.net core微服务之网关 微服务之网关 .net core net
网关:
一:apisix
doc:https://apisix.apache.org/zh/docs/apisix/getting-started/README/
github:https://github.com/apache/apisix
二:Kong
github:https://github.com/Kong/kong
三:Ocelot
github:https://github.com/ThreeMammals/Ocelot
四:janus
github:https://github.com/motiv-labs/janus
前置条件:docker,yaml
microservice.yaml
version: "3.8" networks: caseor_bridge: driver: bridge ipam: config: - subnet: 172.0.10.0/24 services: mysql: container_name: mysql image: mysql privileged: true command: --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci --max_connections=2000 --max_allowed_packet=64M environment: - TZ=Asia/Shanghai - MYSQL_ROOT_PASSWORD=123456 volumes: - ./mysql:/var/lib/mysql ports: - "3306:3306" healthcheck: test: [ "CMD", "mysqladmin" ,"ping", "-h", "localhost" ] interval: 5s timeout: 10s retries: 10 networks: caseor_bridge: ipv4_address: 172.0.10.3 redis: image: redis container_name: "redis" ports: - "6379:6379" volumes: - ./redis/data:/data - ./redis/conf:/usr/local/etc/redis networks: caseor_bridge: ipv4_address: 172.0.10.4 nacos1: container_name: nacos1 hostname: nacos1 image: nacos/nacos-server environment: - MODE=cluster - PREFER_HOST_MODE=hostname - NACOS_SERVERS=nacos1:8848 nacos2:8848 nacos3:8848 - SPRING_DATASOURCE_PLATFORM=mysql - MYSQL_SERVICE_HOST=172.0.10.3 - MYSQL_SERVICE_PORT=3306 - MYSQL_SERVICE_USER=root - MYSQL_SERVICE_PASSWORD=123456 - MYSQL_SERVICE_DB_NAME=nacos - MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true - JVM_XMS=128m - JVM_XMX=128m - JVM_XMN=128m volumes: - ./nacos/cluster-logs/nacos1:/home/nacos/logs - ./nacos/init.d:/home/nacos/init.d ports: - 8850:8848 - 7850:7848 - 9870:9848 - 9852:9849 depends_on: - mysql networks: caseor_bridge: ipv4_address: 172.0.10.5 nacos2: container_name: nacos2 hostname: nacos2 image: nacos/nacos-server environment: - MODE=cluster - PREFER_HOST_MODE=hostname - NACOS_SERVERS=nacos1:8848 nacos2:8848 nacos3:8848 - SPRING_DATASOURCE_PLATFORM=mysql - MYSQL_SERVICE_HOST=172.0.10.3 - MYSQL_SERVICE_PORT=3306 - MYSQL_SERVICE_USER=root - MYSQL_SERVICE_PASSWORD=123456 - MYSQL_SERVICE_DB_NAME=nacos - MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true - JVM_XMS=128m - JVM_XMX=128m - JVM_XMN=128m volumes: - ./nacos/cluster-logs/nacos2:/home/nacos/logs - ./nacos/init.d:/home/nacos/init.d ports: - 8849:8848 - 7849:7848 - 9869:9848 - 9851:9849 depends_on: - mysql networks: caseor_bridge: ipv4_address: 172.0.10.6 nacos3: container_name: nacos3 hostname: nacos3 image: nacos/nacos-server environment: - MODE=cluster - PREFER_HOST_MODE=hostname - NACOS_SERVERS=nacos1:8848 nacos2:8848 nacos3:8848 - SPRING_DATASOURCE_PLATFORM=mysql - MYSQL_SERVICE_HOST=172.0.10.3 - MYSQL_SERVICE_PORT=3306 - MYSQL_SERVICE_USER=root - MYSQL_SERVICE_PASSWORD=123456 - MYSQL_SERVICE_DB_NAME=nacos - MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true - JVM_XMS=128m - JVM_XMX=128m - JVM_XMN=128m volumes: - ./nacos/cluster-logs/nacos3:/home/nacos/logs - ./nacos/init.d:/home/nacos/init.d ports: - 8848:8848 - 7848:7848 - 9848:9848 - 9849:9849 depends_on: - mysql networks: caseor_bridge: ipv4_address: 172.0.10.7 etcd: container_name: etcd hostname: etcd image: bitnami/etcd volumes: - ./etcd/data:/bitnami/etcd environment: ETCD_ENABLE_V2: "true" ALLOW_NONE_AUTHENTICATION: "yes" ETCD_ADVERTISE_CLIENT_URLS: "http://etcd:2379" #https://github.com/apache/apisix-dashboard/issues/2756 需要更换为host域名不能使用0.0.0.0 ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379" ports: - "2379:2379/tcp" networks: caseor_bridge: ipv4_address: 172.0.10.8 apisix: container_name: apisix hostname: apisix image: apache/apisix volumes: - ./apisix/log:/usr/local/apisix/logs - ./apisix/conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro depends_on: - etcd ports: - "9088:9088/tcp" - "9180:9180/tcp" - "127.0.0.1:9090:9090/tcp" networks: caseor_bridge: ipv4_address: 172.0.10.9 apisix-dashboard: container_name: apisix-dashboard image: apache/apisix-dashboard depends_on: - etcd ports: - "9188:9188" volumes: - ./apisix/conf/dashboard.yaml:/usr/local/apisix-dashboard/conf/conf.yaml networks: caseor_bridge: ipv4_address: 172.0.10.10 rabbitmq01: image: rabbitmq container_name: rabbitmq01 hostname: rabbitmq01 environment: - TZ=Asia/Shanghai - RABBITMQ_DEFAULT_USER=root #自定义登录账号 - RABBITMQ_DEFAULT_PASS=123456 #自定义登录密码 - RABBITMQ_ERLANG_COOKIE='secret_cookie' ports: - "15672:15672" - "5672:5672" volumes: - ./rabbitmq/mq1/data:/var/lib/rabbitmq - ./rabbitmq/mq1/conf:/etc/rabbitmq command: bash -c "sleep 10; rabbitmq-server;" networks: caseor_bridge: ipv4_address: 172.0.10.11 rabbitmq02: image: rabbitmq container_name: rabbitmq02 hostname: rabbitmq02 environment: - TZ=Asia/Shanghai - RABBITMQ_DEFAULT_USER=root #自定义登录账号 - RABBITMQ_DEFAULT_PASS=123456 #自定义登录密码 - RABBITMQ_ERLANG_COOKIE='secret_cookie' ports: - "15673:15672" - "5673:5672" depends_on: - rabbitmq01 volumes: - ./rabbitmq/mq2/data:/var/lib/rabbitmq - ./rabbitmq/mq2/conf:/etc/rabbitmq command: bash -c "sleep 10; rabbitmq-server;" networks: caseor_bridge: ipv4_address: 172.0.10.12 rabbitmq03: image: rabbitmq container_name: rabbitmq03 hostname: rabbitmq03 environment: - TZ=Asia/Shanghai - RABBITMQ_DEFAULT_USER=root #自定义登录账号 - RABBITMQ_DEFAULT_PASS=123456 #自定义登录密码 - RABBITMQ_ERLANG_COOKIE='secret_cookie' ports: - "15674:15672" - "5674:5672" depends_on: - rabbitmq01 volumes: - ./rabbitmq/mq3/data:/var/lib/rabbitmq - ./rabbitmq/mq3/conf:/etc/rabbitmq command: bash -c "sleep 10; rabbitmq-server;" networks: caseor_bridge: ipv4_address: 172.0.10.13 # 开启web管理 # rabbitmq-plugins enable rabbitmq_management # # 加入rabbitmq集群 # # rabbit1 # rabbitmqctl stop_app # rabbitmqctl reset # rabbitmqctl start_app # # rabbit2 # rabbitmqctl stop_app # rabbitmqctl reset # rabbitmqctl join_cluster --ram rabbit@rabbit1 # rabbitmqctl start_app # # rabbit3 # rabbitmqctl stop_app # rabbitmqctl reset # rabbitmqctl join_cluster --ram rabbit@rabbit1 # rabbitmqctl start_appView Code
目前使用docker启动apisix,需要依赖etcd,
etcd: container_name: etcd hostname: etcd image: bitnami/etcd volumes: - ./etcd/data:/bitnami/etcd environment: ETCD_ENABLE_V2: "true" ALLOW_NONE_AUTHENTICATION: "yes" ETCD_ADVERTISE_CLIENT_URLS: "http://etcd:2379" #https://github.com/apache/apisix-dashboard/issues/2756 需要更换为host域名不能使用0.0.0.0 ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379" ports: - "2379:2379/tcp" networks: caseor_bridge: ipv4_address: 172.0.10.8 apisix: container_name: apisix hostname: apisix image: apache/apisix volumes: - ./apisix/log:/usr/local/apisix/logs - ./apisix/conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro depends_on: - etcd ports: - "9088:9088/tcp" - "9180:9180/tcp" - "127.0.0.1:9090:9090/tcp" networks: caseor_bridge: ipv4_address: 172.0.10.9 apisix-dashboard: container_name: apisix-dashboard image: apache/apisix-dashboard depends_on: - etcd ports: - "9188:9188" volumes: - ./apisix/conf/dashboard.yaml:/usr/local/apisix-dashboard/conf/conf.yaml networks: caseor_bridge: ipv4_address: 172.0.10.10
使用apisix dashboard的时候 会出现一个bug,需要在启动etcd的时候设置ETCD_ADVERTISE_CLIENT_URLS为host域名 而不能使用0.0.0.0
apisix的config yaml
apisix: node_listen: - port: 9088 enable_ipv6: true enable_control: true control: ip: "[::]" port: 9090 discovery: nacos: host: - "http://172.0.10.7:8848" deployment: role: traditional role_traditional: config_provider: etcd admin: admin_listen: port: 9180 allow_admin: - 0.0.0.0/0 admin_key: - name: "admin" key: b848941cd4e1003f2f961a7786ecf75f role: admin - name: "viewer" key: dd3bc5bde63f272f554b91336bfcfcb3 role: viewer etcd: host: - http://etcd:2379 prefix: /apisix timeout: 30 #plugin_attr: # prometheus: # export_addr: # ip: "0.0.0.0" # port: 9091 #ENDView Code
dashboard的config yaml
conf: listen: host: 0.0.0.0 # `manager api` listening ip or host name port: 9188 # `manager api` listening port allow_list: # If we don't set any IP list, then any IP access is allowed by default. - 0.0.0.0/0 etcd: endpoints: # supports defining multiple etcd host addresses for an etcd cluster - "http://etcd:2379" # yamllint disable rule:comments-indentation # etcd basic auth info # username: "root" # ignore etcd username if not enable etcd auth # password: "123456" # ignore etcd password if not enable etcd auth mtls: key_file: "" # Path of your self-signed client side key cert_file: "" # Path of your self-signed client side cert ca_file: "" # Path of your self-signed ca cert, the CA is used to sign callers' certificates # prefix: /apisix # apisix config's prefix in etcd, /apisix by default log: error_log: level: warn # supports levels, lower to higher: debug, info, warn, error, panic, fatal file_path: logs/error.log # supports relative path, absolute path, standard output # such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr access_log: file_path: logs/access.log # supports relative path, absolute path, standard output # such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr # log example: 2020-12-09T16:38:09.039+0800 INFO filter/logging.go:46 /apisix/admin/routes/r1 {"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []} authentication: secret: secret # secret for jwt token generation. # NOTE: Highly recommended to modify this value to protect `manager api`. # if it's default value, when `manager api` start, it will generate a random string to replace it. expire_time: 3600 # jwt token expire time, in second users: # yamllint enable rule:comments-indentation - username: admin # username and password for login `manager api` password: admin - username: user password: user plugins: # plugin list (sorted in alphabetical order) - api-breaker - authz-keycloak - basic-auth - batch-requests - consumer-restriction - cors # - dubbo-proxy - echo # - error-log-logger # - example-plugin - fault-injection - grpc-transcode - hmac-auth - http-logger - ip-restriction - jwt-auth - kafka-logger - key-auth - limit-conn - limit-count - limit-req # - log-rotate # - node-status - openid-connect - prometheus - proxy-cache - proxy-mirror - proxy-rewrite - redirect - referer-restriction - request-id - request-validation - response-rewrite - serverless-post-function - serverless-pre-function # - skywalking - sls-logger - syslog - tcp-logger - udp-logger - uri-blocker - wolf-rbac - zipkin - server-info - traffic-splitView Code
在文件夹下启动
docker-compose -f microservice.yaml up
本地打开 http://localhost:9188 使用admin ,admin 登录
配置路由信息
这里使用的是nacos作为服务发现,具体查看nacos配置
启动以8083端口的服务
dotnet run --urls=http://*:8083
打开浏览器调试下接口
接下来使用网关请求
再启动以8084端口的服务
nacos中出现了两个实例
继续使用网关请求
在log中的access.log 可以查看到网关请求到不同端口的服务
几个注意点:
1.etcd的ETCD_ADVERTISE_CLIENT_URLS 需要更换为host域名不能使用0.0.0.0
2.apisix的nacos配置在 config.yaml中的discovery
尽量使用host名称