用户工具

站点工具


light4j:ms-chain

微服务microservices不推荐使用网关gatewayms_chain是使用swagger规范的微服务示例项目,这里swagger-editor的介绍。

  • 准备环境
git clone https://github.com/networknt/light-codegen.git
git clone https://github.com/networknt/light-example-4j.git
git clone https://github.com/networknt/model-config.git
git clone https://github.com/networknt/light-oauth2.git
git clone https://github.com/networknt/light-docker.git
  • 生成代码:codegen,generated
mvn package -DskipTests -Dmaven.javadoc.skip=true -Dmaven.source.skip=true -f light-codegen/pom.xml -pl codegen-cli
mv light-example-4j/rest/swagger/ms_chain light-example-4j/rest/swagger/ms_chain_bak  //重命名ms_chain以便对比
java -jar light-codegen/codegen-cli/target/codegen-cli.jar -f swagger -o light-example-4j/rest/swagger/ms_chain/api_a/generated -m model-config/rest/swagger/api_a/1.0.0/swagger.json -c model-config/rest/swagger/api_a/1.0.0/config.json
mvn package -DskipTests exec:exec -f light-example-4j/rest/swagger/ms_chain/api_a/generated/pom.xml
curl -k https://localhost:7441/v1/data   //curl localhost:7001/v1/data
//依次再生成b、c、d项目
java -jar light-codegen/codegen-cli/target/codegen-cli.jar -f swagger -o light-example-4j/rest/swagger/ms_chain/api_b/generated -m model-config/rest/swagger/api_b/1.0.0/swagger.json -c model-config/rest/swagger/api_b/1.0.0/config.json
java -jar light-codegen/codegen-cli/target/codegen-cli.jar -f swagger -o light-example-4j/rest/swagger/ms_chain/api_c/generated -m model-config/rest/swagger/api_c/1.0.0/swagger.json -c model-config/rest/swagger/api_c/1.0.0/config.json
java -jar light-codegen/codegen-cli/target/codegen-cli.jar -f swagger -o light-example-4j/rest/swagger/ms_chain/api_d/generated -m model-config/rest/swagger/api_d/1.0.0/swagger.json -c model-config/rest/swagger/api_d/1.0.0/config.json
  • 微服务链:httpchain、httpschain
    1. api_d:/v1/data@get =》DataGetHandler,http-7004、https-7444
    2. api_c:Http2Client.connect(https://localhost:7444),ClientRequest(/v1/data@get)
    3. api_b:api_b.yml,https://localhost:7443,调用链a =》b=》c=》d
    4. api_a:h2c-prior://localhost:7002,http时启用http2协议,http-7001、https-7441
    5. server.yml,enableHttps=true|false,性能对比Requests/Sec=11613 : 9578,约82%
  • 安全令牌:security
    1. security.yml:enableVerifyJwt: true,默认是关闭了的,开启时需要运行light-oauth2服务提供token
    2. light-oauth2:docker-compose -f light-docker/docker-compose-oauth2-mysql.yml up,6886
    3. register client:a、b、c、d都会被调用,因此需要注册4个客户端
curl -k -H "Content-Type: application/json" -X POST -d '{"clientType":"public","clientProfile":"mobile","clientName":"Consumer","clientDesc":"A client that calls API A","scope":"api_a.r api_a.w","redirectUri": "http://localhost:8080/authorization","ownerId":"admin"}' https://localhost:6884/oauth2/client
//注册a的客户端,调用者可使用返回的clientId、clientSecret获取token,或跳转至redirectUri鉴权
{"clientId":"e45cb3f4-d029-4284-a42f-a408de5fbe8a","clientSecret":"mCTYQQ2bTySQ-r1TZqY4Hg","clientType":"public","clientProfile":"mobile","clientName":"Consumer","clientDesc":"A client that calls API A","ownerId":"admin","scope":"api_a.r api_a.w","redirectUri":"http://localhost:8080/authorization","createDt":"2017-08-30","updateDt":null}
//测试时也可用长期有效令牌:单独访问a、d时需要提供请求头Headers.AUTHORIZATION
eyJraWQiOiIxMDAiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJ1cm46Y29tOm5ldHdvcmtudDpvYXV0aDI6djEiLCJhdWQiOiJ1cm46Y29tLm5ldHdvcmtudCIsImV4cCI6MTgxMzAwNTAzNiwianRpIjoiN2daaHY2TS14UXpvVDhuNVMxODNodyIsImlhdCI6MTQ5NzY0NTAzNiwibmJmIjoxNDk3NjQ0OTE2LCJ2ZXJzaW9uIjoiMS4wIiwidXNlcl9pZCI6IlN0ZXZlIiwidXNlcl90eXBlIjoiRU1QTE9ZRUUiLCJjbGllbnRfaWQiOiJmN2Q0MjM0OC1jNjQ3LTRlZmItYTUyZC00YzU3ODc0MjFlNzIiLCJzY29wZSI6WyJhcGlfYS53IiwiYXBpX2IudyIsImFwaV9jLnciLCJhcGlfZC53Iiwic2VydmVyLmluZm8uciJdfQ.FkFbPTRXZf045_7fBlEPQTn7rNoib54TYQeFzSjLmMkUjrfDsJZD6EnrsAquDpHt8GKQNqGbyPzgiNWAIYHgwPZvM-lHw_dv0KUKii3D0woaFBkqu4vYxqyImROBii0B38evxPAZVONWqUncL21592bFPHsxGCz5oHL2unLv-oIQklWxcILpMrSL_tf7nhXHSu1RkRhshxAiAHSSpBZnluu4-jqZdEFtc5U_YApToUrKkmI_An1op5-6rS_I-fMbSnSctUoDgg3RT4Zvw1HC-ZLJlXWRF5-FD4uQOAOgy_T7PI75pNiuh4wgOGgdIf48X-7-fDkEbla-cVLiuj3z4g
//依次注册b、c、d的client,并对应更新a、b、c项目的client.yml-client_id+scope、secret.yml-authorizationCodeClientSecret+clientCredentialsClientSecret
curl -k -H "Content-Type: application/json" -X POST -d '{"clientType":"public","clientProfile":"service","clientName":"api_a","clientDesc":"API A service","scope":"api_b.r api_b.w","redirectUri": "http://localhost:8080/authorization","ownerId":"admin"}' https://localhost:6884/oauth2/client
curl -k -H "Content-Type: application/json" -X POST -d '{"clientType":"public","clientProfile":"service","clientName":"api_b","clientDesc":"API B service","scope":"api_c.r api_c.w","redirectUri": "http://localhost:8080/authorization","ownerId":"admin"}' https://localhost:6884/oauth2/client
curl -k -H "Content-Type: application/json" -X POST -d '{"clientType":"public","clientProfile":"service","clientName":"api_c","clientDesc":"API C service","scope":"api_d.r api_d.w","redirectUri": "http://localhost:8080/authorization","ownerId":"admin"}' https://localhost:6884/oauth2/client
  • 服务编排:compose+etc,局限于单机,微服务部署时需要注册与发现机制,k8s还可以弹性扩容
    1. etc:外部化部分配置,api_a.yml、client.yml,修改localhost为docker服务名oauth2-token、apib等
    2. docker:docker-compose -f compose/docker-compose-app.yml up,性能:8409,约72%
curl -k -H "Authorization: Bearer eyJraWQiOiIxMDAiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJ1cm46Y29tOm5ldHdvcmtudDpvYXV0aDI6djEiLCJhdWQiOiJ1cm46Y29tLm5ldHdvcmtudCIsImV4cCI6MTgwNjIwMDY2MSwianRpIjoibmQtb2ZZbWRIY0JZTUlEYU50MUFudyIsImlhdCI6MTQ5MDg0MDY2MSwibmJmIjoxNDkwODQwNTQxLCJ2ZXJzaW9uIjoiMS4wIiwidXNlcl9pZCI6IlN0ZXZlIiwidXNlcl90eXBlIjoiRU1QTE9ZRUUiLCJjbGllbnRfaWQiOiJmN2Q0MjM0OC1jNjQ3LTRlZmItYTUyZC00YzU3ODc0MjFlNzIiLCJzY29wZSI6WyJhcGlfYS53IiwiYXBpX2IudyIsImFwaV9jLnciLCJhcGlfZC53Iiwic2VydmVyLmluZm8uciJdfQ.SPHICXRY4SuUvWf0NYtwUrQ2-N-NeYT3b4CvxbzNl7D7GL5CF91G3siECrRBVexe0smBHHeiP3bq65rnCVFtwlYYqH6ZS5P7-AFiNcLBzSI9-OhV8JSf5sv381nk2f41IE4av2YUlgY0_mcIDo24ItnuPCxj0l49CAaLb7b1SHZJBQJANJTeQj-wgFsEqwafA-2wH2gehtH8CmOuuYfWO5t5IehP-zJNVT66E4UTRfvvZaJIvNTEQBWPpaZeeK6e56SyBqaLOR7duqJZ8a2UQZRWsDdIVt2Y5jGXQu1gyenIvCQbYLS6iglg6Xaco9emnYFopd2i3psathuX367fvw" https://localhost:7441/v1/data
light4j/ms-chain.txt · 最后更改: 2020/07/03 11:07 由 admin