wangjx
/
sentinel
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Activity
seninel部署
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
745 Commitit
1 Haara
7.5MB
Haara: master
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
sentinel/sentinel-cluster/sentinel-cluster-server-env...
Eric Zhao fca70646ad Bump version to 1.8.2-SNAPSHOT 3 vuotta sitten
..
sample/k8s Add Docker/k8s sample for Sentinel RLS token server and update document 5 vuotta sitten
src Optimize logging statements using placeholder (#1736) 4 vuotta sitten
Dockerfile Add Docker/k8s sample for Sentinel RLS token server and update document 5 vuotta sitten
README.md doc: Polish README.md of sentinel-cluster-server-envoy-rls module 4 vuotta sitten
pom.xml Bump version to 1.8.2-SNAPSHOT 3 vuotta sitten

README.md

Sentinel Token Server (Envoy RLS implementation)

This module provides the Envoy rate limiting gRPC service implementation with Sentinel token server.

Note: the gRPC stub classes for Envoy RLS service is generated via protobuf-maven-plugin during the compile goal. The generated classes is located in the directory: target/generated-sources/protobuf.

Build

Build the executable jar:

mvn clean package -P prod

Rule configuration

Sentinel RLS token server supports dynamic rule configuration via the yaml file. The file may provide rules for one domain (defined in Envoy’s conf file). In Envoy, one rate limit request might carry multiple rate limit descriptors (which will be generated from Envoy rate limit actions). One rate limit descriptor may have multiple entries (key-value pair). We may set different threshold for each rate limit descriptors.

A sample rule configuration file:

domain: foo
descriptors:
  - resources:
    - key: "destination_cluster"
      value: "service_httpbin"
    count: 1

This rule only takes effect for domain foo. It will limit the max QPS to 1 for all requests targeted to the service_httpbin cluster.

We need to provide the path to yaml file via the SENTINEL_RLS_RULE_FILE_PATH env (or -Dcsp.sentinel.rls.rule.file opts). Then as soon as the content in the rule file has been changed, Sentinel will reload the new rules from the file to the EnvoyRlsRuleManager.

We may check the logs in ~/logs/csp/sentinel-record.log.xxx to see whether the rules has been loaded. We may also retrieve the converted FlowRule via the command API localhost:8719/cluster/server/flowRules.

Configuration items

The configuration list:

Item (env) Item (JVM property) Description Default Value Required
SENTINEL_RLS_GRPC_PORT csp.sentinel.grpc.server.port The RLS gRPC server port 10240 false
SENTINEL_RLS_RULE_FILE_PATH csp.sentinel.rls.rule.file The path of the RLS rule yaml file - true
SENTINEL_RLS_ACCESS_LOG - Whether to enable the access log (on for enable) off false

Samples