SpringCloud09: Zuul routing gateway

1. What is Zuul

Zull includes two main functions: Request Routing (for jump) and filtering:

The routing function is responsible for forwarding external requests to specific micro service instances, which is the basis for realizing the unified entrance of external access, while the filter function is responsible for intervening in the processing process of requests, which is the basis for realizing request verification, service aggregation and other functions. Zuul and Eureka integrate, register zuul as an application under Eureka service governance, and obtain messages of other services from Eureka, that is, access to micro services in the future is obtained through zuul jump.

Note: Zuul service will eventually register with Eureka

It provides three functions: agent + routing + filtering!

What can Zuul do?

  • route
  • filter

Official documents: https://github.com/Netflix/zuul/

2. Introductory case

Create a new sub model: springcould-zuul-9527

The microservices we create to implement zuul are the same as the services provided by other service providers. The routing service provided by the zuul module is used as a registration service in the registry. Therefore, we need eureka's dependency. To use zuul, we naturally need zuul's dependency

<dependencies>
    <!--zuul rely on-->
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-netflix-zuul</artifactId>
    </dependency>
    <!--eureka Service provider dependency-->
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
    </dependency>
</dependencies>

Write a configuration file and register the microservice in the registry as a program provided by a service provider, so its configuration should be similar to that of the previous service provider model

#Service running port
server:
  port: 9527
#The service name used when this micro service is registered in the registry
spring:
  application:
    name: springcould-zuul-getway
#Set which registries this service should register with
eureka:
  client:
    service-url:
      defaultZone: http://eureka7001.com:7001/eureka/,http://eureka7002.com:7002/eureka/,http://eureka7003.com:7003/eureka/
  #Set the data displayed by the description information of the service registered in the registry
  instance:
    instance-id: springcould-zuul-9002 #Configure the description of the registered service
    prefer-ip-address: true #Set the hyperlink corresponding to the description information to IP format instead of host name format

#Improve the display of monitoring information
info:
  app.name: zuul-getway Routing Gateway  #Name of the service
  company.name: com.godfrey

For convenience, we add a mapping name of the local computer address to the HOSTS file

127.0.0.1 www.godfrey.com

Write the main startup class / entry program

@SpringBootApplication
@EnableZuulProxy    //Start zuul service agent. The function of this annotation is similar to that of the annotation @ EnableEurekaClient that needs to be written to register with the eureka registry service. You can start eureka service registration discovery, otherwise the services provided by this model cannot be scanned by the eureka registry
public class ZuulApplication_9527 {
    public static void main(String[] args) {
        SpringApplication.run(ZuulApplication_9527.class,args);
    }
}

Test and start the registry, service provider and zuul module in sequence

Direct access to service API s provided by service providers

Access through gateway: host name: zuul port number / lowercase service name, service provider API

Use zuul to hide the name of the service registered by the service provider that actually provides the service

The way to hide / map the microservice name is to configure it in the configuration file

zuul:
  routes:
    mydept.serviceId: springcould-provider-dept #Microservice name, key
    mydept.path: /mydept/** #Instead of the path variable of the microservice name, that is, all requests under "host name: port number / mydept /" are processed in the service springcould provider Dept of the registry

At this time, we use the zuul module to enable consumers to consume the services provided by the service provider, and the name of the service registered by the service provider in the registry does not appear in the URL, which further improves the security

However, one thing is that changing the path variable back to the original service name can still realize the consumption of services, which is obviously not what we need. Our real demand should be that after I define the path value for the access of this service in zuul, the original way of using the service name to consume services should be invalid, otherwise the significance / security of setting the path variable will be greatly reduced

Implementation method, or zuul configuration in the configuration file

zuul:
  routes:
    mydept.serviceId: springcould-provider-dept #Microservice name, key
    mydept.path: /mydept/** #Instead of the path variable of the microservice name, that is, all requests under "host name: port number / mydept /" are processed in the service springcould provider Dept of the registry
  ignored-services: springcould-provider-dept #Set that you can no longer use the service name registered in the registry of this micro service in zuul to consume this micro service

By invalidating the original service name and consuming the service, the purpose of hiding the service name of the registry is truly realized. This is the way to improve security and hide everything in our real project

However, in real development, we can't just hide a micro service like that in the above example, but we should hide the names of all micro services that improve consumption. However, we can't write a micro service and write the ignored services configuration in the configuration file, so we can use wildcards

In addition, we can also set different prefixes for each zuul module, and also use the configuration file to set the properties of zuul

zuul:
  routes:
    mydept.serviceId: springcould-provider-dept #Microservice name, key
    mydept.path: /mydept/** #The path variable instead of the microservice name, that is, all requests under "host name: port number / mydept /" are processed in the service springcould provider dept in the registry, value
  #ignored-services: springcould-provider-dept #Set that you can no longer use the service name registered in the registry of this micro service in zuul to consume this micro service
  ignored-services: "*" #Hide the names of all consumable services
  prefix: /godfrey  #Set the access prefix of the route configured by this zuul module

In real development, we usually program the running port of this zuul module to 80, so we don't need to set the port number when consuming services through it, which is more like what we usually do

Summary

  • Routing can be realized by configuring the routes attribute of zuul module
  • Filtering can be realized by configuring the prefix attribute of zuul module
  • By configuring the ignored services attribute of zuul module, you can turn off the use of service name and improve the overall security by consuming services through zuul

Tags: Spring Cloud Microservices zuul

Posted by parag on Thu, 05 May 2022 00:38:03 +0300