Redis+Lua脚本+AOP+自定义注解自定义基础限流组件
背景
项目中很多接口是有防重防刷要求的,比如下单啊、支付啊这种,如果用户频繁的点,后端没做好保护的话,很容易出问题
市面上有主流的一体化解决方案,比如 resilience4j啊,比如 Sentinel,但是有些公司有要求不允许引入这些第三方库,又该如何应对呢
限流组件设计目标
Redis+Lua脚本+AOP+反射+自定义注解,打造基础架构限流组件,对于限流组件的设计,总体要求是:
可配置:也就是规定时间内,可以随意调整时间和次数
可插拔:就像上面那个注解,接口加了注解自带限流功能,不加注解没有限流
可通用:不能业务代码耦合,可独立模块,供其它团队使用
高可用:高并发下实时起效
环境搭建
这里使用 SpringBoot3+Redis 快速搭建项目骨架
xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.3.0</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example.springbootV3</groupId>
<artifactId>springbootV3</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springbootV3</name>
<properties>
<java.version>17</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>3.1.3</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
采购 AOP 注解形式(如下注解表示10s内最多支持3次访问,到了3次后开启限流,过完本次10s后才解封放开,可以重新访问)
java
@RestController
@RequestMapping("/limit")
public class RedisLimitController {
@GetMapping("/redis/test")
@RedisLimitAnnotation(key = "redisLimit", permitsPerSecond = 3, expire = 10, msg = "当前访问人数较多,请稍后重试")
public String redisLimit() {
return "正常业务返回," + UUID.randomUUID().toString();
}
}
yaml
spring.data.redis.database=0
spring.data.redis.host=192.168.133.128
spring.data.redis.port=6379
spring.data.redis.password=123456
spring.data.redis.lettuce.pool.max-active=8
spring.data.redis.lettuce.pool.max-wait=-1ms
spring.data.redis.lettuce.pool.max-idle=8
spring.data.redis.lettuce.pool.min-idle=0
java
@Configuration
public class RedisConfig {
@Bean
public RedisTemplate<String, Object> redisTemplate(LettuceConnectionFactory lettuceConnectionFactory) {
RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
redisTemplate.setConnectionFactory(lettuceConnectionFactory);
redisTemplate.setKeySerializer(new StringRedisSerializer());
redisTemplate.setValueSerializer(new GenericJackson2JsonRedisSerializer());
redisTemplate.setHashKeySerializer(new StringRedisSerializer());
redisTemplate.setHashValueSerializer(new GenericJackson2JsonRedisSerializer());
redisTemplate.afterPropertiesSet();
return redisTemplate;
}
}
接下来主要就是 @RedisLimitAnnotation 注解及切面的设计开发了
注解及切面
java
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
@Documented
public @interface RedisLimitAnnotation {
// 资源 key,唯一
String key() default "";
// 最多的访问次数限制
long permitsPerSecond() default 3;
// 过期时间,单位秒默认30s
long expire() default 30;
// 默认提示
String msg() default "你点击太快,请稍后再搞.";
}
java
@Slf4j
@Aspect
@Component
public class RdisLimitAspect {
Object result = null;
@Resource
private StringRedisTemplate stringRedisTemplate;
private DefaultRedisScript<Long> redisScript;
@PostConstruct
public void init(){
redisScript = new DefaultRedisScript<>();
redisScript.setResultType(Long.class);
redisScript.setScriptSource(new ResourceScriptSource(new ClassPathResource("rateLimiter.lua")));
}
@Around("@annotation(com.example.demo.annotation.RedisLimitAnnotation)")
public Object around(ProceedingJoinPoint pjg) {
System.out.println("环绕通知开始..");
MethodSignature signature = (MethodSignature) pjg.getSignature();
Method method = signature.getMethod();
RedisLimitAnnotation annotation = method.getAnnotation(RedisLimitAnnotation.class);
if (annotation != null) {
String key = annotation.key(); // 获取 redis的 key
String className = method.getDeclaringClass().getName();
String methodName = method.getName();
String limitKey = key + "\t" + className + "\t" + methodName;
log.info(limitKey);
if (key == null) {
throw new RuntimeException("limitkey can not be null");
}
long permitsPerSecond = annotation.permitsPerSecond();
long expire = annotation.expire();
List<String> keys = new ArrayList<>();
keys.add(key);
Long count = stringRedisTemplate.execute(redisScript, keys, String.valueOf(permitsPerSecond), String.valueOf(expire));
if (count != null && count == 0) {
System.out.println("气东送限流功能key:" + key);
return annotation.msg();
}
}
try {
result = pjg.proceed();
} catch (Throwable throwable) {
throw new RuntimeException(throwable);
}
System.out.println("环绕通知结束..");
return result;
}
}
最后是 Lua 脚本
lua
local key = KEYS[1]
local limit = tonumber(ARGV[1])
local currentLimit = tonumber(redis.call('get', key) or "0")
if currentLimit + 1 > limit
then return 0
else
redis.call('INCRBY', key, 1)
redis.call('EXPIRE', key, ARGV[2])
return currentLimit + 1
end
最后效果如下