Eureka 服務(wù)注冊報錯問題

Eureka 服務(wù)注冊報錯問題

Eureka server 登錄頁面啟用使用賬號和密碼登錄驗證進入管理頁面, 出于安全考慮開啟登錄驗證方式。

由于本項目采用子模塊的方式構(gòu)建, 項目頂級文件引入:

<!--Springboot version -->
<parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>2.1.6.RELEASE</version>
</parent>

<!--Spring cloud version -->
<dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>${spring-cloud.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
       </denpencies>
</dependencyManagement>

由于本項目采用Apollo 配置中構(gòu)建,Eureka Server的pom.xml, 啟用安全登錄驗證開啟需要引入:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

<dependencies>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-netflix-eureka-server</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
        </dependency>
        <dependency>
            <groupId>com.ctrip.framework.apollo</groupId>
            <artifactId>apollo-client</artifactId>
        </dependency>
        <dependency>
            <groupId>com.ctrip.framework.apollo</groupId>
            <artifactId>apollo-core</artifactId>
        </dependency>
        <dependency>
            <groupId>org.codehaus.janino</groupId>
            <artifactId>janino</artifactId>
        </dependency>
        <dependency>
            <groupId>org.codehaus.janino</groupId>
            <artifactId>commons-compiler</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
    </dependencies>

需要調(diào)整如下4個配置,在設(shè)置username和password的時候需要注意,不能設(shè)置@字符。 否則會出現(xiàn)管理頁面中心可以登錄,頁面顯示錯誤。

eureka.client.serviceUrl.defaultZone = http://${spring.security.user.name}:${spring.security.user.password}@localhost:${server.port}/eureka/
spring.security.basic.enabled = true
spring.security.user.name = wingsing
spring.security.user.password = wingsing

Eureka Client的pom.xml, 無需要調(diào)整,只需要調(diào)整Apollo配置即可:

eureka.client.serviceUrl.defaultZone = http://${spring.security.user.name}:${spring.security.user.password}@localhost:8060/eureka/
spring.security.user.name = wingsing
spring.security.user.password = wingsing

由于本項目子模塊構(gòu)建方式,總共Eureka Client有6個是注冊正常和健康心跳正常,其中有一個模塊,出現(xiàn)Eureka server注冊服務(wù)正常,但是服務(wù)端心跳連接報錯如下:

org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL was not normalized.
    at org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:123)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:194)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:186)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270)

Eureka Client 心跳連接報錯如下:

[2020-04-16 09:18:06.890] [DiscoveryClient-HeartbeatExecutor-0] [ERROR] com.netflix.discovery.shared.transport.decorator.RedirectingEurekaHttpClient 91 - Request execution error. endpoint=DefaultEndpoint{ serviceUrl='http://wingsing:wingsing@localhost:8060/eureka/}
javax.ws.rs.WebApplicationException: com.fasterxml.jackson.databind.exc.MismatchedInputException: Root name 'timestamp' does not match expected ('instance') for type [simple type, class com.netflix.appinfo.InstanceInfo]
 at [Source: (com.sun.jersey.client.apache4.ApacheHttpClient4Handler$HttpClientResponseInputStream); line: 1, column: 2]
    at com.netflix.discovery.provider.DiscoveryJerseyProvider.readFrom(DiscoveryJerseyProvider.java:110)
    at com.sun.jersey.api.client.ClientResponse.getEntity(ClientResponse.java:634)
    at com.sun.jersey.api.client.ClientResponse.getEntity(ClientResponse.java:586)
    at com.netflix.discovery.shared.transport.jersey.AbstractJerseyEurekaHttpClient.sendHeartBeat(AbstractJerseyEurekaHttpClient.java:105)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator$3.execute(EurekaHttpClientDecorator.java:92)
    at com.netflix.discovery.shared.transport.decorator.MetricsCollectingEurekaHttpClient.execute(MetricsCollectingEurekaHttpClient.java:73)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator.sendHeartBeat(EurekaHttpClientDecorator.java:89)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator$3.execute(EurekaHttpClientDecorator.java:92)
    at com.netflix.discovery.shared.transport.decorator.RedirectingEurekaHttpClient.execute(RedirectingEurekaHttpClient.java:89)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator.sendHeartBeat(EurekaHttpClientDecorator.java:89)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator$3.execute(EurekaHttpClientDecorator.java:92)
    at com.netflix.discovery.shared.transport.decorator.RetryableEurekaHttpClient.execute(RetryableEurekaHttpClient.java:120)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator.sendHeartBeat(EurekaHttpClientDecorator.java:89)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator$3.execute(EurekaHttpClientDecorator.java:92)
    at com.netflix.discovery.shared.transport.decorator.SessionedEurekaHttpClient.execute(SessionedEurekaHttpClient.java:77)
    at com.netflix.discovery.shared.transport.decorator.EurekaHttpClientDecorator.sendHeartBeat(EurekaHttpClientDecorator.java:89)
    at com.netflix.discovery.DiscoveryClient.renew(DiscoveryClient.java:864)
    at com.netflix.discovery.DiscoveryClient$HeartbeatThread.run(DiscoveryClient.java:1423)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: Root name 'timestamp' does not match expected ('instance') for type [simple type, class com.netflix.appinfo.InstanceInfo]
 at [Source: (com.sun.jersey.client.apache4.ApacheHttpClient4Handler$HttpClientResponseInputStream); line: 1, column: 2]
    at com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
    at com.fasterxml.jackson.databind.DeserializationContext.reportInputMismatch(DeserializationContext.java:1356)
    at com.fasterxml.jackson.databind.ObjectReader._unwrapAndDeserialize(ObjectReader.java:1695)
    at com.fasterxml.jackson.databind.ObjectReader._bindAndClose(ObjectReader.java:1608)
    at com.fasterxml.jackson.databind.ObjectReader.readValue(ObjectReader.java:1188)
    at com.netflix.discovery.converters.EurekaJacksonCodec.readValue(EurekaJacksonCodec.java:197)
    at com.netflix.discovery.converters.wrappers.CodecWrappers$LegacyJacksonJson.decode(CodecWrappers.java:314)
    at com.netflix.discovery.provider.DiscoveryJerseyProvider.readFrom(DiscoveryJerseyProvider.java:103)
    ... 22 common frames omitted
[2020-04-16 09:18:06.904] [DiscoveryClient-HeartbeatExecutor-0] [WARN ] com.netflix.discovery.shared.transport.decorator.RetryableEurekaHttpClient 130 - Request execution failed with message: com.fasterxml.jackson.databind.exc.MismatchedInputException: Root name 'timestamp' does not match expected ('instance') for type [simple type, class com.netflix.appinfo.InstanceInfo]
 at [Source: (com.sun.jersey.client.apache4.ApacheHttpClient4Handler$HttpClientResponseInputStream); line: 1, column: 2]

本人解決這個問題的方案
由于其它6個Eureka注冊子模塊正常,只有這個服務(wù)不正常; 我懷疑是服務(wù)的配置或者pom引入的依賴不一致出現(xiàn)的,第一想法先是搜索引擎搜索一下,看有沒有類似的報錯問題。經(jīng)過搜索方案。我再就開始從配置方面下手,配置是一致的。
再從pom依賴入手,比較之后,有幾個不一致,逐個排查,可能是太相信idea自動編譯了,一個個排查的時候,我沒有進行模塊的mvn clean, 只是去掉依賴即進行運行服務(wù),還是一樣的問題。

方式一:
通過斷點排查,原因:
由于springboot 版本升級 默認(rèn)使用這個防火墻類,StrictHttpFirewall 的isNormalized 方法中判斷:
if (path.indexOf("http://") > -1) 的判斷,有一個client客戶的引入了 Apache Httpclient的依賴

private static boolean isNormalized(String path) {
        if (path == null) {
            return true;
        }

        if (path.indexOf("http://") > -1) {
            return false;
        }

        for (int j = path.length(); j > 0;) {
            int i = path.lastIndexOf('/', j - 1);
            int gap = j - i;

            if (gap == 2 && path.charAt(i + 1) == '.') {
                // ".", "/./" or "/."
                return false;
            } else if (gap == 3 && path.charAt(i + 1) == '.' && path.charAt(i + 2) == '.') {
                return false;
            }

            j = i;
        }

        return true;
    }

網(wǎng)上有類似的問題:

@Bean
public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
    StrictHttpFirewall firewall = new StrictHttpFirewall();
    firewall.setAllowUrlEncodedSlash(true);    
    return firewall;
}
@Override
public void configure(WebSecurity web) throws Exception {
    //@formatter:off
    super.configure(web);
    web.httpFirewall(allowUrlEncodedSlashHttpFirewall());
....
}

運行之后還是有問題,又進行代碼論證,從簡單的代碼層面上面看,有點不相關(guān)。

解決方案一:
簡單粗暴型,由于之前的版本可以,使用老的處理類

    @Bean
    public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
       return new DefaultHttpFirewall();
   }
   
    @Override
    public void configure(WebSecurity web) throws Exception {
        super.configure(web);
        web.httpFirewall(allowUrlEncodedSlashHttpFirewall());
   }

我追究到什么原因?qū)е?,我又?jǐn)帱cclient發(fā)送服務(wù)方,經(jīng)過一步一步斷點,最終發(fā)現(xiàn)是Apache httpClient, 默認(rèn)版本4.5.9,可以引入了4.5.1版本
解決方案二:

<dependency>
    <groupId>org.apache.httpcomponents</groupId>
    <artifactId>httpclient</artifactId>
    <version>4.5.1</version>
</dependency>

由于本地開發(fā)環(huán)境內(nèi)部調(diào)用,有兩種情況,server端還是client進行處理。又無法使用 wireshark抓包看請求。又使用RawCap.exe工具。使用wireshark 進行查看

正常包數(shù)據(jù):


1.png

不正常包數(shù)據(jù):


2.png

具體原因:
org.apache.http.impl.client.DefaultRequestDirector#rewriteRequestURI
4.5.9


3.png

4.5.1


4.png

由于對Eureka源碼不熟悉,折騰兩天終于搞完了

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容