://yuan.com
19   phone: 123456

启动类:ZuulApplication_3001

加下@EnableZuulProxy注解

 1 package com.yuan.microservicezuul3001;
 2 
 3 import org.springframework.boot.SpringApplication;
 4 import org.springframework.boot.autoconfigure.SpringBootApplication;
 5 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
 6 import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
 7 import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
 8 
 9 @SpringBootApplication(exclude={DataSourceAutoConfiguration.class, HibernateJpaAutoConfiguration.class})
10 @EnableZuulProxy
11 public class MicroserviceZuul3001Application {
12 
13     public static void main(String[] args) {
14         SpringApplication.run(MicroserviceZuul3001Application.class, args);
15     }
16 
17 }

 

测试下:

启动三个eureka 然后再启动下一个1001服务,以及 zuul网关服务;

 

 

 

这里有两个服务;

 

我们直接请求:http://localhost:81/student/list 能获取到数据;

我们用 http://zuul.yuan.com:3001/microservice-student/student/list  域名+端口+服务名称+请求地址 也能请求到数据;

 

说明我们的路由基本配置OK

 

 

一:

 

 

 

 二:

 

 

 http://zuul.yuan.com:3001/microservice-student/student/hystrix访问如果出现错误,

解决方案:

方案一(不推荐):
 内部服务Hystrix与feign的整合失效,不能走快速回退的方法,雪崩现象再现
zuul的application.yml中配置
 1 server:
 2   port: 3001
 3   context-path: /
 4 spring:
 5   application:
 6     name: microservice-zuul
 7 eureka:
 8   instance:
 9     instance-id: microservice-zuul:3001
10     prefer-ip-address: true
11   client:
12     service-url:
13       defaultZone: http://eureka2001.yuan.com:2001/eureka/,http://eureka2002.yuan.com:2002/eureka/,http://eureka2003.yuan.com:2003/eureka/
14 info:
15   groupId: com.yuan.testSpringcloud
16   artifactId: microservice-zuul-3001
17   version: 1.0-SNAPSHOT
18   userName: http://yuan.com
19   phone: 123456
20 
21 zuul:
22   routes:
23     studentServer.serviceId: microservice-student
24     studentServer.path: /studentServer/**
25   ignored-services: "*"
26   prefix: /yuan
27   host:
28     socket-timeout-millis: 60000
29     connect-timeout-millis: 60000
30 
31 feign:
32   hystrix:
33     enabled: true
34 
35 hystrix:
36   command:
37     default:
38       execution:
39         timeout:
40           enabled: true
41         isolation:
42           thread:
43             timeoutInMilliseconds: 15000
44 ribbon:
45   ReadTimeout: 6000
46   ConnectTimeout: 6000
47   MaxAutoRetries: 0
48   MaxAutoRetriesNextServer: 1
49   eureka:
50     enabled: true

pom.xml

 1 <dependencies>
 2     <dependency>
 3         <groupId>com.yuan</groupId>
 4         <artifactId>microservice-common</artifactId>
 5     </dependency>
 6     <dependency>
 7         <groupId>org.springframework.boot</groupId>
 8         <artifactId>spring-boot-starter-web</artifactId>
 9     </dependency>
10     <dependency>
11         <groupId>org.springframework.boot</groupId>
12         <artifactId>spring-boot-starter-test</artifactId>
13         <scope>test</scope>
14     </dependency>
15     <dependency>
16         <groupId>org.springframework.cloud</groupId>
17         <artifactId>spring-cloud-starter-eureka</artifactId>
18     </dependency>
19 
20     <!-- actuator监控 -->
21     <dependency>
22         <groupId>org.springframework.boot</groupId>
23         <artifactId>spring-boot-starter-actuator</artifactId>
24     </dependency>
25     <!-- hystrix容错 -->
26     <dependency>
27         <groupId>org.springframework.cloud</groupId>
28         <artifactId>spring-cloud-starter-hystrix</artifactId>
29     </dependency>
30     <dependency>
31         <groupId>org.springframework.cloud</groupId>
32         <artifactId>spring-cloud-starter-config</artifactId>
33     </dependency>
34     <!--zuul网关-->
35     <dependency>
36         <groupId>org.springframework.cloud</groupId>
37         <artifactId>spring-cloud-starter-zuul</artifactId>
38     </dependency>
39 
40     <!--ribbon相关依赖-->
41     <dependency>
42         <groupId>org.springframework.cloud</groupId>
43         <artifactId>spring-cloud-starter-eureka</artifactId>
44     </dependency>
45     <dependency>
46         <groupId>org.springframework.cloud</groupId>
47         <artifactId>spring-cloud-starter-ribbon</artifactId>
48     </dependency>
49     <dependency>
50         <groupId>org.springframework.cloud</groupId>
51         <artifactId>spring-cloud-starter-config</artifactId>
52     </dependency>
53 
54     <!--引入Feign依赖-->
55     <dependency>
56         <groupId>org.springframework.cloud</groupId>
57         <artifactId>spring-cloud-starter-feign</artifactId>
58     </dependency>
59 </dependencies>

方案二(推荐):
 Zuul作为服务网关为了保证自己不被服务拖垮,本身已经集成了Hystrix对路由转发进行隔离。 为了方便开发人员对服务短路进行自定义处理,
 
  ZuulFallbackProvider :Zuul 提供了 ZuulFallbackProvider 接口,开发人员可以通过实现该接口来完成自定义Hystrix Fallback
  FallbackProvider :Spring Cloud Zuul 提供了 FallbackProvider替代了ZuulFallbackProvider接口。

 1 package com.yuan.microservicezuul3001.fallback;
 2 
 3 import org.springframework.cloud.netflix.zuul.filters.route.ZuulFallbackProvider;
 4 import org.springframework.http.HttpHeaders;
 5 import org.springframework.http.HttpStatus;
 6 import org.springframework.http.MediaType;
 7 import org.springframework.http.client.ClientHttpResponse;
 8 import org.springframework.stereotype.Component;
 9 
10 import java.io.ByteArrayInputStream;
11 import java.io.IOException;
12 import java.io.InputStream;
13 
14 @Component
15 public class ZuulFallBack implements ZuulFallbackProvider {
16 
17     @Override
18     public String getRoute() {
19         return "*";
20     }
21 
22     /**
23      * 在给zuul整合回退功能时,只要类实现ZuulFallbackProvider接口,并且注册bean即可。
24      *
25      * 不过需要注意的时,这个回退只有服务掉线或者超时的情况下才会触发(Camden.SR4版本测试是这样),
26      * 如果服务程序出现异常,此回退程序是不能处理的,异常会直接返回给调用者,比如页面。
27      *
28      * @return
29      */
30     @Override
31     public ClientHttpResponse fallbackResponse() {
32         return new ClientHttpResponse() {
33             @Override
34             public HttpHeaders getHeaders() {
35                 HttpHeaders headers = new HttpHeaders();
36                 headers.setContentType(MediaType.APPLICATION_JSON_UTF8);//application/json;charset=UTF-8
37                 return headers;
38             }
39 
40             @Override
41             public InputStream getBody() throws IOException {
42                 String msg = "服务繁忙,请稍后.....";
43                 //new ByteArrayInputStream("{\"code\":-1,\"msg\":\"服务暂不可用\"}".getBytes(StandardCharsets.UTF_8))
44                 return new ByteArrayInputStream(msg.getBytes());
45             }
46 
47             @Override
48             public String getStatusText() throws IOException {
49                 return HttpStatus.BAD_REQUEST.getReasonPhrase();//400
50             }
51 
52             @Override
53             public HttpStatus getStatusCode() throws IOException {
54                 return HttpStatus.BAD_REQUEST;
55             }
56 
57             @Override
58             public int getRawStatusCode() throws IOException {
59                 return HttpStatus.BAD_REQUEST.value();//"Bad Request"
60             }
61 
62             @Override
63             public void close() {
64 
65             }
66         };
67     }
68 }

 

Zuul路由映射配置

上面是zuul的简单使用,从接口地址很轻易的就暴露了服务提供者的唯一标识名microservice-student;有安全风险,我们需要将其隐藏;

ignored-services的作用是将原来的服务提供者唯一标识名禁用;

Prefix的作用是给服务加前缀

yml文件中添加以下配置:

1 zuul:
2   routes:
3     studentServer.serviceId: microservice-student
4     studentServer.path: /studentServer/**
5   ignored-services: "*"
6   prefix: /yuan

配置完毕后可通过以下链接做测试

http://zuul.javaxl.com:3001/microservice-student/student/list

http://zuul.javaxl.com:3001/studentServer/student/list

http://zuul.javaxl.com:3001/javaxl/microservice-student/student/list

http://zuul.javaxl.com:3001/javaxl/studentServer/student/list

 

对应的配置会出现上面的错误页面,这是正常现象。

 

 

 

成功页面

 

 

 

Zuul请求过滤配置

比如我们登录某个系统 需要身份验证,用户名密码啥的;

 

我们请求服务,也可以来设置身份验证,也就是过滤非法请求;Zuul通过ZuulFilter过滤器实现;

一般具体实现的话 每次经过Zuul服务网关 我们都对带来的token进行有效性验证;

 

我们先定义一个 AccessFilter类:

 1 package com.yuan.microservicezuul3001.filter;
 2 
 3 import com.netflix.zuul.ZuulFilter;
 4 import com.netflix.zuul.context.RequestContext;
 5 import com.netflix.zuul.exception.ZuulException;
 6 import org.apache.log4j.Logger;
 7 
 8 import javax.servlet.http.HttpServletRequest;
 9 
10 public class AccessFilter extends ZuulFilter {
11 
12     Logger logger=Logger.getLogger(AccessFilter.class);
13 
14     /**
15      * 判断该过滤器是否要被执行
16      */
17     @Override
18     public boolean shouldFilter() {
19         return true;
20     }
21 
22     /**
23      * 过滤器的具体执行逻辑
24      */
25     @Override
26     public Object run() throws ZuulException {
27         RequestContext ctx = RequestContext.getCurrentContext();
28         HttpServletRequest request = ctx.getRequest();
29         String parameter = request.getParameter("accessToken");
30         logger.info(request.getRequestURL().toString()+" 请求访问");
31         if(parameter==null){
32             logger.error("accessToken为空!");
33             ctx.setSendZuulResponse(false);
34             ctx.setResponseStatusCode(401);
35             ctx.setResponseBody("{\"result\":\"accessToken is empty!\"}");
36             return null;
37         }
38         //  token判断逻辑
39         logger.info(request.getRequestURL().toString()+" 请求成功");
40         return null;
41     }
42 
43     /**
44      * 过滤器的类型 这里用pre,代表会再请求被路由之前执行
45      */
46     @Override
47     public String filterType() {
48         return "pre";
49     }
50 
51     /**
52      * 过滤器的执行顺序
53      */
54     @Override
55     public int filterOrder() {
56         return 0;
57     }
58 
59 }

 

然后再开启下 Filter配置:

 1 package com.yuan.microservicezuul3001.config;
 2 
 3 import com.yuan.microservicezuul3001.filter.AccessFilter;
 4 import org.springframework.context.annotation.Bean;
 5 import org.springframework.context.annotation.Configuration;
 6 
 7 @Configuration
 8 public class ZuulConfig {
 9 
10     @Bean
11     public AccessFilter accessFilter(){
12         return new AccessFilter();
13     }
14 }

 

浏览器输入地址进行测试

http://zuul.javaxl.com:3001/javaxl/studentServer/student/list

http://zuul.javaxl.com:3001/javaxl/studentServer/student/list?accessToken=1

测试结果如下

 

 

 

谢谢观看!!!

posted @ 2019-12-13 23:18  Me*源  阅读(198)  评论(0编辑  收藏  举报