The actual combat of Java essential skills (using nginx to achieve distributed current limiting)

scenes to be used:

Generally, a system that is exposed to the outside world will have a large number of requests during promotion or hacker attacks.In order to protect the system from being overwhelmed by the high concurrent traffic that comes in an instant, it needs to limit the flow.

1 Introduction

Generally, a system that is exposed to the outside world will have a large number of requests during promotion or hacking. In order to protect the system from being overwhelmed by the high concurrent traffic that arrives instantly, it is necessary to limit the flow. 

This article mainly explains how to use nginx to achieve current limiting. Hystrix is ​​also possible.

 

2. Coding

-First deploy a program that exposes the interface to the outside world

What I deployed here is a spring boot project that exposes the following interfaces, which is very simple

 

Exposing a restful interface for get requests to return hello world.

This program is packaged and deployed to the linux server. 

Upload deployment and release:

3. Environment configuration

Create (modify) a configuration file named nginx.conf, the complete content is as follows

The current limiting part of the configuration file explains:

As above, the current limiting configuration of nginx has only two lines of code.

first row:

 

limit_req_zone: is the current limit statement.

$binary_remote_addr: Indicates that the current limit is based on the client ip. For example, the above current limit configuration limits the request frequency of each client ip to once a second. If you play rogue twice a second, you will be restricted and return an http 503 Error to you.

zone=perip: Indicates that the name of perip is used to identify this line of current limiting configuration, and this line of current limiting configuration will be referred to by the name of perip later (that is, the current limiting configuration can be defined as multiple)

10m: Indicates that the space for storing client ip is 10MB, 1MB is about storing more than 10,000 ip, 10 MB is about more than 100,000 IP, refer to other documents: http//www.ttlsa.com/nginx/ng ... here Search for binary_remote_addr in this article to locate the relevant explanation.

rate=1r/s: Indicates that the frequency is one request per second.

second line:

Indicates that on the myserver cluster, the current limiting configuration named perip is used

4. Deploy nginx with docker

Ensure that the docker environment has been installed

Copy the nginx.conf configuration file created in the previous step to the linux directory, /root/software/temp (the directory can be any), and then a docker command to deploy the nginx environment

docker run -it -v /test:/soft centos /bin/bash

冒号":"前面的目录是宿主机目录,后面的目录是容器内目录。

The port 8082 is exposed here, and the load balancing node in the nginx configuration can be accessed through port 8082, that is, 192.168.59.128:8089 ip port.This ip port corresponds to the hello world program created in the first step.

Use code to write client access and define the helloworld interface

The local test function is OK, the following figure shows that the access is normal, no problem>> Return to hello world.

 

There are two ways

1. ab test

2. Remote host access 

Server Linux needs to open port 8082 to expose to external access!

Use the Linux command netstat to check the list of open ports in the system

 

netstat -tplugn

Query whether the port is occupied by a process daemon, such as port 80.
Example: netstat -nalp|grep 80

My ngin service has started

Open external port 8082

(You can also turn off the firewall directly)

The configuration check is no problem, execute the test

I am here to perform 10 get requests per second, which is greater than the rate=1r/s configured in nginx, which is requested once per second, so I will see a 404 error, as follows

If the get request is executed once per second, no error will be reported. As shown below

 

 

 

Guess you like

Origin blog.csdn.net/Coder_Boy_/article/details/110454028