Eric Zhao a0196b6b00 Bump version to 1.8.0-SNAPSHOT | пре 4 година | |
---|---|---|
.. | ||
sample/k8s | пре 5 година | |
src | пре 5 година | |
Dockerfile | пре 5 година | |
README.md | пре 4 година | |
pom.xml | пре 4 година |
This module provides the Envoy rate limiting gRPC service implementation with Sentinel token server.
Note: the gRPC stub classes for Envoy RLS service is generated via
protobuf-maven-plugin
during thecompile
goal. The generated classes is located in the directory:target/generated-sources/protobuf
.
Build the executable jar:
mvn clean package -P prod
Sentinel RLS token server supports dynamic rule configuration via the yaml file. The file may provide rules for one domain (defined in Envoy’s conf file). In Envoy, one rate limit request might carry multiple rate limit descriptors (which will be generated from Envoy rate limit actions). One rate limit descriptor may have multiple entries (key-value pair). We may set different threshold for each rate limit descriptors.
A sample rule configuration file:
domain: foo
descriptors:
- resources:
- key: "destination_cluster"
value: "service_httpbin"
count: 1
This rule only takes effect for domain foo
. It will limit the max QPS to 1 for
all requests targeted to the service_httpbin
cluster.
We need to provide the path to yaml file via the SENTINEL_RLS_RULE_FILE_PATH
env
(or -Dcsp.sentinel.rls.rule.file
opts). Then as soon as the content in the rule file has been changed,
Sentinel will reload the new rules from the file to the EnvoyRlsRuleManager
.
We may check the logs in ~/logs/csp/sentinel-record.log.xxx
to see whether the rules has been loaded.
We may also retrieve the converted FlowRule
via the command API localhost:8719/cluster/server/flowRules
.
The configuration list:
Item (env) | Item (JVM property) | Description | Default Value | Required |
---|---|---|---|---|
SENTINEL_RLS_GRPC_PORT |
csp.sentinel.grpc.server.port |
The RLS gRPC server port | 10240 | false |
SENTINEL_RLS_RULE_FILE_PATH |
csp.sentinel.rls.rule.file |
The path of the RLS rule yaml file | - | true |
SENTINEL_RLS_ACCESS_LOG |
- | Whether to enable the access log (on for enable) |
off | false |