diff --git a/Dockerfile b/Dockerfile index 75ae3bd..dab850d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,5 +20,5 @@ RUN mkdir -p /logs /app/resource/log/run /app/resource/log/server EXPOSE 8000 -# 使用root用户运行(避免权限问题) +# 前台运行(确保容器不会立即退出) CMD ["./main"] diff --git a/config-dev.yml b/config-dev.yml new file mode 100644 index 0000000..2d4109c --- /dev/null +++ b/config-dev.yml @@ -0,0 +1,166 @@ +server: + address : ":8000" + name: "gateway" +rate: + limit: 800 + burst: 2000 + # IP限流配置 + ip: + limit: 100 # IP限流: 100 req/s + burst: 200 # IP突发: 200 + # 用户限流配置 + user: + limit: 50 # 已登录用户: 50 req/s + burst: 100 # 已登录用户突发: 100 + # 服务维度限流配置 + services: + # 高频业务服务 - 需要更高配置 + customerService: + limit: 500 # 客服服务: 500 req/s (高频对话) + burst: 700 # 突发: 700 + order: + limit: 450 # 订单服务: 450 req/s (高频交易) + burst: 600 # 突发: 600 + assets: + limit: 400 # 资产服务: 400 req/s (高频访问) + burst: 600 # 突发: 600 (有Stream削峰) + cid: + limit: 350 # 证书服务: 350 req/s (高频证书请求) + burst: 500 # 突发: 500 + + # 中频基础服务 + oss: + limit: 300 # 文件服务: 300 req/s (通用文件上传,可能被多个服务调用) + burst: 450 # 突发: 450 + + # 低频业务服务 + wallet: + limit: 120 # 钱包服务: 120 req/s (低频转账) + burst: 200 # 突发: 200 + market: + limit: 100 # 市场服务: 100 req/s (低频交易) + burst: 180 # 突发: 180 + knapsack: + limit: 80 # 背包服务: 80 req/s (低频功能) + burst: 150 # 突发: 150 + +# 熔断器配置 - 每个服务独立配置 +circuitBreaker: + # 高频业务服务 - 更严格的熔断策略 + customerService: + enabled: true # 是否启用熔断器 + maxFailures: 5 # 连续失败5次触发熔断 + timeout: 30s # 30秒后尝试恢复 + successStatusCodes: 200,201,204 # 视为成功的HTTP状态码 + slowRequestThreshold: 3s # 慢请求阈值(超过此时间视为失败) + enableSlidingWindow: true # 是否启用滑动窗口 + failureRateThreshold: 0.5 # 失败率阈值(0.0-1.0) + enableFallback: false # 是否启用降级 + fallbackMessage: "" # 降级提示消息 + requestTimeout: 30000 # 请求超时时间(毫秒),0表示不设置 + distributedTTL: 300 # 分布式熔断状态TTL(秒),0表示不启用分布式熔断 + statIntervalMs: 1000 # 统计窗口时长(毫秒),默认1000ms + minRequestAmount: 5 # 最小请求数量,默认与maxFailures相同 + order: + enabled: true + maxFailures: 3 # 订单服务更敏感 + timeout: 60s # 60秒后尝试恢复 + successStatusCodes: 200,201,204 + slowRequestThreshold: 2s # 订单服务要求更快的响应 + enableSlidingWindow: true + failureRateThreshold: 0.6 # 订单服务对失败率更敏感 + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 300 + assets: + enabled: true + maxFailures: 10 # 资产服务更宽松 + timeout: 60s + successStatusCodes: 200,201,204 + slowRequestThreshold: 5s # 资产服务可能较慢,给更多时间 + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + cid: + enabled: true + maxFailures: 8 + timeout: 45s + successStatusCodes: 200,201,204 + slowRequestThreshold: 3s + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + + # 中频基础服务 + oss: + enabled: true + maxFailures: 15 + timeout: 120s + successStatusCodes: 200,201,204 + slowRequestThreshold: 10s # 文件上传可能较慢 + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 60000 # 文件服务可能需要更长时间 + distributedTTL: 0 + + # 低频业务服务 - 最宽松的熔断策略 + wallet: + enabled: true + maxFailures: 5 + timeout: 120s # 2分钟 + successStatusCodes: 200,201,204 + slowRequestThreshold: 5s + enableSlidingWindow: false + enableFallback: true # 启用降级 + fallbackMessage: "钱包服务暂时繁忙,请稍后再试" # 降级提示消息 + requestTimeout: 30000 + distributedTTL: 300 # 钱包服务启用分布式熔断 + adminIPs: "127.0.0.1,116.204.74.41" # 允许重置熔断器的管理员IP列表(逗号分隔) + market: + enabled: true + maxFailures: 5 + timeout: 90s + successStatusCodes: 200,201,204 + slowRequestThreshold: 3s + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + knapsack: + enabled: false # 背包服务暂时不启用熔断 + maxFailures: 5 + timeout: 90s + successStatusCodes: 200,201,204 + slowRequestThreshold: 3s + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + +redis: + # 集群模式配置方法 + default: + address: 116.204.74.41:6379 + db: 0 + idleTimeout: "60s" #连接最大空闲时间,使用时间字符串例如30s/1m/1d + maxConnLifetime: "90s" #连接最长存活时间,使用时间字符串例如30s/1m/1d + waitTimeout: "60s" #等待连接池连接的超时时间,使用时间字符串例如30s/1m/1d + dialTimeout: "30s" #TCP连接的超时时间,使用时间字符串例如30s/1m/1d + readTimeout: "30s" #TCP的Read操作超时时间,使用时间字符串例如30s/1m/1d + writeTimeout: "30s" #TCP的Write操作超时时间,使用时间字符串例如30s/1m/1d + maxActive: 100 +consul: + address: 116.204.74.41:8500 + services: + - name: customerService + - name: test111 +jaeger: #链路追踪 + addr: 116.204.74.41:4318 diff --git a/config-master.yml b/config-master.yml new file mode 100644 index 0000000..b52a335 --- /dev/null +++ b/config-master.yml @@ -0,0 +1,166 @@ +server: + address : ":8000" + name: "gateway" +rate: + limit: 800 + burst: 2000 + # IP限流配置 + ip: + limit: 100 # IP限流: 100 req/s + burst: 200 # IP突发: 200 + # 用户限流配置 + user: + limit: 50 # 已登录用户: 50 req/s + burst: 100 # 已登录用户突发: 100 + # 服务维度限流配置 + services: + # 高频业务服务 - 需要更高配置 + customerService: + limit: 500 # 客服服务: 500 req/s (高频对话) + burst: 700 # 突发: 700 + order: + limit: 450 # 订单服务: 450 req/s (高频交易) + burst: 600 # 突发: 600 + assets: + limit: 400 # 资产服务: 400 req/s (高频访问) + burst: 600 # 突发: 600 (有Stream削峰) + cid: + limit: 350 # 证书服务: 350 req/s (高频证书请求) + burst: 500 # 突发: 500 + + # 中频基础服务 + oss: + limit: 300 # 文件服务: 300 req/s (通用文件上传,可能被多个服务调用) + burst: 450 # 突发: 450 + + # 低频业务服务 + wallet: + limit: 120 # 钱包服务: 120 req/s (低频转账) + burst: 200 # 突发: 200 + market: + limit: 100 # 市场服务: 100 req/s (低频交易) + burst: 180 # 突发: 180 + knapsack: + limit: 80 # 背包服务: 80 req/s (低频功能) + burst: 150 # 突发: 150 + +# 熔断器配置 - 每个服务独立配置 +circuitBreaker: + # 高频业务服务 - 更严格的熔断策略 + customerService: + enabled: true # 是否启用熔断器 + maxFailures: 5 # 连续失败5次触发熔断 + timeout: 30s # 30秒后尝试恢复 + successStatusCodes: 200,201,204 # 视为成功的HTTP状态码 + slowRequestThreshold: 3s # 慢请求阈值(超过此时间视为失败) + enableSlidingWindow: true # 是否启用滑动窗口 + failureRateThreshold: 0.5 # 失败率阈值(0.0-1.0) + enableFallback: false # 是否启用降级 + fallbackMessage: "" # 降级提示消息 + requestTimeout: 30000 # 请求超时时间(毫秒),0表示不设置 + distributedTTL: 300 # 分布式熔断状态TTL(秒),0表示不启用分布式熔断 + statIntervalMs: 1000 # 统计窗口时长(毫秒),默认1000ms + minRequestAmount: 5 # 最小请求数量,默认与maxFailures相同 + order: + enabled: true + maxFailures: 3 # 订单服务更敏感 + timeout: 60s # 60秒后尝试恢复 + successStatusCodes: 200,201,204 + slowRequestThreshold: 2s # 订单服务要求更快的响应 + enableSlidingWindow: true + failureRateThreshold: 0.6 # 订单服务对失败率更敏感 + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 300 + assets: + enabled: true + maxFailures: 10 # 资产服务更宽松 + timeout: 60s + successStatusCodes: 200,201,204 + slowRequestThreshold: 5s # 资产服务可能较慢,给更多时间 + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + cid: + enabled: true + maxFailures: 8 + timeout: 45s + successStatusCodes: 200,201,204 + slowRequestThreshold: 3s + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + + # 中频基础服务 + oss: + enabled: true + maxFailures: 15 + timeout: 120s + successStatusCodes: 200,201,204 + slowRequestThreshold: 10s # 文件上传可能较慢 + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 60000 # 文件服务可能需要更长时间 + distributedTTL: 0 + + # 低频业务服务 - 最宽松的熔断策略 + wallet: + enabled: true + maxFailures: 5 + timeout: 120s # 2分钟 + successStatusCodes: 200,201,204 + slowRequestThreshold: 5s + enableSlidingWindow: false + enableFallback: true # 启用降级 + fallbackMessage: "钱包服务暂时繁忙,请稍后再试" # 降级提示消息 + requestTimeout: 30000 + distributedTTL: 300 # 钱包服务启用分布式熔断 + adminIPs: "127.0.0.1,192.168.0.169" # 允许重置熔断器的管理员IP列表(逗号分隔) + market: + enabled: true + maxFailures: 5 + timeout: 90s + successStatusCodes: 200,201,204 + slowRequestThreshold: 3s + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + knapsack: + enabled: false # 背包服务暂时不启用熔断 + maxFailures: 5 + timeout: 90s + successStatusCodes: 200,201,204 + slowRequestThreshold: 3s + enableSlidingWindow: false + enableFallback: false + fallbackMessage: "" + requestTimeout: 30000 + distributedTTL: 0 + +redis: + # 集群模式配置方法 + default: + address: 192.168.0.169:6379 + db: 0 + idleTimeout: "60s" #连接最大空闲时间,使用时间字符串例如30s/1m/1d + maxConnLifetime: "90s" #连接最长存活时间,使用时间字符串例如30s/1m/1d + waitTimeout: "60s" #等待连接池连接的超时时间,使用时间字符串例如30s/1m/1d + dialTimeout: "30s" #TCP连接的超时时间,使用时间字符串例如30s/1m/1d + readTimeout: "30s" #TCP的Read操作超时时间,使用时间字符串例如30s/1m/1d + writeTimeout: "30s" #TCP的Write操作超时时间,使用时间字符串例如30s/1m/1d + maxActive: 100 +consul: + address: 192.168.0.169:8500 + services: + - name: customerService + - name: test111 +jaeger: #链路追踪 + addr: 192.168.0.169:4318 diff --git a/config.yml b/config.yml index b52a335..2d4109c 100644 --- a/config.yml +++ b/config.yml @@ -121,7 +121,7 @@ circuitBreaker: fallbackMessage: "钱包服务暂时繁忙,请稍后再试" # 降级提示消息 requestTimeout: 30000 distributedTTL: 300 # 钱包服务启用分布式熔断 - adminIPs: "127.0.0.1,192.168.0.169" # 允许重置熔断器的管理员IP列表(逗号分隔) + adminIPs: "127.0.0.1,116.204.74.41" # 允许重置熔断器的管理员IP列表(逗号分隔) market: enabled: true maxFailures: 5 @@ -148,7 +148,7 @@ circuitBreaker: redis: # 集群模式配置方法 default: - address: 192.168.0.169:6379 + address: 116.204.74.41:6379 db: 0 idleTimeout: "60s" #连接最大空闲时间,使用时间字符串例如30s/1m/1d maxConnLifetime: "90s" #连接最长存活时间,使用时间字符串例如30s/1m/1d @@ -158,9 +158,9 @@ redis: writeTimeout: "30s" #TCP的Write操作超时时间,使用时间字符串例如30s/1m/1d maxActive: 100 consul: - address: 192.168.0.169:8500 + address: 116.204.74.41:8500 services: - name: customerService - name: test111 jaeger: #链路追踪 - addr: 192.168.0.169:4318 + addr: 116.204.74.41:4318 diff --git a/gateway_binary b/gateway_binary index 599bed1..fee58f1 100755 Binary files a/gateway_binary and b/gateway_binary differ diff --git a/go.mod b/go.mod index c04aab9..4e8a526 100644 --- a/go.mod +++ b/go.mod @@ -25,6 +25,7 @@ require ( github.com/emirpasic/gods/v2 v2.0.0-alpha // indirect github.com/fatih/color v1.18.0 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect + github.com/go-ego/gse v1.0.2 // indirect github.com/go-logr/logr v1.4.3 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.2.4 // indirect @@ -72,6 +73,7 @@ require ( github.com/tiger1103/gfast-token v1.0.10 // indirect github.com/tklauser/go-sysconf v0.3.6 // indirect github.com/tklauser/numcpus v0.2.2 // indirect + github.com/vcaesar/cedar v0.30.0 // indirect go.mongodb.org/mongo-driver/v2 v2.4.0 // indirect go.opencensus.io v0.23.0 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect diff --git a/go.sum b/go.sum index 6cf82b0..42f8eb5 100644 --- a/go.sum +++ b/go.sum @@ -100,6 +100,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-ego/gse v1.0.2 h1:+27lYFPhQEhA9igtdOsJPRKYL/k3TwYsxBF5jr6KFv4= +github.com/go-ego/gse v1.0.2/go.mod h1:Fy35G+q7VV7Et1zIKO8o/sW1kkugV3znXap/lF/11zc= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o= @@ -452,6 +454,10 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1 github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/vcaesar/cedar v0.30.0 h1:9fSDpM7FTjjUdPiBUUa0MWYMRGSEcqgFXvppZcZ4d7Y= +github.com/vcaesar/cedar v0.30.0/go.mod h1:lyuGvALuZZDPNXwpzv/9LyxW+8Y6faN7zauFezNsnik= +github.com/vcaesar/tt v0.20.1 h1:D/jUeeVCNbq3ad8M7hhtB3J9x5RZ6I1n1eZ0BJp7M+4= +github.com/vcaesar/tt v0.20.1/go.mod h1:cH2+AwGAJm19Wa6xvEa+0r+sXDJBT0QgNQey6mwqLeU= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=