wangjx
/
sentinel
Obserwuj 1
Polub 0
Forkuj 0
Kod Zgłoszenia 0 Oczekujące zmiany 0 Wydania 0 Wiki Aktywność
seninel部署
Nie możesz wybrać więcej, niż 25 tematów Tematy muszą się zaczynać od litery lub cyfry, mogą zawierać myślniki ('-') i mogą mieć do 35 znaków.
536 Commity
1 Gałąź
7.5MB
Drzewo: 09970cd380
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '09970cd380'
${ noResults }
sentinel/sentinel-cluster/sentinel-cluster-server-env.../README.md

README.md 2.4KB
Czysty Zwykły widok Historia

Add Sentinel Envoy RLS server implementation (#1139) * Add the sentinel-cluster-server-envoy-rls module, a Envoy RLS server implementation using Sentinel token server. Signed-off-by: Eric Zhao <sczyh16@gmail.com>
5 lat temu
Add Docker/k8s sample for Sentinel RLS token server and update document Signed-off-by: Eric Zhao <sczyh16@gmail.com>
5 lat temu
 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. # Sentinel Token Server (Envoy RLS implementation)

  2. 

  3. This module provides the [Envoy rate limiting gRPC service](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/other_features/global_rate_limiting#arch-overview-rate-limit) implementation

  4. with Sentinel token server.

  5. 

  6. > Note: the gRPC stub classes for Envoy RLS service is generated via `protobuf-maven-plugin` during the `compile` goal.

  7. > The generated classes is located in the directory: `target/generated-sources/protobuf`.

  8. 

  9. ## Build

  10. 

  11. Build the executable jar:

  12. 

  13. ```bash

  14. mvn clean package -P prod

  15. ```

  16. 

  17. ## Rule configuration

  18. 

  19. Currently Sentinel RLS token server supports dynamic rule configuration via the yaml file.

  20. The file may provide rules for one *domain* (defined in Envoy's conf file).

  21. In Envoy, one rate limit request might carry multiple *rate limit descriptors*

  22. (which will be generated from [Envoy rate limit actions](https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/route/route.proto#envoy-api-msg-route-ratelimit)).

  23. One rate limit descriptor may have multiple entries (key-value pair).

  24. We may set different threshold for each rate limit descriptors.

  25. 

  26. A sample rule configuration file:

  27. 

  28. ```yaml

  29. domain: foo

  30. descriptors:

  31.   - resources:

  32.     - key: "destination_cluster"

  33.       value: "service_httpbin"

  34.     count: 1

  35. ```

  36. 

  37. This rule only takes effect for domain `foo`. It will limit the max QPS to 1 for

  38. all requests targeted to the `service_httpbin` cluster.

  39. 

  40. We need to provide the path to yaml file via the `SENTINEL_RLS_RULE_FILE_PATH` env

  41. (or `-Dcsp.sentinel.rls.rule.file` opts). Then as soon as the content in the rule file has been changed,

  42. Sentinel will reload the new rules from the file to the `EnvoyRlsRuleManager`.

  43. 

  44. We may check the logs in `~/logs/csp/sentinel-record.log.xxx` to see whether the rules has been loaded.

  45. We may also retrieve the converted `FlowRule` via the command API `localhost:8719/cluster/server/flowRules`.

  46. 

  47. ## Configuration items

  48. 

  49. The configuration list:

  50. 

  51. | Item (env) | Item (JVM property) | Description | Default Value | Required |

  52. |--------|--------|--------|--------|--------|

  53. | `SENTINEL_RLS_GRPC_PORT` | `csp.sentinel.grpc.server.port` | The RLS gRPC server port | **10240** | false |

  54. | `SENTINEL_RLS_RULE_FILE_PATH` | `csp.sentinel.rls.rule.file` | The path of the RLS rule yaml file | - | **true** |

  55. | `SENTINEL_RLS_ACCESS_LOG` | - | Whether to enable the access log (`on` for enable) | off | false |

  56. 

  57. ## Samples

  58. 

  59. - [Kubernetes sample](./sample/k8s)