Zuul路由网关简介及基本使用
Zuul API路由网关服务简介
如图:这里的API 路由网关服务 由Zuul实现,主要就是对外提供服务接口的时候,起到了请求的路由和过滤作用,也因此能够隐藏内部服务的接口细节,从来有利于保护系统的安全性
路由配置
Zuul 路由配置
我们新建一个module microservice-zuul-3001
这里我们的zuul也注册到eureka服务里,端口3001;
我们修改下Hosts,专门为zuul搞个本地域名映射
hosts文件 加下:
127.0.0.1 zuul.lingerqi.com
pom依赖:
testSpringcloud com.lingerqi 1.0-SNAPSHOT 4.0.0 microservice-zuul-3001 1.8 com.lingerqi microservice-common org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-test test org.springframework.cloud spring-cloud-starter-eureka org.springframework.boot spring-boot-starter-actuator org.springframework.cloud spring-cloud-starter-hystrix org.springframework.cloud spring-cloud-starter-config org.springframework.cloud spring-cloud-starter-zuul org.springframework.boot spring-boot-maven-plugin
修改application.yml:
server:
port: 3001
context-path: /
spring:
application:
name: microservice-zuul
eureka:
instance:
instance-id: microservice-zuul:3001
prefer-ip-address: true
client:
service-url:
defaultZone: http://eureka2001.lingerqi.com:2001/eureka/,http://eureka2002.lingerqi.com:2002/eureka/,http://eureka2003.lingerqi.com:2003/eureka/
info:
groupId: com.lingerqi.testSpringcloud
artifactId: microservice-zuul-3001
version: 1.0-SNAPSHOT
userName: http://lingerqi.com
phone: 123456
启动类加注解:
@SpringBootApplication(exclude={DataSourceAutoConfiguration.class, HibernateJpaAutoConfiguration.class})
@EnableZuulProxy
测试:
启动三个eureka 然后再启动下一个1001服务,以及 zuul网关服务;
我们直接请求:http://localhost:1001/student/list 能获取到数据;
我们用 http://zuul.lingerqi.com:3001/microservice-student/student/list 域名+端口+服务名称+请求地址 也能请求到数据;
说明我们的路由配置基本OK
Zuul路由映射配置
上面是zuul的简单使用,从接口地址很轻易的就暴露了服务提供者的唯一标识名microservice-student;有安全风险,我们需要将其隐藏;
ignored-services的作用是将原来的服务提供者唯一标识名禁用;
Prefix的作用是给服务加前缀
yml文件中添加以下配置:
zuul:
routes:
studentServer.serviceId: microservice-student
studentServer.path: /studentServer/**
ignored-services: "*"
prefix: /lingerqi
对应的配置会出现下面的错误页面,这是正常现象。
配置完毕后可通过以下链接做测试
http://zuul.lingerqi.com:3001/microservice-student/student/list
http://zuul.lingerqi.com:3001/studentServer/student/list
http://zuul.lingerqi.com:3001/lingerqi/microservice-student/student/list
http://zuul.lingerqi.com:3001/lingerqi/studentServer/student/list
Zuul请求过滤配置
比如我们登录某个系统 需要身份验证,用户名密码啥的;
我们请求服务,也可以来设置身份验证,也就是过滤非法请求;Zuul通过ZuulFilter过滤器实现;
一般具体实现的话 每次经过Zuul服务网关 我们都对带来的token进行有效性验证;
我们先定义一个 AccessFilter类:
package com.lingerqi.microservicezuul3001.filter;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import org.apache.log4j.Logger;
import javax.servlet.http.HttpServletRequest;
/**
* @author xyls
* @blog name & blog address 027@0030
* @create 2019-12-05 15:40
*/
public class AccessFilter extends ZuulFilter {
Logger logger=Logger.getLogger(AccessFilter.class);
/**
* 判断该过滤器是否要被执行
*/
@Override
public boolean shouldFilter() {
return true;
}
/**
* 过滤器的具体执行逻辑
*/
@Override
public Object run() throws ZuulException {
RequestContext ctx = RequestContext.getCurrentContext();
HttpServletRequest request = ctx.getRequest();
String parameter = request.getParameter("accessToken");
logger.info(request.getRequestURL().toString()+" 请求访问");
if(parameter==null){
logger.error("accessToken为空!");
ctx.setSendZuulResponse(false);
ctx.setResponseStatusCode(401);
ctx.setResponseBody("{\"result\":\"accessToken is empty!\"}");
return null;
}
// token判断逻辑
logger.info(request.getRequestURL().toString()+" 请求成功");
return null;
}
/**
* 过滤器的类型 这里用pre,代表会再请求被路由之前执行
*/
@Override
public String filterType() {
return "pre";
}
/**
* 过滤器的执行顺序
*/
@Override
public int filterOrder() {
return 0;
}
}
然后再开启下 Filter配置:
package com.lingerqi.microservicezuul3001.config;
import com.lingerqi.microservicezuul3001.filter.AccessFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class ZuulConfig {
@Bean
public AccessFilter accessFilter(){
return new AccessFilter();
}
}
Zuul作为服务网关为了保证自己不被服务拖垮,本身已经集成了Hystrix对路由转发进行隔离。 为了方便开发人员对服务短路进行自定义处理,
ZuulFallbackProvider :Zuul 提供了 ZuulFallbackProvider 接口,开发人员可以通过实现该接口来完成自定义Hystrix Fallback
FallbackProvider :Spring Cloud Zuul 提供了 FallbackProvider替代了ZuulFallbackProvider接口。
package com.javaxl.microservicezuul3001.fallback;
import org.springframework.cloud.netflix.zuul.filters.route.ZuulFallbackProvider;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.stereotype.Component;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@Component
public class ZuulFallBack implements ZuulFallbackProvider {
@Override
public String getRoute() {
return "*";
}
/**
* 在给zuul整合回退功能时,只要类实现ZuulFallbackProvider接口,并且注册bean即可。
*
* 不过需要注意的时,这个回退只有服务掉线或者超时的情况下才会触发(Camden.SR4版本测试是这样),
* 如果服务程序出现异常,此回退程序是不能处理的,异常会直接返回给调用者,比如页面。
*
* @return
*/
@Override
public ClientHttpResponse fallbackResponse() {
return new ClientHttpResponse() {
@Override
public HttpHeaders getHeaders() {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON_UTF8);//application/json;charset=UTF-8
return headers;
}
@Override
public InputStream getBody() throws IOException {
String msg = "服务繁忙,请稍后.....";
//new ByteArrayInputStream("{\"code\":-1,\"msg\":\"服务暂不可用\"}".getBytes(StandardCharsets.UTF_8))
return new ByteArrayInputStream(msg.getBytes());
}
@Override
public String getStatusText() throws IOException {
return HttpStatus.BAD_REQUEST.getReasonPhrase();//400
}
@Override
public HttpStatus getStatusCode() throws IOException {
return HttpStatus.BAD_REQUEST;
}
@Override
public int getRawStatusCode() throws IOException {
return HttpStatus.BAD_REQUEST.value();//"Bad Request"
}
@Override
public void close() {
}
};
}
}
浏览器输入地址进行测试
http://zuul.lingerqi.com:3001/lingerqi/studentServer/student/list
http://zuul.lingerqi.com:3001/lingerqi/studentServer/student/list?accessToken=1
测试结果如下:
