Preface: This article is based on your existing basic and operational microservice system, using Sping Cloud Alibaba, Gateway, Nacos, etc.; the goal is to achieve gateway flow control type flow limiting.
As the name implies, current limiting is used to limit the entry of request traffic in high-concurrency scenarios to protect the system from being overwhelmed. Alibaba's open source sentinel can protect different resources by setting different types of rules.
- Resource: can be anything; service, method, code...
- Rules: flow control rules, fuse downgrade rules, system protection rules, hotspot rules, gateway API grouping rules, gateway flow control rules
The correspondence between the versions used in this article is as follows (official link: version correspondence)
<spring.boot>2.6.7</spring.boot>
<spring-cloud>2021.0.2</spring-cloud>
<spring-cloud-alibaba>2021.0.4.0</spring-cloud-alibaba>
The goal of this article
- Microservice integration sentinel
- Use the sentinel client to generate gateway current limiting rules and persist them into nacos
- The rule takes effect and produces a current limiting effect
Three-step strategy
1. Integrate sentinel
1.1. Server integration
1.1.1. Import pom
<!--网关组件-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<!--sentinel限流-->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
</dependency>
<!-- SpringCloud Ailibaba Sentinel Gateway -->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-alibaba-sentinel-gateway</artifactId>
</dependency>
<!-- 通过nacos持久化流控规则 -->
<dependency>
<groupId>com.alibaba.csp</groupId>
<artifactId>sentinel-datasource-nacos</artifactId>
</dependency>
To configure Sentinel Starter, there must be spring-cloud-alibaba-sentinel-gateway and spring-cloud-starter-gateway dependencies to make the Spring Cloud Gateway automatic configuration class in the spring-cloud-alibaba-sentinel-gateway module take effect.
Avoidance point 1: To access sentinel through Spring Cloud Alibaba, you need to set the spring.cloud.sentinel.filter.enabled configuration item to false (the default granularity of gateway flow control is route and custom API grouping dimension, URL granularity is not supported)
Avoidance point 2: Through the Spring Cloud Alibaba Sentinel data source module, the data source type of the gateway flow control rule is gw-flow instead of flow
1.1.2. Writing rule configuration files
Create a new application-sentinel.yaml file in gatewaymodule
configuration rules
spring:
cloud:
sentinel:
enabled: true
datasource:
ds1:
nacos:
server-addr: ${spring.cloud.nacos.config.server-addr}
namespace: ${spring.cloud.nacos.config.namespace}
data-id: ${spring.application.name}-gateway-flow-rules
group-Id: SENTINEL_GROUP
rule-type: gw-flow
data-type: json
ds2:
nacos:
server-addr: ${spring.cloud.nacos.config.server-addr}
namespace: ${spring.cloud.nacos.config.namespace}
data-id: ${spring.application.name}-gateway-api-rules
group-Id: SENTINEL_GROUP
rule-type: gw-api-group
data-type: json
ds3:
nacos:
server-addr: ${spring.cloud.nacos.config.server-addr}
namespace: ${spring.cloud.nacos.config.namespace}
data-id: ${spring.application.name}-degrade-rules
group-Id: SENTINEL_GROUP
rule-type: degrade
data-type: json
ds4:
nacos:
server-addr: ${spring.cloud.nacos.config.server-addr}
namespace: ${spring.cloud.nacos.config.namespace}
data-id: ${spring.application.name}-system-rules
group-Id: SENTINEL_GROUP
rule-type: system
data-type: json
log:
dir: /home/omo/sentinel/logs
# 启用向sentinel发送心跳
eager: true
scg:
fallback:
response-status: 429
mode: response
response-body: '{"code": 429,"message": "前方拥堵,请稍后再试!"}'
1. The sentinel dashboard will generate rules starting with spring.application.name by default, and ds1 and ds2 are the types of this test
2.data-type is the read data type, here is set to json
3. The final fallback is configured with a custom response after being limited
1.1.3. Configure the communication port
Communication port configuration between service and sentinel dashboard
spring:
cloud:
sentinel:
transport:
# sentinel控制台地址
dashboard: localhost:8081
# 跟sentinel控制台交流的端口,随意指定一个未使用的端口即可,默认是8719
port: 8719
# Get heartbeat client local ip
clientIp: 127.0.0.1
1.2.sentinel dashboard integration
Sentinel 1.6.3 introduced the support of gateway flow control console, you can directly view API Gateway real-time route and custom API group monitoring on Sentinel console, manage gateway rules and API group configuration
First, you need to download the console project code, modify and compile it yourself. You can also use my modified project, out of the box: sentinel-dashboard-1.8.6, the modified project supports multiple rule configuration management, rule push (push to nacos)
Configure nacos address and namespace before startup (application.properties)
Startup parameter configuration (IDEA)
-Dserver.port=8081 -Dcsp.sentinel.dashboard.server=localhost:8081 -Dproject.name=sentinel-dashboard
After Effects
2.Push mode rule persistence
push mode process
(When downloading the official version of sentinel dashboard, you need to implement it yourself. Lazy people can directly use the modified version I provided above)
The core modification points are listed below
2.1. Modify nacosConfig class
@Bean
public ConfigService nacosConfigService() throws Exception {
Properties properties = new Properties();
//nacos地址
properties.put(PropertyKeyConst.SERVER_ADDR, nacosAddr);
//namespace为空即为public
properties.put(PropertyKeyConst.NAMESPACE, namespace);
return ConfigFactory.createConfigService(properties);
}
And the provider and publisher of the corresponding rule type, take GatewayFlowRule as an example:
2.2. Modify the implementation of publishing rules (publisher)
@Component("gatewayFlowRuleNacosPublisher")
public class GatewayFlowRuleNacosPublisher implements DynamicRulePublisher<List<GatewayFlowRuleEntity>> {
@Autowired
private ConfigService configService;
@Autowired
private Converter<List<GatewayFlowRuleEntity>, String> converter;
@Override
public void publish(String app, List<GatewayFlowRuleEntity> rules) throws Exception {
AssertUtil.notEmpty(app, "app name cannot be empty");
if (rules == null) {
return;
}
configService.publishConfig(app + NacosConfigUtil.GATEWAY_FLOW_DATA_ID_POSTFIX,
NacosConfigUtil.GROUP_ID, converter.convert(rules));
}
}
2.3. Modify the acquisition rule implementation (provider)
@Component("gatewayFlowRuleNacosProvider")
public class GatewayFlowRuleNacosProvider implements DynamicRuleProvider<List<GatewayFlowRuleEntity>> {
@Autowired
private ConfigService configService;
@Autowired
private Converter<String, List<GatewayFlowRuleEntity>> converter;
@Override
public List<GatewayFlowRuleEntity> getRules(String appName) throws Exception {
String rules = configService.getConfig(appName + NacosConfigUtil.GATEWAY_FLOW_DATA_ID_POSTFIX,
NacosConfigUtil.GROUP_ID, 3000);
if (StringUtil.isEmpty(rules)) {
return new ArrayList<>();
}
return converter.convert(rules);
}
}
2.4. Modify the corresponding interface
(GatewayFlowRuleController中)
introduce
@Autowired
@Qualifier("gatewayFlowRuleNacosProvider")
private DynamicRuleProvider<List<GatewayFlowRuleEntity>> ruleProvider;
@Autowired
@Qualifier("gatewayFlowRuleNacosPublisher")
private DynamicRulePublisher<List<GatewayFlowRuleEntity>> rulePublisher;
Then modify the implementation in the method of adding, deleting, modifying and checking. For details, refer to: sentinel-dashboard-1.8.6
3. Configure rules and test the current limiting effect
3.1 start sentinel dashboard
The start-up steps are described above
3.2 Configure gateway current limiting rules
3.2.1 Configuring Route Type Rules
Configure QPS=5 for the user service (the id in your gateway routing configuration), and the flow control method is the rule of fast failure
Go to the nacos background to view the rule details, which have been synchronized to nacos
Also modified in nacos, the dashboard will also be updated synchronously and will not be demonstrated anymore. (For the meaning of rule attributes, refer to: current limit field)
3.2.2. Configure API grouping type rules
First configure the API grouping
Then configure the rules (drop down to select the group just configured, and also set QPS=5)
3.3 Test current limiting effect
3.3.1. Route type current limiting
Set test case setting loop 10 times
The test results were 5 successes and 5 failures, which met expectations, and you're done!
3.3.2. API group current limiting
You can see that the path to /auth/oms/** in the test report is matched and the current limit can take effect
4. Expand
- Gateway flow control principle, see the official website for details
- When using SpringCloud Gateway and SpringCloud Sentinel, the official does not support abnormal statistical fuse for 4xx, 5xx response codes, you can implement it yourself, please refer to issue1842 issue2537