在微服务架构中,API网关是连接客户端与后端服务的统一入口。本文将通过YARP框架+ASP.NET Core实现一个企业级API网关,包含以下核心功能:
- 动态路由配置:支持JSON格式的路由规则
- 服务发现集成:与Consul/Kubernetes联动
- 多层安全防护:JWT鉴权+IP白名单+请求限流
- 实时监控:Prometheus指标暴露
- 熔断降级:集成Polly实现服务容错
第一章:设计原则与架构设计
1.1 核心设计原则
1.2 架构分层
第二章:核心组件实现
2.1 路由配置模块
using Yarp.ReverseProxy.Configuration;
public class DynamicRouteConfig
{
private readonly IConfiguration _config;
private readonly IProxyConfigManager _proxyConfigManager;
public DynamicRouteConfig(IConfiguration config, IProxyConfigManager proxyConfigManager)
{
_config = config;
_proxyConfigManager = proxyConfigManager;
}
public void LoadRoutes()
{
var routes = _config.GetSection("ReverseProxy").Get<ReverseProxyConfig>();
foreach (var route in routes.Routes)
{
var config = new ClusterConfig
{
Destinations = route.Destinations.ToDictionary(
d => d.Name,
d => new DestinationConfig { Address = d.Address })
};
_proxyConfigManager.UpdateCluster(route.ClusterId, config);
}
}
}
// appsettings.json配置示例
{
"ReverseProxy": {
"Routes": [
{
"RouteId": "users",
"ClusterId": "user-service",
"Match": {
"Path": "/api/users/{**catch-all}"
},
"Transforms": [
{ "Path": "/api/users/{catch-all}" }
]
}
],
"Clusters": {
"user-service": {
"Destinations": [
{ "Address": "http://localhost:5001" },
{ "Address": "http://localhost:5002" }
]
}
}
}
}
2.2 自定义过滤器链
public class AuthenticationFilter : IGatewayFilter
{
public async ValueTask<string> ExecuteAsync(HttpContext context)
{
var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(' ').Last();
if (string.IsNullOrEmpty(token))
return "Unauthorized";
try
{
var handler = new JwtSecurityTokenHandler();
var validationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("your-secret-key")),
ValidateIssuer = false,
ValidateAudience = false
};
handler.ValidateToken(token, validationParameters, out _);
}
catch
{
return "Forbidden";
}
return await Next.Invoke(context);
}
}
2.3 限流熔断实现
public class RateLimiterMiddleware
{
private readonly RequestDelegate _next;
private readonly IPriorityLimit _limiter;
public RateLimiterMiddleware(RequestDelegate next, IPriorityLimit limiter)
{
_next = next;
_limiter = limiter;
}
public async Task InvokeAsync(HttpContext context)
{
var clientIp = context.Connection.RemoteIpAddress.ToString();
var key = $"rate-limit:{clientIp}";
if (!_limiter.Allow(key, 100, TimeSpan.FromSeconds(1)))
{
context.Response.StatusCode = StatusCodes.Status429TooManyRequests;
await context.Response.WriteAsync("Rate limit exceeded");
return;
}
await _next(context);
}
}
第三章:服务发现与负载均衡
3.1 Consul集成
public class ConsulServiceDiscovery
{
private readonly IConsulClient _consulClient;
private readonly ILogger<ConsulServiceDiscovery> _logger;
public ConsulServiceDiscovery(IConsulClient consulClient, ILogger<ConsulServiceDiscovery> logger)
{
_consulClient = consulClient;
_logger = logger;
}
public async Task<List<Service>> GetServicesAsync()
{
var result = await _consulClient.Catalog.Services();
return result.Response.Values.SelectMany(s => s.Value)
.Select(s => new Service { Name = s.Key, Address = s.Value.Address })
.ToList();
}
}
// 注册服务
public void ConfigureServices(IServiceCollection services)
{
services.AddConsulClient(opt =>
{
opt.Address = new Uri("http://localhost:8500");
});
}
3.2 轮询负载均衡算法
public class RoundRobinLoadBalancer
{
private readonly List<Destination> _destinations = new();
private int _currentIndex = 0;
public void AddDestination(Destination destination)
{
_destinations.Add(destination);
}
public Destination GetNextDestination()
{
if (_destinations.Count == 0) return null;
var index = _currentIndex % _destinations.Count;
_currentIndex++;
return _destinations[index];
}
}
第四章:性能优化与监控
4.1 异步非阻塞处理
public class AsyncRequestHandler
{
private readonly HttpClient _httpClient;
public AsyncRequestHandler(HttpClient httpClient)
{
_httpClient = httpClient;
}
public async Task<string> SendRequestAsync(string url)
{
var response = await _httpClient.GetAsync(url);
return await response.Content.ReadAsStringAsync();
}
}
4.2 Prometheus指标暴露
public class MetricsExporter
{
private readonly PerformanceCounter _requestCounter;
public MetricsExporter()
{
_requestCounter = new PerformanceCounter("APIGateway", "RequestsTotal");
}
public string GetMetrics()
{
var metrics = new StringBuilder();
metrics.AppendLine($"# HELP requests_total Total number of requests");
metrics.AppendLine($"# TYPE requests_total counter");
metrics.AppendLine($"requests_total {Convert.ToInt32(_requestCounter.RawValue)}");
return metrics.ToString();
}
}
第五章:源码实现
5.1 网关启动类
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddReverseProxy()
.LoadFromConfig(Configuration.GetSection("ReverseProxy"));
services.AddConsulClient(opt => { opt.Address = new Uri("http://localhost:8500"); });
services.AddHostedService<ConsulServiceUpdater>();
services.AddMemoryCache();
services.AddHttpContextAccessor();
services.AddLogging();
services.AddHealthChecks();
services.AddCors();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseRouting();
app.UseCors(builder => builder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
);
app.UseRateLimiter(); // 自定义限流中间件
app.UseAuthenticationFilter(); // 自定义鉴权中间件
app.UseReverseProxy();
app.UseMetricsEndpoint(); // 指标端点
}
}
5.2 动态路由热更新
public class ConsulServiceUpdater : IHostedService
{
private readonly IConsulClient _consulClient;
private readonly IProxyConfigManager _proxyConfigManager;
public ConsulServiceUpdater(IConsulClient consulClient, IProxyConfigManager proxyConfigManager)
{
_consulClient = consulClient;
_proxyConfigManager = proxyConfigManager;
}
public async Task StartAsync(CancellationToken cancellationToken)
{
await UpdateProxyConfig();
await _consulClient.Health.Service("api-gateway", "", 0, cancellationToken);
}
private async Task UpdateProxyConfig()
{
var services = await _consulClient.Catalog.Services();
foreach (var service in services.Response.Values)
{
var clusterId = service.Key;
var destinations = service.Value.Select(addr => new DestinationConfig { Address = addr });
_proxyConfigManager.UpdateCluster(clusterId, new ClusterConfig { Destinations = destinations });
}
}
}
第六章:部署与测试
6.1 Docker部署
# Dockerfile
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 5000
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["ApiGateway.csproj", "./"]
RUN dotnet restore
COPY . .
RUN dotnet publish -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=build /app/publish .
ENTRYPOINT ["dotnet", "ApiGateway.dll"]
6.2 压力测试
wrk -t4 -c200 -d30s http://localhost:5000/api/users
# 输出示例:
Running 30s test @ http://localhost:5000/api/users
4 threads and 200 connections
Thread Stats Avg Stdev Max +/- Stdev
Latency 15.22ms 12.34ms 200.12ms 67.45%
Req/Sec 5.67k 0.32k 12.34k 89.12%
678,901 requests in 30.00s, 123.45MB read
Socket errors: connect 0, read 0, write 0, timeout 12
Requests/sec: 22630.04
Transfer/sec: 4.12MB
第七章:架构演进与扩展方向
7.1 服务网格集成
// 与Istio集成示例
public class IstioSidecar
{
private readonly HttpClient _httpClient;
public IstioSidecar(HttpClient httpClient)
{
_httpClient = httpClient;
}
public async Task<string> CallService(string serviceUrl)
{
var response = await _httpClient.GetAsync($"http://istio-ingressgateway:31380/{serviceUrl}");
return await response.Content.ReadAsStringAsync();
}
}
7.2 多协议支持
public class ProtocolConverter
{
public byte[] ConvertHttpToGrpc(HttpRequestMessage request)
{
// 实现HTTP到gRPC协议转换
return new byte[0];
}
public byte[] ConvertGrpcToHttp(byte[] grpcResponse)
{
// 实现gRPC响应转换为HTTP格式
return new byte[0];
}
}
API网关的未来演进
通过本文的YARP框架+ASP.NET Core实现方案,我们构建了具备以下特性的企业级API网关:
- 动态路由:支持JSON配置和Consul热更新
- 多层安全:JWT+IP白名单+请求签名
- 智能路由:轮询+一致性哈希负载均衡
- 全链路监控:Prometheus指标+熔断降级
未来可进一步扩展:
- Serverless集成:支持AWS Lambda/Azure Functions
- 边缘计算:结合CDN实现全球负载均衡
- AI优化:基于请求模式的动态路由策略
扫一扫
312
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
