.net core微服务之网关

网关：

一：apisix

　　doc：https://apisix.apache.org/zh/docs/apisix/getting-started/README/

　　github：https://github.com/apache/apisix

二：Kong

　　github：https://github.com/Kong/kong

三：Ocelot

　　github：https://github.com/ThreeMammals/Ocelot

四：janus

　　github：https://github.com/motiv-labs/janus

前置条件：docker，yaml

microservice.yaml

version: "3.8"

networks:

  caseor_bridge:

    driver: bridge

    ipam:

      config:

        - subnet: 172.0.10.0/24

services:

    mysql:

        container_name: mysql

        image: mysql

        privileged: true

        command: --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci --max_connections=2000 --max_allowed_packet=64M

        environment:

          - TZ=Asia/Shanghai

          - MYSQL_ROOT_PASSWORD=123456

        volumes:

          - ./mysql:/var/lib/mysql

        ports:

          - "3306:3306"

        healthcheck:

          test: [ "CMD", "mysqladmin" ,"ping", "-h", "localhost" ]

          interval: 5s

          timeout: 10s

          retries: 10

        networks:

          caseor_bridge:

            ipv4_address: 172.0.10.3

    redis:

        image: redis

        container_name: "redis"

        ports:

            - "6379:6379"

        volumes:

            - ./redis/data:/data

            - ./redis/conf:/usr/local/etc/redis

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.4

    nacos1:

        container_name: nacos1

        hostname: nacos1

        image: nacos/nacos-server

        environment:

            - MODE=cluster

            - PREFER_HOST_MODE=hostname

            - NACOS_SERVERS=nacos1:8848 nacos2:8848 nacos3:8848

            - SPRING_DATASOURCE_PLATFORM=mysql

            - MYSQL_SERVICE_HOST=172.0.10.3

            - MYSQL_SERVICE_PORT=3306

            - MYSQL_SERVICE_USER=root

            - MYSQL_SERVICE_PASSWORD=123456

            - MYSQL_SERVICE_DB_NAME=nacos

            - MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true

            - JVM_XMS=128m

            - JVM_XMX=128m

            - JVM_XMN=128m

        volumes:

            - ./nacos/cluster-logs/nacos1:/home/nacos/logs

            - ./nacos/init.d:/home/nacos/init.d

        ports:

            - 8850:8848

            - 7850:7848

            - 9870:9848

            - 9852:9849

        depends_on:

          - mysql

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.5

    nacos2:

        container_name: nacos2

        hostname: nacos2

        image: nacos/nacos-server

        environment:

            - MODE=cluster

            - PREFER_HOST_MODE=hostname

            - NACOS_SERVERS=nacos1:8848 nacos2:8848 nacos3:8848

            - SPRING_DATASOURCE_PLATFORM=mysql

            - MYSQL_SERVICE_HOST=172.0.10.3

            - MYSQL_SERVICE_PORT=3306

            - MYSQL_SERVICE_USER=root

            - MYSQL_SERVICE_PASSWORD=123456

            - MYSQL_SERVICE_DB_NAME=nacos

            - MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true

            - JVM_XMS=128m

            - JVM_XMX=128m

            - JVM_XMN=128m

        volumes:

            - ./nacos/cluster-logs/nacos2:/home/nacos/logs

            - ./nacos/init.d:/home/nacos/init.d

        ports:

            - 8849:8848

            - 7849:7848

            - 9869:9848

            - 9851:9849

        depends_on:

          - mysql

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.6

    nacos3:

        container_name: nacos3

        hostname: nacos3

        image: nacos/nacos-server

        environment:

            - MODE=cluster

            - PREFER_HOST_MODE=hostname

            - NACOS_SERVERS=nacos1:8848 nacos2:8848 nacos3:8848

            - SPRING_DATASOURCE_PLATFORM=mysql

            - MYSQL_SERVICE_HOST=172.0.10.3

            - MYSQL_SERVICE_PORT=3306

            - MYSQL_SERVICE_USER=root

            - MYSQL_SERVICE_PASSWORD=123456

            - MYSQL_SERVICE_DB_NAME=nacos

            - MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true

            - JVM_XMS=128m

            - JVM_XMX=128m

            - JVM_XMN=128m

        volumes:

            - ./nacos/cluster-logs/nacos3:/home/nacos/logs

            - ./nacos/init.d:/home/nacos/init.d

        ports:

            - 8848:8848

            - 7848:7848

            - 9848:9848

            - 9849:9849

        depends_on:

          - mysql

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.7

    etcd:

        container_name: etcd

        hostname: etcd

        image: bitnami/etcd

        volumes:

          - ./etcd/data:/bitnami/etcd

        environment:

          ETCD_ENABLE_V2: "true"

          ALLOW_NONE_AUTHENTICATION: "yes"

          ETCD_ADVERTISE_CLIENT_URLS: "http://etcd:2379" #https://github.com/apache/apisix-dashboard/issues/2756 需要更换为host域名不能使用0.0.0.0

          ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379"

        ports:

          - "2379:2379/tcp"

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.8

    apisix:

        container_name: apisix

        hostname: apisix

        image: apache/apisix

        volumes:

          - ./apisix/log:/usr/local/apisix/logs

          - ./apisix/conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro

        depends_on:

          - etcd

        ports:

          - "9088:9088/tcp"

          - "9180:9180/tcp"

          - "127.0.0.1:9090:9090/tcp"

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.9

    apisix-dashboard:

        container_name: apisix-dashboard

        image: apache/apisix-dashboard

        depends_on:

          - etcd

        ports:

          - "9188:9188"

        volumes:

          - ./apisix/conf/dashboard.yaml:/usr/local/apisix-dashboard/conf/conf.yaml

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.10

    rabbitmq01:

      image: rabbitmq

      container_name: rabbitmq01

      hostname: rabbitmq01

      environment:

        - TZ=Asia/Shanghai

        - RABBITMQ_DEFAULT_USER=root   #自定义登录账号

        - RABBITMQ_DEFAULT_PASS=123456 #自定义登录密码

        - RABBITMQ_ERLANG_COOKIE='secret_cookie'

      ports:

        - "15672:15672"

        - "5672:5672"

      volumes:

        - ./rabbitmq/mq1/data:/var/lib/rabbitmq

        - ./rabbitmq/mq1/conf:/etc/rabbitmq

      command:  bash -c "sleep 10; rabbitmq-server;"

      networks:

        caseor_bridge:

            ipv4_address: 172.0.10.11

    rabbitmq02:

      image: rabbitmq

      container_name: rabbitmq02

      hostname: rabbitmq02

      environment:

        - TZ=Asia/Shanghai

        - RABBITMQ_DEFAULT_USER=root   #自定义登录账号

        - RABBITMQ_DEFAULT_PASS=123456 #自定义登录密码

        - RABBITMQ_ERLANG_COOKIE='secret_cookie'

      ports:

        - "15673:15672"

        - "5673:5672"

      depends_on:

          - rabbitmq01

      volumes:

        - ./rabbitmq/mq2/data:/var/lib/rabbitmq

        - ./rabbitmq/mq2/conf:/etc/rabbitmq

      command:  bash -c "sleep 10; rabbitmq-server;"

      networks:

        caseor_bridge:

            ipv4_address: 172.0.10.12

    rabbitmq03:

      image: rabbitmq

      container_name: rabbitmq03

      hostname: rabbitmq03

      environment:

        - TZ=Asia/Shanghai

        - RABBITMQ_DEFAULT_USER=root   #自定义登录账号

        - RABBITMQ_DEFAULT_PASS=123456 #自定义登录密码

        - RABBITMQ_ERLANG_COOKIE='secret_cookie'

      ports:

        - "15674:15672"

        - "5674:5672"

      depends_on:

          - rabbitmq01

      volumes:

        - ./rabbitmq/mq3/data:/var/lib/rabbitmq

        - ./rabbitmq/mq3/conf:/etc/rabbitmq

      command:  bash -c "sleep 10; rabbitmq-server;"

      networks:

        caseor_bridge:

            ipv4_address: 172.0.10.13

# 开启web管理

# rabbitmq-plugins enable rabbitmq_management 

# # 加入rabbitmq集群

# # rabbit1

# rabbitmqctl stop_app

# rabbitmqctl reset

# rabbitmqctl start_app

# # rabbit2

# rabbitmqctl stop_app

# rabbitmqctl reset

# rabbitmqctl join_cluster --ram rabbit@rabbit1

# rabbitmqctl start_app

# # rabbit3

# rabbitmqctl stop_app

# rabbitmqctl reset

# rabbitmqctl join_cluster --ram rabbit@rabbit1

# rabbitmqctl start_app

目前使用docker启动apisix，需要依赖etcd，

    etcd:

        container_name: etcd

        hostname: etcd

        image: bitnami/etcd

        volumes:

          - ./etcd/data:/bitnami/etcd

        environment:

          ETCD_ENABLE_V2: "true"

          ALLOW_NONE_AUTHENTICATION: "yes"

          ETCD_ADVERTISE_CLIENT_URLS: "http://etcd:2379" #https://github.com/apache/apisix-dashboard/issues/2756 需要更换为host域名不能使用0.0.0.0

          ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379"

        ports:

          - "2379:2379/tcp"

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.8

    apisix:

        container_name: apisix

        hostname: apisix

        image: apache/apisix

        volumes:

          - ./apisix/log:/usr/local/apisix/logs

          - ./apisix/conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro

        depends_on:

          - etcd

        ports:

          - "9088:9088/tcp"

          - "9180:9180/tcp"

          - "127.0.0.1:9090:9090/tcp"

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.9

    apisix-dashboard:

        container_name: apisix-dashboard

        image: apache/apisix-dashboard

        depends_on:

          - etcd

        ports:

          - "9188:9188"

        volumes:

          - ./apisix/conf/dashboard.yaml:/usr/local/apisix-dashboard/conf/conf.yaml

        networks:

          caseor_bridge:

                ipv4_address: 172.0.10.10

使用apisix dashboard的时候会出现一个bug，需要在启动etcd的时候设置ETCD_ADVERTISE_CLIENT_URLS为host域名而不能使用0.0.0.0

apisix的config yaml

apisix:

    node_listen:

        - port: 9088

    enable_ipv6: true

    enable_control: true

    control:

        ip: "[::]"

        port: 9090

discovery:

  nacos:

    host:

      - "http://172.0.10.7:8848"

deployment:

    role: traditional

    role_traditional:

        config_provider: etcd

    admin:

        admin_listen:

            port: 9180

        allow_admin:

            - 0.0.0.0/0

        admin_key:

            - name: "admin"

              key: b848941cd4e1003f2f961a7786ecf75f

              role: admin

            - name: "viewer"

              key: dd3bc5bde63f272f554b91336bfcfcb3

              role: viewer

    etcd:

       host:

           - http://etcd:2379

       prefix: /apisix

       timeout: 30

#plugin_attr:

#    prometheus:

#        export_addr:

#            ip: "0.0.0.0"

#            port: 9091

#END

dashboard的config yaml

conf:

  listen:

    host: 0.0.0.0     # `manager api` listening ip or host name

    port: 9188          # `manager api` listening port

  allow_list:           # If we don't set any IP list, then any IP access is allowed by default.

    - 0.0.0.0/0

  etcd:

    endpoints:          # supports defining multiple etcd host addresses for an etcd cluster

      - "http://etcd:2379"

                          # yamllint disable rule:comments-indentation

                          # etcd basic auth info

    # username: "root"    # ignore etcd username if not enable etcd auth

    # password: "123456"  # ignore etcd password if not enable etcd auth

    mtls:

      key_file: ""          # Path of your self-signed client side key

      cert_file: ""         # Path of your self-signed client side cert

      ca_file: ""           # Path of your self-signed ca cert, the CA is used to sign callers' certificates

    # prefix: /apisix     # apisix config's prefix in etcd, /apisix by default

  log:

    error_log:

      level: warn       # supports levels, lower to higher: debug, info, warn, error, panic, fatal

      file_path:

        logs/error.log  # supports relative path, absolute path, standard output

                        # such as: logs/error.log, /tmp/logs/error.log, /dev/stdout, /dev/stderr

    access_log:

      file_path:

        logs/access.log  # supports relative path, absolute path, standard output

                         # such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr

                         # log example: 2020-12-09T16:38:09.039+0800    INFO    filter/logging.go:46    /apisix/admin/routes/r1 {"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []}

authentication:

  secret:

    secret              # secret for jwt token generation.

                        # NOTE: Highly recommended to modify this value to protect `manager api`.

                        # if it's default value, when `manager api` start, it will generate a random string to replace it.

  expire_time: 3600     # jwt token expire time, in second

  users:                # yamllint enable rule:comments-indentation

    - username: admin   # username and password for login `manager api`

      password: admin

    - username: user

      password: user

plugins:                          # plugin list (sorted in alphabetical order)

  - api-breaker

  - authz-keycloak

  - basic-auth

  - batch-requests

  - consumer-restriction

  - cors

  # - dubbo-proxy

  - echo

  # - error-log-logger

  # - example-plugin

  - fault-injection

  - grpc-transcode

  - hmac-auth

  - http-logger

  - ip-restriction

  - jwt-auth

  - kafka-logger

  - key-auth

  - limit-conn

  - limit-count

  - limit-req

  # - log-rotate

  # - node-status

  - openid-connect

  - prometheus

  - proxy-cache

  - proxy-mirror

  - proxy-rewrite

  - redirect

  - referer-restriction

  - request-id

  - request-validation

  - response-rewrite

  - serverless-post-function

  - serverless-pre-function

  # - skywalking

  - sls-logger

  - syslog

  - tcp-logger

  - udp-logger

  - uri-blocker

  - wolf-rbac

  - zipkin

  - server-info

  - traffic-split

在文件夹下启动

docker-compose -f microservice.yaml up

本地打开 http://localhost:9188 使用admin ，admin 登录

配置路由信息

这里使用的是nacos作为服务发现，具体查看nacos配置

启动以8083端口的服务

dotnet run --urls=http://*:8083

打开浏览器调试下接口

接下来使用网关请求

再启动以8084端口的服务

nacos中出现了两个实例

继续使用网关请求

在log中的access.log 可以查看到网关请求到不同端口的服务

几个注意点：

1.etcd的ETCD_ADVERTISE_CLIENT_URLS 需要更换为host域名不能使用0.0.0.0

2.apisix的nacos配置在 config.yaml中的discovery

尽量使用host名称

.net core微服务之网关的更多相关文章

.NET Core 微服务—API网关(Ocelot) 教程 [二]
上篇文章(.NET Core 微服务—API网关(Ocelot) 教程 [一])介绍了Ocelot 的相关介绍. 接下来就一起来看如何使用,让它运行起来. 环境准备为了验证Ocelot 网关效果,我 ...
.NET Core 微服务—API网关(Ocelot) 教程 [三]
前言: 前一篇文章<.NET Core 微服务—API网关(Ocelot) 教程 [二]>已经让Ocelot和目录api(Api.Catalog).订单api(Api.Ordering)通 ...
.NET Core 微服务—API网关(Ocelot) 教程 [一]
前言: 最近在关注微服务,在 eShop On Containers 项目中存在一个API网关项目,引起想深入了解下它的兴趣. 一.API网关是什么 API网关是微服务架构中的唯一入口,它提供一个单独 ...
.NET Core微服务开发网关篇-ocelot
通过上篇我们知道,网关是外部访问的统一入口,本文采用Ocelot作为Api网关. 环境要求: vs2019 .NetCore3.1 Ocelot16.0.1 创建一个产品服务Api站点(AAStore ...
.NET Core 微服务—API网关(Ocelot) 教程 [四]
前言: 上一篇介绍了Ocelot网关和认证服务的结合使用,本篇继续介绍Ocelot相关请求聚合和Ocelot限流一.请求聚合 Ocelot允许声明聚合路由,这样可以把多个正常的Routes打包并映 ...
.NET Core微服务之基于Ocelot实现API网关服务
Tip: 此篇已加入.NET Core微服务基础系列文章索引一.啥是API网关? API 网关一般放到微服务的最前端,并且要让API 网关变成由应用所发起的每个请求的入口.这样就可以明显的简化客户端 ...
.NET Core微服务之基于Ocelot实现API网关服务（续）
Tip: 此篇已加入.NET Core微服务基础系列文章索引一.负载均衡与请求缓存 1.1 负载均衡为了验证负载均衡,这里我们配置了两个Consul Client节点,其中ClientServic ...
.NET Core微服务之基于Steeltoe集成Zuul实现统一API网关
Tip: 此篇已加入.NET Core微服务基础系列文章索引,本篇接上一篇<基于Steeltoe使用Eureka实现服务注册与发现>,所演示的示例也是基于上一篇的基础上而扩展的. => ...
（8）学习笔记） ASP.NET CORE微服务 Micro-Service ---- Ocelot网关（Api GateWay）
说到现在现有微服务的几点不足: 1) 对于在微服务体系中.和 Consul 通讯的微服务来讲,使用服务名即可访问.但是对于手机.web 端等外部访问者仍然需要和 N 多服务器交互,需要记忆他们的服务 ...
.net core 微服务之Api网关（Api Gateway）
原文:.net core 微服务之Api网关(Api Gateway) 微服务网关目录 1. 微服务引子 2.使用Nginx作为api网关 3.自创api网关(重复轮子) 3.1.构建初始化 3.2. ...

随机推荐

01-Linux命令和C语言基础
1 Linux开发环境搭建 1.1 虚拟机安装 1.安装VM Ware 2.安装ubuntu 分区 -- Linux没有盘符的概念 / -- 5000M /boot -- 系统启动过程中读取的重要文件 ...
QT5.9移植到海思HI3520设备上运行
前言: 在海思HI3520DV300上调试QT5.9.0有一小段时间了,这里将遇到的比较典型的问题做一个记录,以备后续查询,也可给同行一个参考.本人只使用过QT5.9.0这一个版本,如有描述错误欢迎指 ...
JS逆向实战27——pdd的anti_content 分析与逆向
声明本文章中所有内容仅供学习交流,抓包内容.敏感网址.数据接口均已做脱敏处理,严禁用于商业用途和非法用途,否则由此产生的一切后果均与作者无关,若有侵权,请联系我立即删除! 本文已在微信公众号发布目 ...
cri-docker的学习和了解-番外
cri-docker的学习和了解-番外前言因为已经有足足两年多没再详细接触K8S了. 然后利用两个晚上搭建了IPV6 SingleStack的K8S单机版中间一直使用的docker的方式学习和工 ...
[转帖]top指令如何查询指定用户的所有进程？
有两种方法. 1.top指令与字符串查询指令通过通道配合查询. 指令: "-d 5"指的是每五秒刷新一次进程列表,"grep"是字符串查询指令,它可以将含 ...
[转帖]ESX/ESXi 主机上的每个插槽中安装了多少内存
https://www.cnblogs.com/reachos/p/11242302.html 要确定在 ESX/ESXi 主机上的每个插槽中安装了多少内存,请执行以下操作: 1. 启动ssh服务 2 ...
[粘贴]TiFlash
TiFlash 是 TiDB HTAP 形态的关键组件,它是 TiKV 的列存扩展,在提供了良好的隔离性的同时,也兼顾了强一致性.列存副本通过 Raft Learner 协议异步复制,但是在读取的时候 ...
[转帖]KingbaseES wal(xlog) 日志清理故障恢复案例
https://www.cnblogs.com/kingbase/p/16266365.html 案例说明:在通过sys_archivecleanup工具手工清理wal日志时,在control文件中查 ...
[转帖]金仓数据库KingbaseES误删除系统超级用户（superuser）权限的恢复方式
https://blog.csdn.net/arthemis_14/article/details/129879269 在使用KingbaseES数据库的时候,系统默认存在一个跟系统初始化用户同名的S ...
Docker 运行 MongoDB的简单办法
Docker 运行 MongoDB的简单办法第一步拉取镜像 docker pull mongo 第二步创建自己的目录地址 10.24.22.240 创建目录 mkdir /mongodb 第三步 ...

.net core微服务之网关

.net core微服务之网关的更多相关文章

随机推荐

热门专题