It only takes three steps to realize Gateway combined with Sentinel to realize non-intrusive gateway current limiting, pay attention to avoid pitfalls!

Preface: This article is based on your existing basic and operational microservice system, using Sping Cloud Alibaba, Gateway, Nacos, etc.; the goal is to achieve gateway flow control type flow limiting.

As the name implies, current limiting is used to limit the entry of request traffic in high-concurrency scenarios to protect the system from being overwhelmed. Alibaba's open source sentinel can protect different resources by setting different types of rules.

• Resource: can be anything; service, method, code...
• Rules: flow control rules, fuse downgrade rules, system protection rules, hotspot rules, gateway API grouping rules, gateway flow control rules

The correspondence between the versions used in this article is as follows (official link: version correspondence)

<spring.boot>2.6.7</spring.boot>
<spring-cloud>2021.0.2</spring-cloud>
<spring-cloud-alibaba>2021.0.4.0</spring-cloud-alibaba>

---

The goal of this article

• Microservice integration sentinel
• Use the sentinel client to generate gateway current limiting rules and persist them into nacos
• The rule takes effect and produces a current limiting effect

Three-step strategy

---

1. Integrate sentinel

1.1. Server integration

1.1.1. Import pom

<!--网关组件-->
<dependency>
   <groupId>org.springframework.cloud</groupId>
   <artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>

<!--sentinel限流-->
<dependency>
   <groupId>com.alibaba.cloud</groupId>
   <artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
</dependency>

<!-- SpringCloud Ailibaba Sentinel Gateway -->
<dependency>
   <groupId>com.alibaba.cloud</groupId>
   <artifactId>spring-cloud-alibaba-sentinel-gateway</artifactId>
</dependency>

<!-- 通过nacos持久化流控规则 -->
<dependency>
   <groupId>com.alibaba.csp</groupId>
   <artifactId>sentinel-datasource-nacos</artifactId>
</dependency>

To configure Sentinel Starter, there must be spring-cloud-alibaba-sentinel-gateway and spring-cloud-starter-gateway dependencies to make the Spring Cloud Gateway automatic configuration class in the spring-cloud-alibaba-sentinel-gateway module take effect.

Avoidance point 1: To access sentinel through Spring Cloud Alibaba, you need to set the spring.cloud.sentinel.filter.enabled configuration item to false (the default granularity of gateway flow control is route and custom API grouping dimension, URL granularity is not supported)

Avoidance point 2: Through the Spring Cloud Alibaba Sentinel data source module, the data source type of the gateway flow control rule is gw-flow instead of flow

1.1.2. Writing rule configuration files

Create a new application-sentinel.yaml file in gatewaymodule

configuration rules

spring:
  cloud:
    sentinel:
      enabled: true
      datasource:
        ds1:
          nacos:
            server-addr: ${spring.cloud.nacos.config.server-addr}
            namespace: ${spring.cloud.nacos.config.namespace}
            data-id: ${spring.application.name}-gateway-flow-rules
            group-Id: SENTINEL_GROUP
            rule-type: gw-flow
            data-type: json
        ds2:
          nacos:
            server-addr: ${spring.cloud.nacos.config.server-addr}
            namespace: ${spring.cloud.nacos.config.namespace}
            data-id: ${spring.application.name}-gateway-api-rules
            group-Id: SENTINEL_GROUP
            rule-type: gw-api-group
            data-type: json
          ds3:
            nacos:
              server-addr: ${spring.cloud.nacos.config.server-addr}
              namespace: ${spring.cloud.nacos.config.namespace}
              data-id: ${spring.application.name}-degrade-rules
              group-Id: SENTINEL_GROUP
              rule-type: degrade
              data-type: json
          ds4:
            nacos:
              server-addr: ${spring.cloud.nacos.config.server-addr}
              namespace: ${spring.cloud.nacos.config.namespace}
              data-id: ${spring.application.name}-system-rules
              group-Id: SENTINEL_GROUP
              rule-type: system
              data-type: json
      log:
        dir: /home/omo/sentinel/logs
        # 启用向sentinel发送心跳
      eager: true
      scg:
        fallback:
          response-status: 429
          mode: response
          response-body: '{"code": 429,"message": "前方拥堵，请稍后再试！"}'

1. The sentinel dashboard will generate rules starting with spring.application.name by default, and ds1 and ds2 are the types of this test

2.data-type is the read data type, here is set to json

3. The final fallback is configured with a custom response after being limited

1.1.3. Configure the communication port

Communication port configuration between service and sentinel dashboard

spring:
  cloud:
    sentinel:
      transport:
        # sentinel控制台地址
        dashboard: localhost:8081
        # 跟sentinel控制台交流的端口，随意指定一个未使用的端口即可，默认是8719
        port: 8719
        # Get heartbeat client local ip
        clientIp: 127.0.0.1

1.2.sentinel dashboard integration

Sentinel 1.6.3 introduced the support of gateway flow control console, you can directly view API Gateway real-time route and custom API group monitoring on Sentinel console, manage gateway rules and API group configuration

First, you need to download the console project code, modify and compile it yourself. You can also use my modified project, out of the box: sentinel-dashboard-1.8.6, the modified project supports multiple rule configuration management, rule push (push to nacos)

Configure nacos address and namespace before startup (application.properties)

Startup parameter configuration (IDEA)

-Dserver.port=8081 -Dcsp.sentinel.dashboard.server=localhost:8081 -Dproject.name=sentinel-dashboard

After Effects

2.Push mode rule persistence

push mode process

(When downloading the official version of sentinel dashboard, you need to implement it yourself. Lazy people can directly use the modified version I provided above)

The core modification points are listed below

2.1. Modify nacosConfig class

@Bean
public ConfigService nacosConfigService() throws Exception {
    Properties properties = new Properties();
    //nacos地址
    properties.put(PropertyKeyConst.SERVER_ADDR, nacosAddr);
    //namespace为空即为public
    properties.put(PropertyKeyConst.NAMESPACE, namespace);
    return ConfigFactory.createConfigService(properties);
}

And the provider and publisher of the corresponding rule type, take GatewayFlowRule as an example:

2.2. Modify the implementation of publishing rules (publisher)

@Component("gatewayFlowRuleNacosPublisher")
public class GatewayFlowRuleNacosPublisher implements DynamicRulePublisher<List<GatewayFlowRuleEntity>> {

    @Autowired
    private ConfigService configService;

    @Autowired
    private Converter<List<GatewayFlowRuleEntity>, String> converter;

    @Override
    public void publish(String app, List<GatewayFlowRuleEntity> rules) throws Exception {
        AssertUtil.notEmpty(app, "app name cannot be empty");
        if (rules == null) {
            return;
        }
        configService.publishConfig(app + NacosConfigUtil.GATEWAY_FLOW_DATA_ID_POSTFIX,
                NacosConfigUtil.GROUP_ID, converter.convert(rules));
    }
}

2.3. Modify the acquisition rule implementation (provider)

@Component("gatewayFlowRuleNacosProvider")
public class GatewayFlowRuleNacosProvider implements DynamicRuleProvider<List<GatewayFlowRuleEntity>> {
    @Autowired
    private ConfigService configService;

    @Autowired
    private Converter<String, List<GatewayFlowRuleEntity>> converter;

    @Override
    public List<GatewayFlowRuleEntity> getRules(String appName) throws Exception {
        String rules = configService.getConfig(appName + NacosConfigUtil.GATEWAY_FLOW_DATA_ID_POSTFIX,
                NacosConfigUtil.GROUP_ID, 3000);
        if (StringUtil.isEmpty(rules)) {
            return new ArrayList<>();
        }
        return converter.convert(rules);
    }
}

2.4. Modify the corresponding interface

（GatewayFlowRuleController中）

introduce

@Autowired
@Qualifier("gatewayFlowRuleNacosProvider")
private DynamicRuleProvider<List<GatewayFlowRuleEntity>> ruleProvider;

@Autowired
@Qualifier("gatewayFlowRuleNacosPublisher")
private DynamicRulePublisher<List<GatewayFlowRuleEntity>> rulePublisher;

Then modify the implementation in the method of adding, deleting, modifying and checking. For details, refer to: sentinel-dashboard-1.8.6

3. Configure rules and test the current limiting effect

3.1 start sentinel dashboard

The start-up steps are described above

3.2 Configure gateway current limiting rules

3.2.1 Configuring Route Type Rules

Configure QPS=5 for the user service (the id in your gateway routing configuration), and the flow control method is the rule of fast failure

Go to the nacos background to view the rule details, which have been synchronized to nacos

Also modified in nacos, the dashboard will also be updated synchronously and will not be demonstrated anymore. (For the meaning of rule attributes, refer to: current limit field)

3.2.2. Configure API grouping type rules

First configure the API grouping

Then configure the rules (drop down to select the group just configured, and also set QPS=5)

3.3 Test current limiting effect

3.3.1. Route type current limiting

Set test case setting loop 10 times

The test results were 5 successes and 5 failures, which met expectations, and you're done!

3.3.2. API group current limiting

You can see that the path to /auth/oms/** in the test report is matched and the current limit can take effect

4. Expand

• Gateway flow control principle, see the official website for details

• When using SpringCloud Gateway and SpringCloud Sentinel, the official does not support abnormal statistical fuse for 4xx, 5xx response codes, you can implement it yourself, please refer to issue1842 issue2537