重庆建站模板代理,高校网站建设研究意义,保定网站建设方法,房地产信息网上查询系统这篇文章#xff0c;我们将从Ocelot的中间件源码分析#xff0c;目前Ocelot已经实现那些功能#xff0c;还有那些功能在我们实际项目中暂时还未实现#xff0c;如果我们要使用这些功能#xff0c;应该如何改造等方面来说明。一、Ocelot源码解读在使用一个组件前#xff0… 这篇文章我们将从Ocelot的中间件源码分析目前Ocelot已经实现那些功能还有那些功能在我们实际项目中暂时还未实现如果我们要使用这些功能应该如何改造等方面来说明。一、Ocelot源码解读在使用一个组件前最好我们要了解其中的一些原理否则在使用过程中遇到问题也无从下手今天我带着大家一起来解读下Ocelot源码并梳理出具体实现的原理和流程便于我们根据需求扩展应用。Ocelot源码地址[https://github.com/ThreeMammals/Ocelot],Ocelot文档地址[https://ocelot.readthedocs.io/en/latest/]查看.NETCORE相关中间件源码我们优先找到入口方法比如Ocelot中间件使用的是app.UseOcelot(),我们直接搜索UserOcelot,我们会找到OcelotMiddlewareExtensions方法里面是Ocelot中间件实际运行的方式和流程。然后继续顺藤摸瓜查看详细的实现我们会发现如下代码public static async TaskIApplicationBuilder UseOcelot(this IApplicationBuilder builder, OcelotPipelineConfiguration pipelineConfiguration) { //创建配置信息var configuration await CreateConfiguration(builder); //监听配置信息ConfigureDiagnosticListener(builder); //创建执行管道return CreateOcelotPipeline(builder, pipelineConfiguration);}然后我们继续跟踪到创建管道方法可以发现Ocelot的执行流程已经被找到现在问题变的简单了直接查看private static IApplicationBuilder CreateOcelotPipeline(IApplicationBuilder builder, OcelotPipelineConfiguration pipelineConfiguration){ var pipelineBuilder new OcelotPipelineBuilder(builder.ApplicationServices); //详细创建的管道顺序在此方法pipelineBuilder.BuildOcelotPipeline(pipelineConfiguration); var firstDelegate pipelineBuilder.Build(); /*inject first delegate into first piece of asp.net middleware..maybe not like thisthen because we are updating the http context in ocelot it comes out correct forrest of asp.net..*/builder.Properties[analysis.NextMiddlewareName] TransitionToOcelotMiddleware;builder.Use(async (context, task) { var downstreamContext new DownstreamContext(context); await firstDelegate.Invoke(downstreamContext);}); return builder;
}管道创建流程及实现会不会感觉到摸到大动脉了核心的功能及原理基本找到了那以后动手术也就可以避开一些坑了我们可以对着这个执行顺序再查看详细的源码按照这个执行顺序查看源码您就会发现整个思路非常清晰每一步的实现一目了然。为了更直观的介绍源码的解读方式这里我们就拿我们后续要操刀的中间件来讲解下中间件的具体实现。public static class OcelotPipelineExtensions{ public static OcelotRequestDelegate BuildOcelotPipeline(this IOcelotPipelineBuilder builder,OcelotPipelineConfiguration pipelineConfiguration){ // This is registered to catch any global exceptions that are not handled// It also sets the Request Id if anything is set globallybuilder.UseExceptionHandlerMiddleware(); // If the request is for websockets upgrade we fork into a different pipelinebuilder.MapWhen(context context.HttpContext.WebSockets.IsWebSocketRequest,app { app.UseDownstreamRouteFinderMiddleware(); app.UseDownstreamRequestInitialiser(); app.UseLoadBalancingMiddleware(); app.UseDownstreamUrlCreatorMiddleware(); app.UseWebSocketsProxyMiddleware();}); // Allow the user to respond with absolutely anything they want.builder.UseIfNotNull(pipelineConfiguration.PreErrorResponderMiddleware); // This is registered first so it can catch any errors and issue an appropriate responsebuilder.UseResponderMiddleware(); // Then we get the downstream route informationbuilder.UseDownstreamRouteFinderMiddleware(); // This security module, IP whitelist blacklist, extended security mechanismbuilder.UseSecurityMiddleware(); //Expand other branch pipesif (pipelineConfiguration.MapWhenOcelotPipeline ! null){ foreach (var pipeline in pipelineConfiguration.MapWhenOcelotPipeline){ builder.MapWhen(pipeline);}} // Now we have the ds route we can transform headers and stuff?builder.UseHttpHeadersTransformationMiddleware(); // Initialises downstream requestbuilder.UseDownstreamRequestInitialiser(); // We check whether the request is ratelimit, and if there is no continue processingbuilder.UseRateLimiting(); // This adds or updates the request id (initally we try and set this based on global config in the error handling middleware)// If anything was set at global level and we have a different setting at re route level the global stuff will be overwritten// This means you can get a scenario where you have a different request id from the first piece of middleware to the request id middleware.builder.UseRequestIdMiddleware(); // Allow pre authentication logic. The idea being people might want to run something custom before what is built in.builder.UseIfNotNull(pipelineConfiguration.PreAuthenticationMiddleware); // Now we know where the client is going to go we can authenticate them.// We allow the ocelot middleware to be overriden by whatever the// user wantsif (pipelineConfiguration.AuthenticationMiddleware null){ builder.UseAuthenticationMiddleware();} else{ builder.Use(pipelineConfiguration.AuthenticationMiddleware);} // The next thing we do is look at any claims transforms in case this is important for authorisationbuilder.UseClaimsToClaimsMiddleware(); // Allow pre authorisation logic. The idea being people might want to run something custom before what is built in.builder.UseIfNotNull(pipelineConfiguration.PreAuthorisationMiddleware); // Now we have authenticated and done any claims transformation we // can authorise the request// We allow the ocelot middleware to be overriden by whatever the// user wantsif (pipelineConfiguration.AuthorisationMiddleware null){//使用自定义认证移除默认的认证方式//builder.UseAuthorisationMiddleware();}else{ builder.Use(pipelineConfiguration.AuthorisationMiddleware);} // Now we can run the claims to headers transformation middlewarebuilder.UseClaimsToHeadersMiddleware(); // Allow the user to implement their own query string manipulation logicbuilder.UseIfNotNull(pipelineConfiguration.PreQueryStringBuilderMiddleware); // Now we can run any claims to query string transformation middlewarebuilder.UseClaimsToQueryStringMiddleware(); // Get the load balancer for this requestbuilder.UseLoadBalancingMiddleware(); // This takes the downstream route we retrieved earlier and replaces any placeholders with the variables that should be usedbuilder.UseDownstreamUrlCreatorMiddleware(); // Not sure if this is the best place for this but we use the downstream url // as the basis for our cache key.builder.UseOutputCacheMiddleware(); //We fire off the request and set the response on the scoped data repobuilder.UseHttpRequesterMiddleware(); return builder.Build();} private static void UseIfNotNull(this IOcelotPipelineBuilder builder,FuncDownstreamContext, FuncTask, Task middleware){ if (middleware ! null){ builder.Use(middleware);}}}限流中间件实现解析实现代码如下builder.UseRateLimiting();我们转到定义得到如下代码详细的实现逻辑在ClientRateLimitMiddleware方法里继续转定义到这个方法我把方法里用到的内容注释了下。public static class RateLimitMiddlewareExtensions{ public static IOcelotPipelineBuilder UseRateLimiting(this IOcelotPipelineBuilder builder) { return builder.UseMiddlewareClientRateLimitMiddleware();}
}public class ClientRateLimitMiddleware : OcelotMiddleware{ private readonly OcelotRequestDelegate _next; private readonly IRateLimitCounterHandler _counterHandler; private readonly ClientRateLimitProcessor _processor; public ClientRateLimitMiddleware(OcelotRequestDelegate next,IOcelotLoggerFactory loggerFactory,IRateLimitCounterHandler counterHandler):base(loggerFactory.CreateLoggerClientRateLimitMiddleware()) {_next next;_counterHandler counterHandler;_processor new ClientRateLimitProcessor(counterHandler);} //熟悉的Tnvoke方法所有的逻辑都在此方法里。public async Task Invoke(DownstreamContext context) { var options context.DownstreamReRoute.RateLimitOptions; // 校验是否启用限流配置if (!context.DownstreamReRoute.EnableEndpointEndpointRateLimiting){//未启用直接进入下一个中间件Logger.LogInformation($EndpointRateLimiting is not enabled for {context.DownstreamReRoute.DownstreamPathTemplate.Value}); await _next.Invoke(context); return;} // 获取配置的校验客户端的方式var identity SetIdentity(context.HttpContext, options); // 校验是否为白名单if (IsWhitelisted(identity, options)){//白名单直接放行Logger.LogInformation(${context.DownstreamReRoute.DownstreamPathTemplate.Value} is white listed from rate limiting); await _next.Invoke(context); return;} var rule options.RateLimitRule; if (rule.Limit 0){//限流数是否大于0// 获取当前客户端请求情况这里需要注意_processor是从哪里注入的后续重var counter _processor.ProcessRequest(identity, options); // 校验请求数是否大于限流数if (counter.TotalRequests rule.Limit){ //获取下次有效请求的时间就是避免每次请求都校验一次var retryAfter _processor.RetryAfterFrom(counter.Timestamp, rule); // 写入日志LogBlockedRequest(context.HttpContext, identity, counter, rule, context.DownstreamReRoute); var retrystring retryAfter.ToString(System.Globalization.CultureInfo.InvariantCulture); // 抛出超出限流异常并把下次可请求时间写入header里。await ReturnQuotaExceededResponse(context.HttpContext, options, retrystring); return;}} //如果启用了限流头部if (!options.DisableRateLimitHeaders){ var headers _processor.GetRateLimitHeaders(context.HttpContext, identity, options);context.HttpContext.Response.OnStarting(SetRateLimitHeaders, state: headers);} //进入下一个中间件await _next.Invoke(context);} public virtual ClientRequestIdentity SetIdentity(HttpContext httpContext, RateLimitOptions option) { var clientId client; if (httpContext.Request.Headers.Keys.Contains(option.ClientIdHeader)){clientId httpContext.Request.Headers[option.ClientIdHeader].First();} return new ClientRequestIdentity(clientId,httpContext.Request.Path.ToString().ToLowerInvariant(),httpContext.Request.Method.ToLowerInvariant());} public bool IsWhitelisted(ClientRequestIdentity requestIdentity, RateLimitOptions option) { if (option.ClientWhitelist.Contains(requestIdentity.ClientId)){ return true;} return false;} public virtual void LogBlockedRequest(HttpContext httpContext, ClientRequestIdentity identity, RateLimitCounter counter, RateLimitRule rule, DownstreamReRoute downstreamReRoute) {Logger.LogInformation( $Request {identity.HttpVerb}:{identity.Path} from ClientId {identity.ClientId} has been blocked, quota {rule.Limit}/{rule.Period} exceeded by {counter.TotalRequests}. Blocked by rule { downstreamReRoute.UpstreamPathTemplate.OriginalValue }, TraceIdentifier {httpContext.TraceIdentifier}.);} public virtual Task ReturnQuotaExceededResponse(HttpContext httpContext, RateLimitOptions option, string retryAfter) { var message string.IsNullOrEmpty(option.QuotaExceededMessage) ? $API calls quota exceeded! maximum admitted {option.RateLimitRule.Limit} per {option.RateLimitRule.Period}. : option.QuotaExceededMessage; if (!option.DisableRateLimitHeaders){httpContext.Response.Headers[Retry-After] retryAfter;}httpContext.Response.StatusCode option.HttpStatusCode; return httpContext.Response.WriteAsync(message);} private Task SetRateLimitHeaders(object rateLimitHeaders) { var headers (RateLimitHeaders)rateLimitHeaders;headers.Context.Response.Headers[X-Rate-Limit-Limit] headers.Limit;headers.Context.Response.Headers[X-Rate-Limit-Remaining] headers.Remaining;headers.Context.Response.Headers[X-Rate-Limit-Reset] headers.Reset; return Task.CompletedTask;}}通过源码解析发现实现一个限流还是很简单的吗再进一步解析IRateLimitCounterHandler ClientRateLimitProcessor里的相关接口又是怎么实现的呢这时候我们就需要了解下.NETCORE 的运行原理其中ConfigureServices方法实现了依赖注入(DI)的配置。这时候我们看下Ocelot是在哪里进行注入的呢services.AddOcelot()是不是印象深刻呢原来所有的注入信息都写在这里那么问题简单了CtrlF查找AddOcelot方法马上就能定位到ServiceCollectionExtensions方法然后再转到定义OcelotBuilderpublic static class ServiceCollectionExtensions{ public static IOcelotBuilder AddOcelot(this IServiceCollection services) { var service services.First(x x.ServiceType typeof(IConfiguration)); var configuration (IConfiguration)service.ImplementationInstance; return new OcelotBuilder(services, configuration);} public static IOcelotBuilder AddOcelot(this IServiceCollection services, IConfiguration configuration) { return new OcelotBuilder(services, configuration);}
}又摸到大动脉啦现在问题迎刃而解原来所有的注入都写在这里从这里可以找下我们熟悉的几个接口注入。public OcelotBuilder(IServiceCollection services, IConfiguration configurationRoot)
{Configuration configurationRoot;Services services;Services.ConfigureFileConfiguration(configurationRoot);Services.TryAddSingletonIOcelotCacheFileConfiguration, InMemoryCacheFileConfiguration();Services.TryAddSingletonIOcelotCacheCachedResponse, InMemoryCacheCachedResponse();Services.TryAddSingletonIHttpResponseHeaderReplacer, HttpResponseHeaderReplacer();Services.TryAddSingletonIHttpContextRequestHeaderReplacer, HttpContextRequestHeaderReplacer();Services.TryAddSingletonIHeaderFindAndReplaceCreator, HeaderFindAndReplaceCreator();Services.TryAddSingletonIInternalConfigurationCreator, FileInternalConfigurationCreator();Services.TryAddSingletonIInternalConfigurationRepository, InMemoryInternalConfigurationRepository();Services.TryAddSingletonIConfigurationValidator, FileConfigurationFluentValidator();Services.TryAddSingletonHostAndPortValidator();Services.TryAddSingletonIReRoutesCreator, ReRoutesCreator();Services.TryAddSingletonIAggregatesCreator, AggregatesCreator();Services.TryAddSingletonIReRouteKeyCreator, ReRouteKeyCreator();Services.TryAddSingletonIConfigurationCreator, ConfigurationCreator();Services.TryAddSingletonIDynamicsCreator, DynamicsCreator();Services.TryAddSingletonILoadBalancerOptionsCreator, LoadBalancerOptionsCreator();Services.TryAddSingletonReRouteFluentValidator();Services.TryAddSingletonFileGlobalConfigurationFluentValidator();Services.TryAddSingletonFileQoSOptionsFluentValidator();Services.TryAddSingletonIClaimsToThingCreator, ClaimsToThingCreator();Services.TryAddSingletonIAuthenticationOptionsCreator, AuthenticationOptionsCreator();Services.TryAddSingletonIUpstreamTemplatePatternCreator, UpstreamTemplatePatternCreator();Services.TryAddSingletonIRequestIdKeyCreator, RequestIdKeyCreator();Services.TryAddSingletonIServiceProviderConfigurationCreator,ServiceProviderConfigurationCreator();Services.TryAddSingletonIQoSOptionsCreator, QoSOptionsCreator();Services.TryAddSingletonIReRouteOptionsCreator, ReRouteOptionsCreator();Services.TryAddSingletonIRateLimitOptionsCreator, RateLimitOptionsCreator();Services.TryAddSingletonIBaseUrlFinder, BaseUrlFinder();Services.TryAddSingletonIRegionCreator, RegionCreator();Services.TryAddSingletonIFileConfigurationRepository, DiskFileConfigurationRepository();Services.TryAddSingletonIFileConfigurationSetter, FileAndInternalConfigurationSetter();Services.TryAddSingletonIServiceDiscoveryProviderFactory, ServiceDiscoveryProviderFactory();Services.TryAddSingletonILoadBalancerFactory, LoadBalancerFactory();Services.TryAddSingletonILoadBalancerHouse, LoadBalancerHouse();Services.TryAddSingletonIOcelotLoggerFactory, AspDotNetLoggerFactory();Services.TryAddSingletonIRemoveOutputHeaders, RemoveOutputHeaders();Services.TryAddSingletonIClaimToThingConfigurationParser, ClaimToThingConfigurationParser();Services.TryAddSingletonIClaimsAuthoriser, ClaimsAuthoriser();Services.TryAddSingletonIScopesAuthoriser, ScopesAuthoriser();Services.TryAddSingletonIAddClaimsToRequest, AddClaimsToRequest();Services.TryAddSingletonIAddHeadersToRequest, AddHeadersToRequest();Services.TryAddSingletonIAddQueriesToRequest, AddQueriesToRequest();Services.TryAddSingletonIClaimsParser, ClaimsParser();Services.TryAddSingletonIUrlPathToUrlTemplateMatcher, RegExUrlMatcher();Services.TryAddSingletonIPlaceholderNameAndValueFinder, UrlPathPlaceholderNameAndValueFinder();Services.TryAddSingletonIDownstreamPathPlaceholderReplacer, DownstreamTemplatePathPlaceholderReplacer();Services.TryAddSingletonIDownstreamRouteProvider, DownstreamRouteFinder();Services.TryAddSingletonIDownstreamRouteProvider, DownstreamRouteCreator();Services.TryAddSingletonIDownstreamRouteProviderFactory, DownstreamRouteProviderFactory();Services.TryAddSingletonIHttpRequester, HttpClientHttpRequester();Services.TryAddSingletonIHttpResponder, HttpContextResponder();Services.TryAddSingletonIErrorsToHttpStatusCodeMapper, ErrorsToHttpStatusCodeMapper();Services.TryAddSingletonIRateLimitCounterHandler, MemoryCacheRateLimitCounterHandler();Services.TryAddSingletonIHttpClientCache, MemoryHttpClientCache();Services.TryAddSingletonIRequestMapper, RequestMapper();Services.TryAddSingletonIHttpHandlerOptionsCreator, HttpHandlerOptionsCreator();Services.TryAddSingletonIDownstreamAddressesCreator, DownstreamAddressesCreator();Services.TryAddSingletonIDelegatingHandlerHandlerFactory, DelegatingHandlerHandlerFactory();Services.TryAddSingletonIHttpRequester, HttpClientHttpRequester();// see this for why we register this as singleton http://stackoverflow.com/questions/37371264/invalidoperationexception-unable-to-resolve-service-for-type-microsoft-aspnetc// could maybe use a scoped data repositoryServices.TryAddSingletonIHttpContextAccessor, HttpContextAccessor();Services.TryAddSingletonIRequestScopedDataRepository, HttpDataRepository();Services.AddMemoryCache();Services.TryAddSingletonOcelotDiagnosticListener();Services.TryAddSingletonIMultiplexer, Multiplexer();Services.TryAddSingletonIResponseAggregator, SimpleJsonResponseAggregator();Services.TryAddSingletonITracingHandlerFactory, TracingHandlerFactory();Services.TryAddSingletonIFileConfigurationPollerOptions, InMemoryFileConfigurationPollerOptions();Services.TryAddSingletonIAddHeadersToResponse, AddHeadersToResponse();Services.TryAddSingletonIPlaceholders, Placeholders();Services.TryAddSingletonIResponseAggregatorFactory, InMemoryResponseAggregatorFactory();Services.TryAddSingletonIDefinedAggregatorProvider, ServiceLocatorDefinedAggregatorProvider();Services.TryAddSingletonIDownstreamRequestCreator, DownstreamRequestCreator();Services.TryAddSingletonIFrameworkDescription, FrameworkDescription();Services.TryAddSingletonIQoSFactory, QoSFactory();Services.TryAddSingletonIExceptionToErrorMapper, HttpExeptionToErrorMapper();//add security this.AddSecurity();//add asp.net services..var assembly typeof(FileConfigurationController).GetTypeInfo().Assembly;Services.AddMvcCore().AddApplicationPart(assembly).AddControllersAsServices().AddAuthorization().AddJsonFormatters();Services.AddLogging();Services.AddMiddlewareAnalysis();Services.AddWebEncoders();
}至此Ocelot源码解析就到这里了其他的具体实现代码就根据流程一个一个查看即可这里就不详细讲解了因为我们已经掌握整个Ocelot代码的运行原理和实现方式及流程项目里其他的一大堆的代码都是围绕这个流程去一步一步实现的。有没有感觉添加一个中间件不是很复杂呢是不是都跃跃欲试准备尝试开发自己的自定义中间件啦本篇就不介绍中间件的具体开发流程了后续实战中会包含部分项目中需要用到的中间件到时候会详细讲解如何规划和开发一个满足自己项目需求的中间件。二、结合项目梳理功能在完整学习完Ocelot文档和源码后我们基本掌握了Ocelot目前已经实现的功能再结合我们实际项目需求我们梳理下还有哪些功能可能需要自己扩展实现。项目设计网关基本需求包括路由、认证、授权、限流、缓存仔细学习文档和源码后发现功能都已经存在那是不是我们就可以直接拿来使用呢这时候我们需要拿出一些复杂业务场景来对号入座看能否实现复杂场景的一些应用。1、授权能否为每一个客户端设置独立的访问权限如果客户端A可以访问服务A、服务B客户端B只能访问服务A从网关层面直接授权不满足需求不路由到具体服务。从文档和代码分析后发现暂时未实现。2、限流能否为每一个客户端设置不能限流规则例如客户端A为我们内容应用我希望对服务A不启用限流客户端B为第三方接入应用我需要B访问服务A访问进行单独限流30次/分钟看能否通过配置实现自定义限流。从文档和代码分析后发现暂时未实现。3、缓存通过代码发现目前缓存实现的只是Dictionary方式实现的缓存不能实现分布式结构的应用。通过分析我们发现列举的5个基本需求尽然有3个在我们实际项目应用中可能会存在问题如果不解决这些问题很难直接拿这个完美的网关项目应用到正式项目所以我们到通过扩展Ocelot方法来实现我们的目的。如何扩展呢为了满足我们项目应用的需要我们需要为每一个路由进行单独设置如果还采用配置文件的方式肯定无法满足需求且后续网关动态增加路由、授权、限流等无法控制所以我们需要把网关配置信息从配置文件中移到数据库中由数据库中的路由表、限流表、授权表等方式记录当前网关的应用且后续扩展直接在数据库中增加或减少相关配置然后动态更新网关配置实现网关的高可用。想一想是不是有点小激动原来只要稍微改造下宝骏瞬间变宝马那接下来的课程就是网关改造之旅我会从设计、思想、编码等方面讲解下如何实现我们的第一辆宝马。本系列文章我也是边想边写边实现如果发现中间有任何描述或实现不当的地方也请各位大神批评指正我会第一时间整理并修正避免让后续学习的人走弯路。相关文章AspNetCore中使用Ocelot之 IdentityServer4Ocelot-基于.NET Core的开源网关实现.NET Core微服务之基于OcelotIdentityServer实现统一验证与授权Swagger如何访问Ocelot中带权限验证的APIOcelot.JwtAuthorize一个基于网关的Jwt验证包.NET Core微服务之基于Ocelot实现API网关服务.NET Core微服务之基于Ocelot实现API网关服务续.NET微服务体系结构中为什么使用Ocelot实现API网关Ocelot简易教程一之Ocelot是什么Ocelot简易教程二之快速开始1Ocelot简易教程二之快速开始2Ocelot简易教程三之主要特性及路由详解Ocelot简易教程四之请求聚合以及服务发现Ocelot简易教程五之集成IdentityServer认证以及授权Ocelot简易教程六之重写配置文件存储方式并优化响应数据Ocelot简易教程七之配置文件数据库存储插件源码解析ASP.NET Core中Ocelot的使用API网关的应用ASP.NET Core中Ocelot的使用基于Spring Cloud Netflix Eureka的动态路由ASP.NET Core中Ocelot的使用基于服务发现的负载均衡原文地址: https://www.cnblogs.com/jackcao/p/9937213.html.NET社区新闻深度好文欢迎访问公众号文章汇总 http://www.csharpkit.com
