配置方式实现SpringCloudGateway相关功能
- [Spring Cloud Gateway 核心功能与实战实现指南](#Spring Cloud Gateway 核心功能与实战实现指南)
-
- 一、核心功能架构
- 二、六大核心功能实现
-
- [1. 动态路由配置](#1. 动态路由配置)
- [2. 断言(Predicate)配置](#2. 断言(Predicate)配置)
- [3. 过滤器(Filter)配置](#3. 过滤器(Filter)配置)
- [4. 负载均衡配置](#4. 负载均衡配置)
- [5. 熔断降级配置](#5. 熔断降级配置)
- [6. 限流配置](#6. 限流配置)
- 三、高级配置技巧
-
- [1. 跨域配置](#1. 跨域配置)
- [2. 重试机制](#2. 重试机制)
- [3. 请求/响应修改](#3. 请求/响应修改)
- 四、监控与调试
-
- [1. Actuator端点配置](#1. Actuator端点配置)
- [2. 日志记录配置](#2. 日志记录配置)
- 五、安全最佳实践
-
- [1. JWT验证过滤器](#1. JWT验证过滤器)
- [2. 敏感头过滤](#2. 敏感头过滤)
- 关联知识
Spring Cloud Gateway 核心功能与实战实现指南
一、核心功能架构
客户端请求 路由匹配 过滤器链 负载均衡 服务实例
二、六大核心功能实现
1. 动态路由配置
application.yml 配置示例:
yaml
spring:
cloud:
gateway:
routes:
▪ id: user-service
uri: lb://user-service # 服务注册中心名称
predicates:
▪ Path=/api/users/**
filters:
▪ StripPrefix=1 # 去掉/api前缀代码增强(Java DSL方式):
java
@Bean
public RouteLocator customRouteLocator(RouteLocatorBuilder builder) {
return builder.routes()
.route("auth-service", r -> r.path("/auth/**")
.filters(f -> f.rewritePath("/auth/(?<segment>.*)", "/${segment}"))
.uri("lb://auth-service"))
.build();
}2. 断言(Predicate)配置
常用断言类型:
yaml
routes:
• id: time-route
uri: http://example.org
predicates:
◦ After=2023-01-20T17:42:47.789-07:00[America/Denver] # 时间断言
◦ Header=X-Request-Id, \d+ # 请求头正则匹配
◦ Method=GET,POST # HTTP方法
◦ Query=name, .+ # 查询参数自定义断言实现:
java
public class CustomPredicate implements RoutePredicateFactory<Config> {
@Override
public Predicate<ServerWebExchange> apply(Config config) {
return exchange -> {
// 实现自定义逻辑
return exchange.getRequest().getHeaders().containsKey("X-Special");
};
}
}3. 过滤器(Filter)配置
内置过滤器示例:
yaml
filters:
• AddRequestHeader=X-Request-color, blue # 添加请求头
• AddResponseHeader=X-Response-Rate, 1000 # 添加响应头
• Retry=3 # 重试机制
• CircuitBreaker=myCircuitBreaker # 熔断器自定义全局过滤器:
java
@Component
public class AuthFilter implements GlobalFilter, Ordered {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
String token = exchange.getRequest().getHeaders().getFirst("Authorization");
if(!validateToken(token)){
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();
}
return chain.filter(exchange);
}
@Override
public int getOrder() {
return -1; // 执行顺序
}
}4. 负载均衡配置
自动集成负载均衡:
yaml
spring:
cloud:
loadbalancer:
ribbon:
enabled: true
gateway:
routes:
▪ id: product-service
uri: lb://product-service # lb://表示启用负载均衡
predicates:
▪ Path=/products/**5. 熔断降级配置
Resilience4J熔断配置:
yaml
spring:
cloud:
gateway:
routes:
▪ id: inventory-service
uri: lb://inventory-service
predicates:
▪ Path=/inventory/**
filters:
▪ name: CircuitBreaker
args:
name: inventoryCB
fallbackUri: forward:/fallback/inventory
statusCodes: 500,503Fallback控制器:
java
@RestController
public class FallbackController {
@GetMapping("/fallback/inventory")
public Mono<Map<String, Object>> inventoryFallback() {
return Mono.just(Map.of(
"status", 503,
"message", "服务暂时不可用",
"timestamp", Instant.now()
));
}
}6. 限流配置
Redis令牌桶限流:
yaml
spring:
redis:
host: localhost
cloud:
gateway:
routes:
▪ id: order-service
uri: lb://order-service
predicates:
▪ Path=/orders/**
filters:
▪ name: RequestRateLimiter
args:
redis-rate-limiter.replenishRate: 10 # 每秒10个令牌
redis-rate-limiter.burstCapacity: 20 # 桶容量
key-resolver: "#{@userKeyResolver}" # SpEL表达式Key解析器实现:
java
@Bean
KeyResolver userKeyResolver() {
return exchange -> Mono.just(
exchange.getRequest().getQueryParams().getFirst("userId")
);
}三、高级配置技巧
1. 跨域配置
yaml
spring:
cloud:
gateway:
globalcors:
cors-configurations:
'[/**]':
allowedOrigins: "*"
allowedMethods:
▪ GET
▪ POST
▪ PUT
allowedHeaders:
▪ Content-Type2. 重试机制
yaml
filters:
• name: Retry
args:
retries: 3
statuses: BAD_GATEWAY,INTERNAL_SERVER_ERROR
methods: GET,POST
backoff:
firstBackoff: 10ms
maxBackoff: 100ms
factor: 23. 请求/响应修改
yaml
filters:
• RewritePath=/api/v1/(?<segment>.*), /$\{segment} # 路径重写
• SetRequestHeader=X-Request-From, Gateway # 设置请求头
• RemoveResponseHeader=Server # 移除响应头四、监控与调试
1. Actuator端点配置
yaml
management:
endpoints:
web:
exposure:
include: gateway
endpoint:
gateway:
enabled: true访问端点:
/actuator/gateway/routes- 查看所有路由/actuator/gateway/globalfilters- 查看全局过滤器/actuator/gateway/routefilters- 查看路由过滤器
2. 日志记录配置
yaml
logging:
level:
org.springframework.cloud.gateway: DEBUG
reactor.netty.http.client: DEBUG五、安全最佳实践
1. JWT验证过滤器
java
public class JwtFilter implements GlobalFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
String token = exchange.getRequest().getHeaders().getFirst("Authorization");
if (token != null && JwtUtil.validateToken(token)) {
String username = JwtUtil.getUsernameFromToken(token);
exchange.getRequest().mutate()
.header("X-User-Name", username)
.build();
return chain.filter(exchange);
}
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();
}
}2. 敏感头过滤
yaml
spring:
cloud:
gateway:
default-filters:
▪ RemoveRequestHeader=Cookie,Set-Cookie # 禁止传递Cookie通过以上配置和代码示例,您可以快速搭建具备完整功能的API网关。建议根据实际业务需求组合不同的路由策略和过滤器链。