6、路由:路由是API网关很核心的模块功能,此模块实现根据请求,锁定目标微服务并将请求进行转发。此模块需要与“服务发布管理中心”通信。“服务发布管理中心”实现微服务发布注册管理功能,与其通信获得目标微服务信息。
API网关部署API网关是一个公共基础组件,无状态,可支持多套分布式部署。
5.2 基于Nginx实现API网关Nginx配置,实现玩骨干的路由功能,利用了Nginx的反向代理功能
http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name ; location /api-a { proxy_pass :8000/; index index.html index.htm; } location /api-b { proxy_pass :8001/; index index.html index.htm; } } } 5.3 基于Zuul实现API网关 搭建注册中心创建项目eureka_server
eureka_server pom依赖信息
<parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.0.1.RELEASE</version> </parent> <!-- 管理依赖 --> <dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-dependencies</artifactId> <version>Finchley.M7</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-netflix-eureka-server</artifactId> </dependency> </dependencies> <!-- 注意: 这里必须要添加, 否者各种依赖有问题 --> <repositories> <repository> <id>spring-milestones</id> <name>Spring Milestones</name> <url>https://repo.spring.io/libs-milestone</url> <snapshots> <enabled>false</enabled> </snapshots> </repository> </repositories> application.yml 配置信息 server: port: 8100 eureka: instance: hostname: server1 client: serviceUrl: defaultZone: ${eureka.instance.hostname}:${server.port}/eureka/ register-with-eureka: false fetch-registry: false启动类
@SpringBootApplication @EnableEurekaServer public class EurekaApplication { public static void main(final String[] args) { SpringApplication.run(EurekaApplication.class, args); } } 创建A服务项目启动类
@SpringBootApplication @EnableDiscoveryClient @RestController public class AIndexController { @RequestMapping("http://www.likecs.com/") public String index() { return "我是A项目...."; } public static void main(String[] args) { SpringApplication.run(AIndexController.class, args); } }配置信息
server: port: 8000 spring: application: name: itmayiedu_a eureka: client: service-url: defaultZone: :8100/eureka 创建B服务项目 @SpringBootApplication @EnableDiscoveryClient @RestController public class AIndexController { @RequestMapping("http://www.likecs.com/") public String index() { return "我是B项目...."; } public static void main(String[] args) { SpringApplication.run(AIndexController.class, args); } }配置信息
server: port: 8000 spring: application: name: itmayiedu_a eureka: client: service-url: defaultZone: :8100/eureka 创建Zuul网关项目配置application 依赖信息
eureka: client: serviceUrl: defaultZone: :8100/eureka/ server: port: 8769 spring: application: name: service-zuul zuul: routes: api-a: path: /api-a/** serviceId: haoworld_a api-b: path: /api-b/** serviceId: haoworld_bZuulApplication启动运行
@EnableZuulProxy @EnableEurekaClient @SpringBootApplication public class ZuulApplication { public static void main(String[] args) { SpringApplication.run(ZuulApplication.class, args); } @Bean public TokenFilter accessFilter() { return new TokenFilter(); } } 过滤器拦截参数 // 使用网关拦截Token参数 public class TokenFilter extends ZuulFilter { public Object run() throws ZuulException { RequestContext ctx = RequestContext.getCurrentContext(); HttpServletRequest request = ctx.getRequest(); Object accessToken = request.getParameter("accessToken"); if (accessToken == null) { // 返回错误信息 ctx.setSendZuulResponse(false); ctx.setResponseStatusCode(401); ctx.setResponseBody("accessToken is null"); return null; } return null; } public boolean shouldFilter() { return true;// 是否执行该过滤器,此处为true,说明需要过滤 } @Override public int filterOrder() { return 0;// 优先级为0,数字越大,优先级越低 } @Override public String filterType() { return "pre"; // 前置过滤器 } } 六、基于多种方式实现防御DDOS攻击待整理
七、抓包分析Http请求 7.1 什么是Http请求Http请求是客户端与服务器端超文本传输协议