项目背景: 使用springboot做微服务,后端一共10个工程左右,在同一台服务器部署(16g,8核),工程之间的调用十分频繁,没有使用rpc框架,使用http调用。shiro使用redis作session管理。
产生问题: 服务器cpu非常高。
问题排查: 使用top查看哪个服务占用cpu高。 用 ps -mp TID THREAD,pid,time查看那个线程占用服务器高, printf "%x\n" pid 将线程专程16进制, jstack TID|grep pid -A 60 看耗时线程卡在哪里(多跑几遍这里命令,看最多是卡在哪里),结果发现大多数线程卡在jedis.getConnection();

问题原因: 有一个定时任务从电商平台同步订单。每同步一个订单,工程之间调用发生30次左右。每次调用,shiro从redis去4,5次数据。每天同步200万订单。redis maxConnection 开50个,导致大量线程卡在获取redis connection上面。 问题解决:接口在内部调用的时候不经过shiroFilter。首先定义不经过shiro的uri和访问ip(本文代码为本地调用),符合条件的话不走shiro,否则走shiro

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.mgt.FilterChainManager;
import org.apache.shiro.web.filter.mgt.FilterChainResolver;
import org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver;
import org.apache.shiro.web.mgt.WebSecurityManager;
import org.apache.shiro.web.servlet.AbstractShiroFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanInitializationException;

import com.google.common.base.Splitter;

public class MyShiroFilterFactoryBean extends ShiroFilterFactoryBean{
	private static final Logger logger = LoggerFactory.getLogger(MyShiroFilterFactoryBean.class);
	private List<String> noShiroIps = new ArrayList<String>();
	private List<String> noShiroUrls = new ArrayList<String>();
	
   public MyShiroFilterFactoryBean(String hosts) {
       super();
       if(StringUtils.isNotEmpty(hosts)) {
    	   noShiroIps = Splitter.on(",").splitToList(hosts);
       }
       noShiroUrls = NoShiroPostProcessor.getInstance();
   }

   @Override
   protected AbstractShiroFilter createInstance() throws Exception {
       SecurityManager securityManager = getSecurityManager();
       if (securityManager == null) {
           String msg = "SecurityManager property must be set.";
           throw new BeanInitializationException(msg);
       }

       if (!(securityManager instanceof WebSecurityManager)) {
           String msg = "The security manager does not implement the WebSecurityManager interface.";
           throw new BeanInitializationException(msg);
       }

       FilterChainManager manager = createFilterChainManager();

       PathMatchingFilterChainResolver chainResolver = new PathMatchingFilterChainResolver();
       chainResolver.setFilterChainManager(manager);

       return new MySpringShiroFilter((WebSecurityManager) securityManager, chainResolver);
   }

   private final class MySpringShiroFilter extends AbstractShiroFilter {
       protected MySpringShiroFilter(WebSecurityManager webSecurityManager, FilterChainResolver resolver) {
           super();
           if (webSecurityManager == null) {
               throw new IllegalArgumentException("WebSecurityManager property cannot be null.");
           }
           setSecurityManager(webSecurityManager);
           if (resolver != null) {
               setFilterChainResolver(resolver);
           }
       }

       @Override
       protected void doFilterInternal(ServletRequest servletRequest, ServletResponse servletResponse,
               FilterChain chain) throws ServletException, IOException {
           HttpServletRequest request = (HttpServletRequest)servletRequest;
           String uri = request.getRequestURI().toLowerCase();
           boolean flag = true;
           if(noShiroIps.contains(getIpAddr(request)) && noShiroUrls.contains(uri)){
        	   flag = false;
           }
           if(flag){
        	   logger.info("shirouri=" + uri);
               super.doFilterInternal(servletRequest, servletResponse, chain);
           }else{
        	   logger.info("shironouri=" + uri);
               chain.doFilter(servletRequest, servletResponse);
           }
       }
       
       private String getIpAddr(HttpServletRequest request) {  
	   	    String ip = request.getHeader("x-forwarded-for");//先从nginx自定义配置获取  
	   	    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
	   	        ip = request.getHeader("X-real-ip");  
	   	    }  
	   	    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
	   	        ip = request.getHeader("Proxy-Client-IP");  
	   	    }  
	   	    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
	   	        ip = request.getHeader("WL-Proxy-Client-IP");  
	   	    }  
	   	    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
	   	        ip = request.getRemoteAddr();  
	   	    }  
	   	    return ip;  
	   	}

   }
}
复制代码
# java # 数据库 # 后端
Logo
向您推荐>>Eolink开发者社区

权威|前沿|技术|干货|国内首个API全生命周期开发者社区

更多推荐

ELK实现containerd的容器日志采集展示【基于logging的全栈监测】

企业级ELK Stack构建介绍

avatar 云原生

深入理解 Mocha 测试框架:从零实现一个 Mocha

前言什么是自动化测试自动化测试在很多团队中都是Devops环节中很难执行起来的一个环节,主要原因在于测试代码的编写工作很难抽象,99%的场景都需要和业务强绑定,而且写测试代码的编写工作量往往比编写实际业务代码的工作量更多。在一些很多业务场景中投入产出比很低,适合写自动化测试的应该是那些中长期业务以及一些诸如组件一样的基础库。自动化测试是个比较大的概念,其中分类也比较多,比如单元测试,端对端测试,集

avatar 云原生

(20200916 Solved)docker-compose up创建容器自动退出

问题描述如题,创建容器后自动退出了。并且docker start container无效解决方案原因是缺失了控制终端的配置,需要在docker-compose.yml中增加tty:true ,有时候这样也不行,需要再增加一个command:/bin/bash,命令不一定是这个,需要是一个不会退出的命令,然后用-d后台启动容器。Referencesdocker-compose启动容器后自动退出...

avatar 云原生