zuul 是netflix开源的一个API Gateway 服务器, 本质上是一个web servlet应用。

Zuul可以通过加载动态过滤机制,从而实现以下各项功能:

  • 验证与安全保障: 识别面向各类资源的验证要求并拒绝那些与要求不符的请求。
  • 审查与监控: 在边缘位置追踪有意义数据及统计结果,从而为我们带来准确的生产状态结论。
  • 动态路由: 以动态方式根据需要将请求路由至不同后端集群处。
  • 压力测试: 逐渐增加指向集群的负载流量,从而计算性能水平。
  • 负载分配: 为每一种负载类型分配对应容量,并弃用超出限定值的请求。
  • 静态响应处理: 在边缘位置直接建立部分响应,从而避免其流入内部集群。
  • 多区域弹性: 跨越AWS区域进行请求路由,旨在实现ELB使用多样化并保证边缘位置与使用者尽可能接近。

网关zuul从1.0到2.0 经历了较大的变化,先从架构上看看吧

 zuul 1.0的架构

从上图看,

1.ZuulServlet负责接收请求,对filter进行处理

/**

 * Core Zuul servlet which intializes and orchestrates zuulFilter execution

 *

 * @author Mikey Cohen

 *         Date: 12/23/11

 *         Time: 10:44 AM

 */

 @Override

    public void service(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse) throws ServletException, IOException {

        try {

            init((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse);

            // Marks this request as having passed through the "Zuul engine", as opposed to servlets

            // explicitly bound in web.xml, for which requests will not have the same data attached

            RequestContext context = RequestContext.getCurrentContext();

            context.setZuulEngineRan();

            try {

                preRoute();

            } catch (ZuulException e) {

                error(e);

                postRoute();

                return;

            }

            try {

                route();

            } catch (ZuulException e) {

                error(e);

                postRoute();

                return;

            }

            try {

                postRoute();

            } catch (ZuulException e) {

                error(e);

                return;

            }

        } catch (Throwable e) {

            error(new ZuulException(e, 500, "UNHANDLED_EXCEPTION_" + e.getClass().getName()));

        } finally {

            RequestContext.getCurrentContext().unset();

        }

    }

其中

FilterProcessor处理核心类

前置filter

runFilters("pre"); //前置filter类型

跳转filter

runFilters("route");

后置filter

runFilters("post");

2. zuul的核心是一系列的filters, 其作用可以类比Servlet框架的Filter,或者AOP。工作原理如下图所示

Zuul可以对Groovy过滤器进行动态的加载,编译,运行。FilterFileManager.java

/**

 * This class manages the directory polling for changes and new Groovy filters.

 * Polling interval and directories are specified in the initialization of the class, and a poller will check

 * for changes and additions.

 *

 * @author Mikey Cohen

 *         Date: 12/7/11

 *         Time: 12:09 PM

 */

    void processGroovyFiles(List<File> aFiles) throws Exception {

        List<Callable<Boolean>> tasks = new ArrayList<>();

        for (File file : aFiles) {

            tasks.add(() -> {

                try {

                    return filterLoader.putFilter(file);

                }

                catch(Exception e) {

                    LOG.error("Error loading groovy filter from disk! file = " + String.valueOf(file), e);

                    return false;

                }

            });

        }

        processFilesService.invokeAll(tasks, FILE_PROCESSOR_TASKS_TIMEOUT_SECS.get(), TimeUnit.SECONDS);

    }

3.对groovy文件的动态操作管理类FilterScriptManagerServlet

/**

 * Servlet for uploading/downloading/managing scripts.

 * <p/>

 * <ul>

 * <li>Upload scripts to the registry for a given endpoint.</li>

 * <li>Download scripts from the registry</li>

 * <li>List all revisions of scripts for a given endpoint.</li>

 * <li>Mark a particular script revision as active for production.</li>

 * </ul>

 */

   @Override

    protected void doPut(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        if (!adminEnabled.get()) {

            response.sendError(HttpServletResponse.SC_FORBIDDEN, "Filter admin is disabled. See the zuul.filters.admin.enabled FastProperty.");

            return;

        }

        // retrieve arguments and validate

        String action = request.getParameter("action");

        /* validate the action and method */

        if (!isValidAction(request, response)) {

            return;

        }

        // perform action

        if ("UPLOAD".equals(action)) {

            handleUploadAction(request, response);

        } else if ("ACTIVATE".equals(action)) {

            handleActivateAction(request, response);

        } else if ("CANARY".equals(action)) {

            handleCanaryAction(request, response);

        } else if ("DEACTIVATE".equals(action)) {

            handledeActivateAction(request, response);

        }

    }

zuul 2.0架构

从上图可以看到:

1.Zuul引入了Netty和RxJava,正如之前的 ZuulFilter 分为了 Pre,Post,Route,Error,Zuul2的Filter分为三种类型

  • Inbound Filters: 在路由之前执行
  • Endpoint Filters: 路由操作
  • Outbound Filters: 得到相应数据之后执行

使用RxJava重写了Pre,Post,Route ZuulFilter的结构如下

ZuulServerChannelInitializer.java

    @Override

    protected void initChannel(Channel ch) throws Exception

    {

        // Configure our pipeline of ChannelHandlerS.

        ChannelPipeline pipeline = ch.pipeline();

        storeChannel(ch);

        addTimeoutHandlers(pipeline);

        addPassportHandler(pipeline);

        addTcpRelatedHandlers(pipeline);

        addHttp1Handlers(pipeline);

        addHttpRelatedHandlers(pipeline);

        addZuulHandlers(pipeline);

    }

其父类实现了addZuulHandlers方法

   protected void addZuulHandlers(final ChannelPipeline pipeline)

    {

        pipeline.addLast("logger", nettyLogger);

        pipeline.addLast(new ClientRequestReceiver(sessionContextDecorator));

        pipeline.addLast(passportLoggingHandler);

        addZuulFilterChainHandler(pipeline);

        pipeline.addLast(new ClientResponseWriter(requestCompleteHandler, registry));

    }

    protected void addZuulFilterChainHandler(final ChannelPipeline pipeline) {

        final ZuulFilter<HttpResponseMessage, HttpResponseMessage>[] responseFilters = getFilters(   //1

                new OutboundPassportStampingFilter(FILTERS_OUTBOUND_START),

                new OutboundPassportStampingFilter(FILTERS_OUTBOUND_END));

        // response filter chain

        final ZuulFilterChainRunner<HttpResponseMessage> responseFilterChain = getFilterChainRunner(responseFilters,

                filterUsageNotifier);

        // endpoint | response filter chain

        final FilterRunner<HttpRequestMessage, HttpResponseMessage> endPoint = getEndpointRunner(responseFilterChain,  //2

                filterUsageNotifier, filterLoader);

        final ZuulFilter<HttpRequestMessage, HttpRequestMessage>[] requestFilters = getFilters(                   //3

                new InboundPassportStampingFilter(FILTERS_INBOUND_START),

                new InboundPassportStampingFilter(FILTERS_INBOUND_END));

        // request filter chain | end point | response filter chain

        final ZuulFilterChainRunner<HttpRequestMessage> requestFilterChain = getFilterChainRunner(requestFilters,

                filterUsageNotifier, endPoint);

        pipeline.addLast(new ZuulFilterChainHandler(requestFilterChain, responseFilterChain));

    }

调用Handler处理

    @Override

    public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {

        if (msg instanceof HttpRequestMessage) {

            zuulRequest = (HttpRequestMessage)msg;

            //Replace NETTY_SERVER_CHANNEL_HANDLER_CONTEXT in SessionContext

            final SessionContext zuulCtx = zuulRequest.getContext();

            zuulCtx.put(NETTY_SERVER_CHANNEL_HANDLER_CONTEXT, ctx);

            zuulCtx.put(ZUUL_FILTER_CHAIN, requestFilterChain);

            requestFilterChain.filter(zuulRequest);

        }

        else if ((msg instanceof HttpContent)&&(zuulRequest != null)) {

            requestFilterChain.filter(zuulRequest, (HttpContent) msg);

        }

        else {

            LOG.debug("Received unrecognized message type. " + msg.getClass().getName());

            ReferenceCountUtil.release(msg);

        }

    }

调用ZuulFilterChainRunner的filter方法

 @Override

    public void filter(T inMesg, HttpContent chunk) {

        String filterName = "-";

        try {

            Preconditions.checkNotNull(inMesg, "input message");

            final AtomicInteger runningFilterIdx = getRunningFilterIndex(inMesg);

            final int limit = runningFilterIdx.get();

            for (int i = 0; i < limit; i++) {

                final ZuulFilter<T, T> filter = filters[i];

                filterName = filter.filterName();

                if ((! filter.isDisabled()) && (! shouldSkipFilter(inMesg, filter))) {

                    final HttpContent newChunk = filter.processContentChunk(inMesg, chunk);

                    if (newChunk == null)  {

                        //Filter wants to break the chain and stop propagating this chunk any further

                        return;

                    }

                    //deallocate original chunk if necessary

                    if ((newChunk != chunk) && (chunk.refCnt() > 0)) {

                        chunk.release(chunk.refCnt());

                    }

                    chunk = newChunk;

                }

            }

            if (limit >= filters.length) {

                //Filter chain has run to end, pass down the channel pipeline

                invokeNextStage(inMesg, chunk);

            } else {

                inMesg.bufferBodyContents(chunk);

                boolean isAwaitingBody = isFilterAwaitingBody(inMesg);

                // Record passport states for start and end of buffering bodies.

                if (isAwaitingBody) {

                    CurrentPassport passport = CurrentPassport.fromSessionContext(inMesg.getContext());

                    if (inMesg.hasCompleteBody()) {

                        if (inMesg instanceof HttpRequestMessage) {

                            passport.addIfNotAlready(PassportState.FILTERS_INBOUND_BUF_END);

                        } else if (inMesg instanceof HttpResponseMessage) {

                            passport.addIfNotAlready(PassportState.FILTERS_OUTBOUND_BUF_END);

                        }

                    }

                    else {

                        if (inMesg instanceof HttpRequestMessage) {

                            passport.addIfNotAlready(PassportState.FILTERS_INBOUND_BUF_START);

                        } else if (inMesg instanceof HttpResponseMessage) {

                            passport.addIfNotAlready(PassportState.FILTERS_OUTBOUND_BUF_START);

                        }

                    }

                }

                if (isAwaitingBody && inMesg.hasCompleteBody()) {

                    //whole body has arrived, resume filter chain

                    runFilters(inMesg, runningFilterIdx);

                }

            }

        }

        catch (Exception ex) {

            handleException(inMesg, filterName, ex);

        }

    }

2.NettyClient

            if (filter.getSyncType() == FilterSyncType.SYNC) {

                final SyncZuulFilter<I, O> syncFilter = (SyncZuulFilter) filter;

                final O outMesg = syncFilter.apply(inMesg);

                recordFilterCompletion(SUCCESS, filter, startTime, inMesg, snapshot);

                return (outMesg != null) ? outMesg : filter.getDefaultOutput(inMesg);

            }

            // async filter

            filter.incrementConcurrency();

            resumer = new FilterChainResumer(inMesg, filter, snapshot, startTime);

            filter.applyAsync(inMesg)

                .observeOn(Schedulers.from(getChannelHandlerContext(inMesg).executor()))

                .doOnUnsubscribe(resumer::decrementConcurrency)

                .subscribe(resumer);

ProxyEndpoint.java

    @Override

    public HttpResponseMessage apply(final HttpRequestMessage input) {

        // If no Origin has been selected, then just return a 404 static response.

        // handle any exception here

        try {

            if (origin == null) {

                handleNoOriginSelected();

                return null;

            }

            origin.getProxyTiming(zuulRequest).start();

            // To act the same as Ribbon, we must do this before starting execution (as well as before each attempt).

            IClientConfig requestConfig = origin.getExecutionContext(zuulRequest).getRequestConfig();

            originalReadTimeout = requestConfig.getProperty(ReadTimeout, null);

            setReadTimeoutOnContext(requestConfig, 1);

            origin.onRequestExecutionStart(zuulRequest);

            proxyRequestToOrigin();

            //Doesn't return origin response to caller, calls invokeNext() internally in response filter chain

            return null;

        } catch (Exception ex) {

            handleError(ex);

            return null;

        }

    }

将请求转发至远端

    private void proxyRequestToOrigin() {

        Promise<PooledConnection> promise = null;

        try {

            attemptNum += 1;

            requestStat = createRequestStat();

            origin.preRequestChecks(zuulRequest);

            concurrentReqCount++;

            // update RPS trackers

            updateOriginRpsTrackers(origin, attemptNum);

            // We pass this AtomicReference<Server> here and the origin impl will assign the chosen server to it.

            promise = origin.connectToOrigin(zuulRequest, channelCtx.channel().eventLoop(), attemptNum, passport, chosenServer, chosenHostAddr);

            storeAndLogOriginRequestInfo();

            currentRequestAttempt = origin.newRequestAttempt(chosenServer.get(), context, attemptNum);

            requestAttempts.add(currentRequestAttempt);

            passport.add(PassportState.ORIGIN_CONN_ACQUIRE_START);

            if (promise.isDone()) {

                operationComplete(promise);

            } else {

                promise.addListener(this);

            }

        }

        catch (Exception ex) {

            LOG.error("Error while connecting to origin, UUID {} " + context.getUUID(), ex);

            storeAndLogOriginRequestInfo();

            if (promise != null && ! promise.isDone()) {

                promise.setFailure(ex);

            } else {

                errorFromOrigin(ex);

            }

        }

    }

调用BasicNettyOrigin

    @Override

    public Promise<PooledConnection> connectToOrigin(HttpRequestMessage zuulReq, EventLoop eventLoop, int attemptNumber,

                                                     CurrentPassport passport, AtomicReference<Server> chosenServer,

                                                     AtomicReference<String> chosenHostAddr) {

        return clientChannelManager.acquire(eventLoop, null, zuulReq.getMethod().toUpperCase(),

                zuulReq.getPath(), attemptNumber, passport, chosenServer, chosenHostAddr);

    }

3.小结

>> zuul2通过启动BaseServerStartup的实现类,启动一个netty server

>> netty server将ZuulFilter (InboundOutboundEndPoint)包裹成ChainRunner组合成netty的一个handler:ZuulFilterChainHandler

>> ZuulFilterChainHandler将请求包装成SyncZuulFilter封装成NettyClient

4.zuul1和zuul2的选择

性能对比

Zuul 1 (阻塞)的应用场景

cpu密集型任务

简单操作的需求

开发简单的需求

实时请求高的

zuul2(非阻塞)的应用场景

io密集的任务

大请求或者大文件

队列的流式数据

超大量的连接

参考文献

【1】https://www.cnblogs.com/lexiaofei/p/7080257.html

【2】https://blog.csdn.net/lengyue309/article/details/82192118

【】https://github.com/strangeloop/StrangeLoop2017/blob/master/slides/ArthurGonigberg-ZuulsJourneyToNonBlocking.pdf

Netflix网关zuul(1.x和2.x)全解析的更多相关文章

  1. 微服务之路由网关—zuul

    Zuul 简介Zuul 是 Netflix 公司开发的一个开源 APIGateway,其本质上是一个 WebServlet 应用.Zuul 的核心是一系列的 Filter. 为什么要使用 Zuul微服 ...

  2. 玩转SpringCloud(F版本) 四.路由网关(zuul)

    本篇文章基于: 01)玩转SpringCloud 一.服务的注册与发现(Eureka) 02) 玩转SpringCloud 二.服务消费者(1)ribbon+restTemplate 03) 玩转Sp ...

  3. 【Dalston】【第五章】API服务网关(Zuul) 上

    微服务场景下,每一个微服务对外暴露了一组细粒度的服务.客户端的请求可能会涉及到一串的服务调用,如果将这些微服务都暴露给客户端,那么客户端需要多次请求不同的微服务才能完成一次业务处理,增加客户端的代码复 ...

  4. 服务网关zuul之七:zuul中的动态刷新路由配置

    <spring扩展点之三:Spring 的监听事件 ApplicationListener 和 ApplicationEvent 用法,在spring启动后做些事情> <服务网关zu ...

  5. SpringCloud-微服务网关ZUUL(六)

    前言:前面说过,由于微服务过多,可能某一个小业务就需要调各种微服务的接口,不可避免的就会需要负载均衡和反向代理了,以确保ui不直接与所有的微服务接口接触,所以我们需要使用一个组件来做分发,跨域等各种请 ...

  6. 八、springcloud之服务网关zuul(一)

    一.Zuul简介 zuul 是netflix开源的一个API Gateway 服务器, 本质上是一个web servlet应用. Zuul是Netflix出品的一个基于JVM路由和服务端的负载均衡器. ...

  7. Spring Cloud 服务网关Zuul

    Spring Cloud 服务网关Zuul 服务网关是分布式架构中不可缺少的组成部分,是外部网络和内部服务之间的屏障,例如权限控制之类的逻辑应该在这里实现,而不是放在每个服务单元. Spring Cl ...

  8. Spring Cloud(十):服务网关 Zuul(路由)【Finchley 版】

    Spring Cloud(十):服务网关 Zuul(路由)[Finchley 版]  发表于 2018-04-23 |  更新于 2018-05-09 |  通过之前几篇 Spring Cloud 中 ...

  9. Spring Cloud(十一):服务网关 Zuul(过滤器)【Finchley 版】

    Spring Cloud(十一):服务网关 Zuul(过滤器)[Finchley 版]  发表于 2018-04-23 |  更新于 2018-05-07 |  在上篇文章中我们了解了 Spring ...

随机推荐

  1. postman-----使用CSV和Json文件实现批量接口测试

    p.p1 { margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px ".PingFang SC"; color: #454545 } span ...

  2. EffictiveC++笔记 第2章

    Chapter 2 构造 / 析构 / 赋值 条款 05:了解C++ 默默编写并调用哪些函数 如果你写下: class Empty{ }; 事实上编译器会帮你补全: class Empty{ publ ...

  3. 一个C#程序员学习微信小程序路由的笔记

    路由大家应该都知道,在微信小程序也是有的,毕竟它是单页面应用程序.在WeChat中有五种跳转方式,分别是wx.switchTab.wx.reLaunch.wx.redirectTo.wx.naviga ...

  4. 说说new 和 malloc()

    熟悉c++的朋友应该都知道,c++提供给了程序员与硬件打交道的可能性,比如说内存管理.一个高水平的c++程序员可以将c++程序的性能优化到极致,榨干硬件资源.而现在我想说说与内存管理有关的new 和 ...

  5. Navicat:实现两个数据库结构同步和数据库对比

    Navicat版本:Navicat Premium 12 选择 工具 ——> 结构同步 ​ 选择源数据库和目标数据库,选择完成后点击右下角对比按钮 ​ 要修改的对象:源数据库和目标数据库中都有的 ...

  6. 解决:git push error: failed to push some refs to

    出现错误的原因是github中的README.md文件不在本地代码目录中. 也就是说我们需要先将远程代码库中的任何文件先pull到本地代码库中,才能push新的代码到github代码库中. 使用如下命 ...

  7. ASP.NET Core的实时库: SignalR -- 预备知识

    大纲 本系列会分为2-3篇文章. 第一篇介绍SignalR的预备知识和原理 然后会介绍SignalR和如何在ASP.NET Core里使用SignalR. 本文的目录如下: 实时Web简述 Long ...

  8. 在ArcMap中发布FeatureLayer(要素图层)

    FeatureLayer(要素图层)是ArcGIS Server发布的一种很重要的地图服务,发布后使用提供的url地址就可以在代码中调用并在地图上显示.编辑这个FeatureLayer.在HTML页面 ...

  9. Centos 7 django环境搭建

    1.本机网卡配置信息如下: vim /etc/sysconfig/network-scripts/ifcfg-ens33 TYPE=Ethernet PROXY_METHOD=none BROWSER ...

  10. 网络I/O 工作机制

    数据从一台主机发送到网络中的另一台主机需要经过很多步骤,先得有相互沟通的意向,然后得有物理渠道(物理链路),其次双方还得有语言能够交流,且步调要一致. TCP状态转化 如图,是TCP/IP 的握手过程 ...