Merge branch 'degrade'
* degrade: bug fix no message bug fix no message no message debug add 支持配置error code add add add bug fix bug fix add bug fix modify response add # Conflicts: # scripts/inventory/templates/inventory-az1.j2 # scripts/inventory/templates/inventory-t6.j2
Showing
6 changed files
with
44 additions
and
37 deletions
| @@ -125,22 +125,21 @@ local query_limit_ip_access_conf=function() | @@ -125,22 +125,21 @@ local query_limit_ip_access_conf=function() | ||
| 125 | if property then | 125 | if property then |
| 126 | local source=property["source"] | 126 | local source=property["source"] |
| 127 | if source then | 127 | if source then |
| 128 | - local limit_ip_access={} | ||
| 129 | - local is_open=source["is_open"] | ||
| 130 | - | ||
| 131 | - limit_ip_access["is_open"]=is_open | ||
| 132 | - local ip_qps_limit=source["ip_qps_limit"] | ||
| 133 | - ip_qps_limit=split_str_list(ip_qps_limit,",") | ||
| 134 | - local ip_qps_limit_table={} | ||
| 135 | - table.insert(ip_qps_limit_table,tonumber(ip_qps_limit[1])) | ||
| 136 | - table.insert(ip_qps_limit_table,tonumber(ip_qps_limit[2])) | ||
| 137 | - limit_ip_access["ip_qps_limit"]=ip_qps_limit_table | ||
| 138 | - | ||
| 139 | - local white_ips={} | 128 | + local limit_ip_access={ degrades = {} } |
| 129 | + | ||
| 130 | + limit_ip_access["is_open"]=source["is_open"] | ||
| 131 | + | ||
| 132 | + local white_ips={} | ||
| 140 | for k,v in pairs(source) do | 133 | for k,v in pairs(source) do |
| 141 | - | ||
| 142 | if string.find(k,"^white_ips%[*") then | 134 | if string.find(k,"^white_ips%[*") then |
| 143 | table.insert(white_ips,v) | 135 | table.insert(white_ips,v) |
| 136 | + elseif string.find(k,"^degrade_methods%[*") then | ||
| 137 | + if v and v ~= '' then | ||
| 138 | + d_method = split_str_list(v, ",", 2) | ||
| 139 | + local e_code = d_method[2] | ||
| 140 | + if e_code == nil then e_code = 9999991 end | ||
| 141 | + limit_ip_access.degrades[d_method[1]] = e_code | ||
| 142 | + end | ||
| 144 | end | 143 | end |
| 145 | end | 144 | end |
| 146 | limit_ip_access["white_ips"]=white_ips | 145 | limit_ip_access["white_ips"]=white_ips |
| @@ -39,6 +39,23 @@ function limit(limit_key,max_limit,seconds) | @@ -39,6 +39,23 @@ function limit(limit_key,max_limit,seconds) | ||
| 39 | return true | 39 | return true |
| 40 | end | 40 | end |
| 41 | 41 | ||
| 42 | +---- degrade | ||
| 43 | +function do_degrade() | ||
| 44 | + local method = http_request.get_method() | ||
| 45 | + | ||
| 46 | + if limit_ip_config and limit_ip_config.degrades and limit_ip_config.degrades[method] then | ||
| 47 | + ngx.log(ngx.ERR, "[Degraded]: ", method) | ||
| 48 | + local err_code = limit_ip_config.degrades[method] | ||
| 49 | + local err_msg = default_err_msg | ||
| 50 | + ngx.header["Content-Type"]="application/json;charset=utf-8" | ||
| 51 | + local msg='{"code":' .. err_code .. ',"message":"'.. err_msg .. '"}' | ||
| 52 | + ngx.say(msg) | ||
| 53 | + ngx.exit(ngx.HTTP_OK) | ||
| 54 | + end | ||
| 55 | +end | ||
| 56 | + | ||
| 57 | + | ||
| 58 | + | ||
| 42 | 59 | ||
| 43 | -------- function: doing rate limit by key[interface]----- | 60 | -------- function: doing rate limit by key[interface]----- |
| 44 | function rate_limit() | 61 | function rate_limit() |
| @@ -175,14 +192,6 @@ function cutdown() | @@ -175,14 +192,6 @@ function cutdown() | ||
| 175 | end | 192 | end |
| 176 | end | 193 | end |
| 177 | 194 | ||
| 178 | - --- temp not allowed the attacker's udid | ||
| 179 | - if udid and udid == "b53c028a35aa734b7fbd962c1e8571568dd06739" then | ||
| 180 | - ngx.log(ngx.ERR, "[UDID NOT ALLOWED]") | ||
| 181 | - local rsp2 ='{"code": 10000, "message": "OK"}' | ||
| 182 | - ngx.say(rsp2) | ||
| 183 | - ngx.exit(ngx.HTTP_OK) | ||
| 184 | - end | ||
| 185 | - | ||
| 186 | end | 195 | end |
| 187 | 196 | ||
| 188 | ---- function read request body | 197 | ---- function read request body |
| @@ -197,8 +206,14 @@ function main() | @@ -197,8 +206,14 @@ function main() | ||
| 197 | 206 | ||
| 198 | init_read_body() | 207 | init_read_body() |
| 199 | 208 | ||
| 209 | + -- degrade | ||
| 210 | + local status, errMsg = pcall(do_degrade) | ||
| 211 | + if not status then | ||
| 212 | + ngx.log(ngx.ERR, "call method [do_degrade] failed.", errMsg) | ||
| 213 | + end | ||
| 214 | + | ||
| 200 | --cutdown version check | 215 | --cutdown version check |
| 201 | - local status, errMsg = pcall(cutdown) | 216 | + status, errMsg = pcall(cutdown) |
| 202 | if not status then | 217 | if not status then |
| 203 | ngx.log(ngx.ERR, "call method [cutdown] failed.", errMsg) | 218 | ngx.log(ngx.ERR, "call method [cutdown] failed.", errMsg) |
| 204 | end | 219 | end |
| @@ -72,7 +72,6 @@ function get_redirect_url() | @@ -72,7 +72,6 @@ function get_redirect_url() | ||
| 72 | local redirectPath = "/apigateway" | 72 | local redirectPath = "/apigateway" |
| 73 | local awsPath = "/apiaws" | 73 | local awsPath = "/apiaws" |
| 74 | 74 | ||
| 75 | - init_read_body() | ||
| 76 | 75 | ||
| 77 | -- get params | 76 | -- get params |
| 78 | local force_uid = switch_controller.get_force_uid() | 77 | local force_uid = switch_controller.get_force_uid() |
| @@ -101,6 +100,9 @@ end | @@ -101,6 +100,9 @@ end | ||
| 101 | ---- main | 100 | ---- main |
| 102 | function main() | 101 | function main() |
| 103 | 102 | ||
| 103 | + | ||
| 104 | + init_read_body() | ||
| 105 | + | ||
| 104 | local status, ret = pcall(get_redirect_url) | 106 | local status, ret = pcall(get_redirect_url) |
| 105 | if not status then | 107 | if not status then |
| 106 | ngx.log(ngx.ERR, "call method [get_redirect_url] failed.", ret) | 108 | ngx.log(ngx.ERR, "call method [get_redirect_url] failed.", ret) |
| 1 | # inventory file for az1 | 1 | # inventory file for az1 |
| 2 | # auto generated at {{time_now}} | 2 | # auto generated at {{time_now}} |
| 3 | 3 | ||
| 4 | -[zookeeper] | ||
| 5 | -10.66.4.3 | ||
| 6 | - | ||
| 7 | [nameservers] | 4 | [nameservers] |
| 8 | 10.66.4.18 | 5 | 10.66.4.18 |
| 9 | 10.66.4.17 | 6 | 10.66.4.17 |
| @@ -15,16 +12,13 @@ | @@ -15,16 +12,13 @@ | ||
| 15 | 10.66.4.23 | 12 | 10.66.4.23 |
| 16 | 10.66.4.15 | 13 | 10.66.4.15 |
| 17 | 14 | ||
| 18 | -[platform-nginx] | ||
| 19 | -10.66.50.140 | ||
| 20 | - | ||
| 21 | [cobar-server] | 15 | [cobar-server] |
| 22 | 10.66.70.167 | 16 | 10.66.70.167 |
| 23 | 10.66.70.206 | 17 | 10.66.70.206 |
| 24 | 10.66.70.8 | 18 | 10.66.70.8 |
| 25 | -10.66.70.91 | ||
| 26 | -10.66.70.150 | ||
| 27 | 10.66.70.36 | 19 | 10.66.70.36 |
| 20 | +10.66.70.150 | ||
| 21 | +10.66.70.91 | ||
| 28 | 22 | ||
| 29 | [crm-store-nginx] | 23 | [crm-store-nginx] |
| 30 | 10.66.0.133 | 24 | 10.66.0.133 |
| 1 | # inventory file for az1 | 1 | # inventory file for az1 |
| 2 | # auto generated at {{time_now}} | 2 | # auto generated at {{time_now}} |
| 3 | 3 | ||
| 4 | -[zookeeper] | ||
| 5 | -10.66.4.3 | ||
| 6 | - | ||
| 7 | [nameservers] | 4 | [nameservers] |
| 8 | 10.66.4.18 | 5 | 10.66.4.18 |
| 9 | 10.66.4.17 | 6 | 10.66.4.17 |
| @@ -19,9 +16,9 @@ | @@ -19,9 +16,9 @@ | ||
| 19 | 10.66.70.167 | 16 | 10.66.70.167 |
| 20 | 10.66.70.206 | 17 | 10.66.70.206 |
| 21 | 10.66.70.8 | 18 | 10.66.70.8 |
| 22 | -10.66.70.91 | ||
| 23 | -10.66.70.150 | ||
| 24 | 10.66.70.36 | 19 | 10.66.70.36 |
| 20 | +10.66.70.150 | ||
| 21 | +10.66.70.91 | ||
| 25 | 22 | ||
| 26 | [crm-store-nginx] | 23 | [crm-store-nginx] |
| 27 | 10.66.0.133 | 24 | 10.66.0.133 |
-
Please register or login to post a comment