Trying to get spring cloud gateway to load balance across a couple of instances of our application, but just can't figure it out. We don't have a service registry at present (no Eureka etc).
I've been trying to use ribbon and have a configuration like so:
spring:
application:
name: gateway-service
cloud:
discovery:
locator:
enabled: true
gateway:
routes:
- id: my-service
uri: lb://my-load-balanced-service
predicates:
- Path=/
filters:
- TestFilter
ribbon:
eureka:
enabled: false
my-load-balanced-service:
ribbon:
listOfServers: localhost:8080, localhost:8081
However when I try a request to the gateway, I get a 200 response with content-length 0, and my stubs have not been hit.
I have a very basic setup, no beans defined.
How can I get ribbon to play nice / or an alternative?
You should check out whether spring-cloud-starter-netflix-ribbon dependency is on your project or not
Related
Cannot for the life of me get Weaviate to launch with OIDC authentication - I have tried every combination under the sun and the pod falls into a CrashLoopBackOff.
I can successfully deploy with the defaults (anon access = true and no admin list); but as soon as OIDC is added, no luck.
Is there something wrong with my config? I add the config as per the documentation to the values.yaml before continuing on with the instructions.
I should note, not at all familiar with Kubernetes and using this as a learning experience.
Thanks so much for any help
YAML (from azure portal):
data:
conf.yaml: |-
---
authentication:
anonymous_access:
enabled: false
oidc:
client_id: client-id
enabled: true
issuer: https://issuerURL/authorize/
skip_client_id_check: false
username_claim: email
authorization:
admin_list:
enabled: true
users:
- user#user.com
query_defaults:
limit: 100
debug: false
For the issuer URL with Azure you will want it to be of the format https://login.microsoftonline.com/xxx-xxx-xxx-xxx/v2.0. You can find this via Azure > App Registrations > Endpoints > OpenID Metadata document (without the .well-known/openid-configuration suffix.
As of Weaviate version 1.15.3, the Weaviate console and python client do not work with Azure but there is an issue to fix this planned for 1.16.
I have a serverless project, that has quite a few API endpoints, and when I try to deploy all at once I get this error:
Error: The CloudFormation template is invalid: Template format error: Number of resources, 293, is greater than the maximum allowed, 200
at C:...\AppData\Roaming\npm\node_modules\serverless\lib\plugins\aws\deplow\lib\validateTemplate.js:20:13
My serverless.yaml functions def looks like this
functions:
# Auth: Sign-in
signIn:
handler: src/collections/auth/auth.signIn
events:
- http:
path: auth/signIn
method: post
cors: true
# Admin-User: Find Permission By Role
findPermissionByRole:
handler: src/collections/permissions/permissions.findPermissionByRole
events:
- http:
path: permissions/findPermissionByRole
method: get
cors: true
# Lookup: FindAll
lookup:
handler: src/collections/lookup/lookup.find
events:
- http:
path: lookup/find
method: post
cors: true
...(1180 lines of code 131 resources)
There are 131 Handler/events - but if I try to deploy more than 20 (twenty) I get that error.
So I am confused by the error message specifying 293, and 200 max when I have 131.
Any thoughts on this?
This issue to due to the following limit in the Cloudformation API:
Keep in the mind, serverless can add up to 6 resources to the CloudFormation request
For each http event you configured, you end up creating six (!)
CloudFormation resources, in addition to shared resources like
AWS::ApiGateway::RestApi and AWS::IAM::Role.
To work around this, serverless suggests one of the following:
Break your API down: opt for a small deployments and small code (split by business domain). But this may require a lot for existing projects.
Handle routing in your application logic: Make some of the heavy lifting done by API Gateway be done by the lambda function instead.
Use plugins to split your service into multiple stacks or nested stacks: Use this neat AWS solution for the 200 resource limit in one cloudformation template. (e.g. serverless-plugin-split-stacks, serverless-plugin-additional-stacks ... etc)
Ask AWS for the CloudFormation limit increase: Won't solve the root cause and only solve it til your app gets bigger and run into the same issue but a higher limit and more complex/bigger code.
We have a project that partially uses DDD. When changing / creating an entity, we throw an event inside the entity. Next, the Doctrine Event Subscriber takes all the events and forwards them to the EventBus.
Let's say we have a MissionCreatedEvent event. I want to make routing key mission.event.created for it and tie it into 2 queues: new_mission_notification_to_part_time_employee and new_mission_area_notification_to_manager.
This is what the config looks like:
transports:
async_new_mission_notification_to_part_time_employee:
dsn: '%env(MESSENGER_TRANSPORT_DSN)%'
options:
exchange:
name: mission
type: topic
queues:
new_mission_notification_to_part_time_employee:
binding_keys: ['mission.event.created']
retry_strategy:
max_retries: 0
async_new_mission_area_notification_to_manager:
dsn: '%env(MESSENGER_TRANSPORT_DSN)%'
options:
exchange:
name: mission
type: topic
queues:
new_mission_area_notification_to_manager:
binding_keys: ['mission.event.created']
retry_strategy:
max_retries: 0
routing:
'App\Domain\Mission\Event\MissionCreatedEvent':
- async_new_mission_notification_to_part_time_employee
- async_new_mission_area_notification_to_manager
The problem is that Symfony Messenger first runs on transports and only then pushes the message into exchange. Since we have 2 transports, it turns out that the event with routing key mission.event.created is triggered twice. Because of this, my Message handlers run 2 times.
There is an option not to use routing key mission.event.created. But use similar to mission.cmd.notify_part_time_employee_about_new_mission
and mission.cmd.notify_manager_about_new_mission_in_area for each transport with direct exchange.
This will help solve duplication problems, but I can’t use all the features that RabbitMQ gives me :(
I'm hoping someone can provide some ideas here. I'm playing around with some of the sample apps for the spring cloud gateway and going through the docs but I'm not seeing any way to route to self or do a global ignore. The idea here is that there are some paths that ALWAYS need to point to self, like for the actuator, and other that may need a global block (maybe for security reasons like you've found a severe vulnerability and need to disable access to a specific resource). Right now from what I can tell there is no way to do this, but I hope I'm wrong!
I've set up the app with the actuator running on port 8081 and the server on 8080.
I've got two simple rules:
- id: local_test_1
uri: http://localhost:80
order: 9000
predicates:
- Path=/echo
# =====================================
- id: local_test_2
uri: ${test.uri}
order: 10000
predicates:
- Path=/**
But the universal /** makes sure that any call to localhost:8081/actuator/* also gets routed to the uri. How can I exempt the management port from routing rules so the server itself will deal with the request?
I thought a default filter like - Path!=${management.server.port}/* might work, but it seems that != isn't supported.
I ran into this same problem when using a default route, but also needing to serve a custom post-logout page from the classpath. The default route would handle the request instead of the gateway itself. Without the default route the logout.html was served correctly.
I ended up moving the default route to a Java bean and used the fluent API like this:
#Bean
public RouteLocator customRouteLocator(RouteLocatorBuilder builder) {
return builder.routes()
.route("default", r -> r
.order(Ordered.LOWEST_PRECEDENCE)
.path("/**")
.and().not(p -> p.path("/logout.html", "/logout.css"))
.uri("http://localhost:8080")
)
.build();
}
If someone knows of a way to do negation in the .yml configuration files that would be ideal, but I have yet to find an example of that in any docs.
You can use no://op as value for uri:.
The only disadvantage, that I see, is that any endpoint, which is not supposed to be found (like /actuator/foo) would still return 200 OK.
- id: local_test_1
uri: http://localhost:80
order: 9000
predicates:
- Path=/echo
# =====================================
- id: local_test_2
uri: ${test.uri}
order: 10000
predicates:
- Path=/**
Try add two space before - Path, the problem may be you config is not working.
maybe you can use - Path=/** and - setStatus=404 for its filter and for actuator route - Path=/actuator/** and - setStatus=ACCEPTED don't forget to uri: no://op for both
This question may have been asked before. I have searched for answers, but I haven't found what I was looking for.
In Symfony 2.3, is there a way to disable the logger for specific requests? I mean, I am using a SOAP service for my project. When I send a request to login, the username and password are dumped straight as plain text into the log file. Is there a way to stop logging this kind of specific requests?
For example, when I send a request for login, the logger should be disabled, but for all other request it works again. Is this possible?
depending if your are in Prod or Dev environement but everything is in config.yml or config_dev.yml :
to disable logging just remove monolog configuration like this :
monolog:
handlers:
main:
type: stream
path: "%kernel.logs_dir%/%kernel.environment%.log"
level: debug
console:
type: console
bubble: false
# uncomment to get logging in your browser
# you may have to allow bigger header sizes in your Web server configuration
#firephp:
# type: firephp
# level: info
#chromephp:
# type: chromephp
# level: info
but in my opinion , you shouln't do this because logging allows you to improve significantly your code !
Logging except for a specific service :
You need to create a specific log channel for your service as described there :
http://symfony.com/doc/current/cookbook/logging/channels_handlers.html
and there :
http://symfony.com/doc/current/reference/dic_tags.html#dic-tags-monolog
you ll be able to separate your soap log from others and eventually send it to null