一、GateWay简介
Spring Cloud Gateway是由spring官方基于Spring5.0、Spring Boot2.x、Project Reactor等技术开发的网关,目的是代替原先版本中的Spring Cloud Netfilx Zuul,目前Netfilx已经开源了Zuul2.0,但Spring没有考虑集成,而是推出了自己开发的Spring Cloud GateWay。该项目提供了一个构建在Spring Ecosystem之上的API网关,旨在提供一种简单而有效的途径来发送API,并向他们提供交叉关注点,例如:安全性,监控、埋点,限流等。
二、Maven依赖
<!--gateway-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<!-- 可以不加-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<!-- 健康检查 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
三、application.properties配置
#网关中心端口号
server.port=8080
#注册中心
eureka.register.port=${register.port:8761}
eureka.register.host=${register.home:127.0.0.1}
#网关中心实例的主机名
spring.application.name=hrz-gateway
#spring.cloud.gateway.discovery.locator.enabled=true
spring.cloud.gateway.discovery.locator.lowerCaseServiceId=true
#显示IP
eureka.instance.preferIpAddress=true
eureka.instance.instance-id=${spring.application.name}:${spring.cloud.client.ip-address}:${server.port}
#注册中心地址
eureka.client.serviceUrl.defaultZone=http://${eureka.register.host}:${eureka.register.port}/eureka/
#网关开启与关闭
spring.cloud.gateway.enabled=true
logging.level.org.springframework.cloud.gateway=trace
logging.level.org.springframework.http.server.reactive=debug
logging.level.org.springframework.web.reactive=debug
logging.level.reactor.ipc.netty=debug
#监控(http://localhost:8080/actuator/gateway/routes)
management.endpoints.web.exposure.include=*
eureka.instance.status-page-url-path=/actuator/info
eureka.instance.health-check-url-path=/actuator/health
eureka.instance.home-page-url-path=/
#读取配置中心信息
spring.cloud.config.uri=http://${config.host:127.0.0.1}:${config.port:8888}
spring.cloud.config.name=hrz-gateway
spring.cloud.config.profile=${config.profile:dev}
#开启动态刷新
endpoints.refresh.enabled=true
#路由配置
spring.cloud.gateway.routes[0].id=163
spring.cloud.gateway.routes[0].uri=http://www.163.com/
spring.cloud.gateway.routes[0].predicates[0]=Path=/163/**
#路由配置id为服务实例名,uri为服务地址,path为服务路径
spring.cloud.gateway.routes[1].id=hrz-account-service
spring.cloud.gateway.routes[1].uri=lb://hrz-account-service
spring.cloud.gateway.routes[1].predicates[0]=Path=/account/**
三、GateWay整合Eureka转发服务请求
- 新建Eureka项目
1)Maven 依赖
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-server</artifactId>
</dependency>
2)启动类
@SpringBootApplication
@EnableEurekaServer
public class SpringcloudEurekaApplication {
public static void main(String[] args) {
SpringApplication.run(SpringcloudEurekaApplication.class, args);
}
}
3)配置
# 服务名
spring.application.name=sample-eureka-server
# 端口号
server.port=8761
# Eureka 配置信息
eureka.client.service-url.defaultZone=http://localhost:${server.port}/eureka/
eureka.client.fetch-registry=false
eureka.client.register-with-eureka=false
- 新建Getway项目
1)Maven依赖
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
2)启动类
@SpringBootApplication
public class SpringcloudGatewayApplication {
public static void main(String[] args) {
SpringApplication.run(SpringcloudGatewayApplication.class, args);
}
}
3)配置
# 端口号
server.port=80
# 服务名称
spring.application.name=spring-cloud-gateway
# 显示IP
eureka.instance.preferIpAddress=true
eureka.instance.instance-id=${spring.application.name}:${spring.cloud.client.ip-address}:${server.port}
#注册中心地址
eureka.client.serviceUrl.defaultZone=http://localhost:8761/eureka/
# 开启 Gateway 服务注册中心服务发现
# 设为true便开启通过服务中心的自动根据 serviceId 创建路由的功能。
spring.cloud.gateway.discovery.locator.enabled=true
# 跨域配置
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowed-origins=*
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowedMethods=*
# 服务ID小写
spring.cloud.gateway.discovery.locator.lowerCaseServiceId=true
# 配置Gateway日志等级,输出转发细节信息
logging.level.org.springframework.cloud.gateway=debug
spring.main.allow-bean-definition-overriding=true
- 新建业务项目
1)Maven依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
2)启动类
@SpringBootApplication
public class SpringcloudUserApplication {
public static void main(String[] args) {
SpringApplication.run(SpringcloudUserApplication.class, args);
}
}
3)配置
# 服务名
spring.application.name=user-service
# 服务端口号
server.port=8080
# 注册到Eureka
eureka.client.service-url.defaultZone=http://localhost:8761/eureka/
4)控制器类
@RestController
@RequestMapping
public class UserController {
@GetMapping("user")
public String getUser(){
return "admin";
}
}
- 访问测试
http://localhost:8761/
注册中心
业务接口访问
http://localhost:8088/USER-SERVICE/user
通过网关转发
四、网关请求转发,跨域问题
- 添加配置类: CorsConfig.java
方式一:
@Configuration
public class CorsConfig {
private static final String MAX_AGE = "18000L";
@Bean
public WebFilter corsFilter() {
return (ServerWebExchange ctx, WebFilterChain chain) -> {
ServerHttpRequest request = ctx.getRequest();
if (CorsUtils.isCorsRequest(request)) {
HttpHeaders requestHeaders = request.getHeaders();
ServerHttpResponse response = ctx.getResponse();
HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
HttpHeaders headers = response.getHeaders();
// 请求头
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders
.getAccessControlRequestHeaders());
if (requestMethod != null) {
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
}
headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
if (request.getMethod() == HttpMethod.OPTIONS) {
response.setStatusCode(HttpStatus.OK);
return Mono.empty();
}
}
return chain.filter(ctx);
};
}
@Bean
public ServerCodecConfigurer serverCodecConfigurer() {
return new DefaultServerCodecConfigurer();
}
/**
* 如果使用了注册中心(如:Eureka),进行控制则需要增加如下配置
*/
@Bean
public RouteDefinitionLocator discoveryClientRouteDefinitionLocator(DiscoveryClient discoveryClient, DiscoveryLocatorProperties properties) {
return new DiscoveryClientRouteDefinitionLocator(discoveryClient, properties);
}
}
方式二:
## 跨域配置
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowed-origins=*
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowed-methods=*
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowed-headers=*
spring.cloud.gateway.globalcors.cors-configurations.[/**].allow-credentials=true
四、 过滤器
- 全局过滤器
全局过滤器作用于所有的路由,不需要单独配置,我们可以用它来实现很多统一化处理的业务需求,比如权限认证,IP访问限制等等。
接口:GlobalFilter
@Slf4j
@Component
public class AuthGatewayFilter implements GlobalFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
log.info("网关过滤器");
ServerHttpRequest serverHttpRequest = exchange.getRequest();
log.info("{}", serverHttpRequest.getPath());
return chain.filter(exchange);
}
}
- 简单验证过滤
@Slf4j
@Component
public class AuthGatewayFilter implements GlobalFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
log.info("网关过滤器");
ServerHttpRequest request = exchange.getRequest();
ServerHttpResponse response = exchange.getResponse();
if (request.getPath().toString().contains("login")) {
return chain.filter(exchange);
}
// 获取令牌
HttpHeaders headers = request.getHeaders();
List<String> tokens = headers.get("admin_token");
Result result = Result.fail("没有认证");
if (null != tokens && tokens.size() > 0) {
String token = tokens.get(0);
// TODO 有令牌
if (StringUtils.isNotEmpty(token)) {
String username = JwtUtils.getUsername(token);
String password = Md5Utils.getMD5String(GlobalConstrant.JWT_SECRET);
// 防篡改
if (JwtUtils.verify(token, username, password)) {
return chain.filter(exchange);
} else {
result = Result.fail("令牌不正确");
}
}
}
// 设置body
String warningStr = JSON.toJSONString(result);
// 响应数据
DataBuffer bodyDataBuffer = response.bufferFactory().wrap(warningStr.getBytes());
return response.writeWith(Mono.just(bodyDataBuffer));
}
}
五、常见问题
- 服务id小写
请在网关配置文件application.properties中添加:
# 服务ID小写
spring.cloud.gateway.discovery.locator.lowerCaseServiceId=true
- 跨域问题
请在网关配置文件application.properties中添加:
# 跨域配置
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowed-origins=*
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowed-methods=*
spring.cloud.gateway.globalcors.cors-configurations.[/**].allowed-headers=*
spring.cloud.gateway.globalcors.cors-configurations.[/**].allow-credentials=true
注意:
如果网关配置了统一跨域请求,请去掉后端服务的所有跨域请求配置,否则将会出现
gateway Access-Control-Allow-Origin: *, *
错误 。
- 常见问题
- 通过网关上传到后端服务错误:has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '
原因:
因为网关做一统一跨域配置 ,所在请不在要参数上添加注解:
@RequestPart
public Result upload(@RequestPart MultipartFile file)
