Question

使用Ocelot构建微服务架构，我开始在单独的解决方案中构建测试服务。一切正常，我可以得到对https://localhost:5101/service/stats/collected的模拟回复。

然后在另一个解决方案中，我正在新建一个新的webapi项目。然后，按照Ocelot的official website上的入门。

配置.json文件以将其用作GW，如果我尝试点击https://localhost:5001/api/stats/collected，我从项目中得到了500，但我不知道为什么？

以下是APIGW的主要文件：

ocelot.json

{
  "ReRoutes": [
    {
      "DownstreamPathTemplate": "/service/stats/collected",
      "DownstreamScheme": "https",
      "DownstreamHostAndPorts": [
        {
          "Host": "localhost",
          "Port": 5101
        }
      ],
      "UpstreamPathTemplate": "/api/stats/collected"
    }
  ],
  "GlobalConfiguration": {
    "BaseUrl": "https://localhost:5001"
  }
}

Program.cs

using System.IO;
using System.Net;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Ocelot.DependencyInjection;
using Ocelot.Middleware;

namespace APIGateway.Base
{
    public class Program
    {
        public static void Main(string[] args)
        {
            new WebHostBuilder()
                .UseKestrel(
                    options =>
                {
                    options.Listen(IPAddress.Loopback, 5001, listenOptions =>
                    {
                        listenOptions.UseHttps("localhost.pfx", "qwerty123");
                    });
                    options.AddServerHeader = false;
                }
                    )
                .UseContentRoot(Directory.GetCurrentDirectory())
                .ConfigureAppConfiguration((hostingContext, config) =>
                {
                    config
                        .SetBasePath(hostingContext.HostingEnvironment.ContentRootPath)
                        .AddJsonFile("appsettings.json", true, true)
                        .AddJsonFile($"appsettings.{hostingContext.HostingEnvironment.EnvironmentName}.json", true, true)
                        .AddJsonFile("ocelot.json")
                        .AddEnvironmentVariables();
                })
                .ConfigureServices(s => {
                    s.AddOcelot();
                })
                .ConfigureLogging((hostingContext, logging) =>
                {
                    //add your logging
                })
                .UseIISIntegration()
                .Configure(app =>
                {
                    app.UseOcelot().Wait();
                })
                .Build()
                .Run();
        }
    }
}

Startup.cs

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace StatsService.Base
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseMvc();
        }
    }
}

更新：

我发现通过在方法options中注释UseKestrel来禁用每个项目的SSL，可以使我的GW正常工作。我如何设置它以在我的GW和服务之间建立安全的连接？ Localhost和Prod？

Answer 1

当您使用“ localhost”作为主机名时，我猜您正在为localhost使用自签名证书。在这种情况下，您可能需要添加

"DangerousAcceptAnyServerCertificateValidator": true

重新路由配置（请参阅https://ocelot.readthedocs.io/en/latest/features/configuration.html#ssl-errors）。

其他选项是：

使用有效的证书（对于本地主机来说很难实现）
在用户的证书存储区中将自签名证书注册为可信任的证书。

API Gateway Ocelot不会重定向

1 个答案: