Skip to main content
Version: 2.5.1

Gateway Property Config

This paper mainly explains how to configure Apache ShenYu properties on the gateway side.

Property Config#

shenyu:  matchCache:    enabled: false    maxFreeMemory: 256 # 256MB  netty:    http:      webServerFactoryEnabled: true      selectCount: 1      workerCount: 4      accessLog: false      serverSocketChannel:        soRcvBuf: 87380        soBackLog: 128        soReuseAddr: true        connectTimeoutMillis: 30000        writeBufferHighWaterMark: 65536        writeBufferLowWaterMark: 32768        writeSpinCount: 16        autoRead: false        allocType: "pooled"        messageSizeEstimator: 8        singleEventExecutorPerGroup: true      socketChannel:        soKeepAlive: false        soReuseAddr: true        soLinger: -1        tcpNoDelay: true        soRcvBuf: 87380        soSndBuf: 16384        ipTos: 0        allowHalfClosure: false        connectTimeoutMillis: 30000        writeBufferHighWaterMark: 65536        writeBufferLowWaterMark: 32768        writeSpinCount: 16        autoRead: false        allocType: "pooled"        messageSizeEstimator: 8        singleEventExecutorPerGroup: true  instance:    enabled: false    registerType: zookeeper #etcd #consul    serverLists: localhost:2181 #http://localhost:2379 #localhost:8848    props:#  httpclient:#    strategy: webClient#    connectTimeout: 45000#    responseTimeout: 3000#    readerIdleTime: 3000#    writerIdleTime: 3000#    allIdleTime: 3000#    readTimeout: 3000#    writeTimeout: 3000#    wiretap: false#    keepAlive: false#    pool:#      type: ELASTIC#      name: proxy#      maxConnections: 16#      acquireTimeout: 45000#      maxIdleTime: 3000#    proxy:#      host:#      port:#      username:#      password:#      nonProxyHostsPattern:#    ssl:#      useInsecureTrustManager: true#      keyStoreType: PKCS12#      keyStorePath: classpath:keystore.p12#      keyStorePassword: 123456#      keyStoreProvider: #      keyPassword: 123456#      trustedX509Certificates:#      handshakeTimeout:#      closeNotifyFlushTimeout:#      closeNotifyReadTimeout:#      defaultConfigurationType:  sync:    websocket:      urls: ws://localhost:9095/websocket      allowOrigin: ws://localhost:9195#    zookeeper:#      url: localhost:2181#      sessionTimeout: 5000#      connectionTimeout: 2000#    http:#      url: http://localhost:9095#    nacos:#      url: localhost:8848#      namespace: 1c10d748-af86-43b9-8265-75f487d20c6c#      username:#      password:#      acm:#        enabled: false#        endpoint: acm.aliyun.com#        namespace:#        accessKey:#        secretKey:#    etcd:#      url: http://localhost:2379#    consul:#      url: http://localhost:8500#      waitTime: 1000#      watchDelay: 1000  cross:    enabled: true    allowedHeaders:    allowedMethods: "*"    allowedAnyOrigin: false    allowedOrigin:      # format : schema://prefix spacer domain      # Access-Control-Allow-Origin: "http://a.apache.org,http://b.apache.org"      spacer: "."      domain: apache.org      prefixes:        - a # a.apache.org        - b # b.apache.org      origins:        - c.apache.org        - d.apache.org        - http://e.apache.org      originRegex: ^http(|s)://(.*\.|)abc.com$    allowedExpose: ""    maxAge: "18000"    allowCredentials: true  switchConfig:    local: true  file:    enabled: true    maxSize : 10  exclude:    enabled: false    paths:      - /favicon.ico  fallback:    enabled: false    paths:      - /fallback/hystrix      - /fallback/resilience4j  health:    enabled: false    paths:      - /actuator/health      - /health_check  extPlugin:    path:    enabled: true    threads: 1    scheduleTime: 300    scheduleDelay: 30  scheduler:    enabled: false    type: fixed    threads: 16  upstreamCheck:    enabled: false    timeout: 3000    healthyThreshold: 1    unhealthyThreshold: 1    interval: 5000    printEnabled: true    printInterval: 60000  ribbon:    serverListRefreshInterval: 10000  metrics:    enabled: false    name : prometheus    host: 127.0.0.1    port: 8090    jmxConfig:    props:      jvm_enabled: true  sharedPool:    enable: true    prefix: "shenyu-shared"    corePoolSize: 200    maximumPoolSize: 2000    keepAliveTime: 60000    maxWorkQueueMemory: 1073741824 # 1GB    maxFreeMemory: 268435456 # 256MB

Property Detail#

shenyu.matchCache config#

The apache shenyu selector cache config.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to enable selector caching.
maxFreeMemoryInteger256MB否NoMaximum cache usage (MB).
shenyu.NettyTcpProperties config#

The apache shenyu reactor-netty config.

NameTypeDefaultRequiredDescription
webServerFactoryEnabledBooleantrueNoWhether to enable custom parameters. True-enable. False-NettyReactiveWebServerFactory Can be configured by yourself.
selectCountInteger1NoNumber of netty selectors.
workerCountInteger4NoNumber of netty workers.
accessLogBooleanfalseNonetty request parameters.
ServerSocketChannelConfig
soRcvBufInteger--NoSocket config, the size of the socket receive buffer. The default value is system dependent.
soBackLogInteger128NoSocket config, maximum length of the accept queue.
soReuseAddrBooleantrueNoSocket config, allow reuse of local addresses. The default value in reactor-netty is true.
connectTimeoutMillisInteger30000NoNetty config, the connect timeout of the channel in milliseconds.
writeBufferHighWaterMarkInteger65536NoNetty config, the high water mark of the write buffer.
writeBufferLowWaterMarkInteger32768NoNetty config, the low water mark of the write buffer.
writeSpinCountInteger16NoNetty config, the maximum loop count for a write operation.
autoReadBooleanfalseNoNetty config, channel read method will be invoked automatically so that a user application doesn't need to call it at all. The default value in reactor-netty is false, and can only be false.
allocTypeStringpooledNoNetty config, set the ByteBufAllocator which is used for the channel to allocate buffers.
messageSizeEstimatorInteger8NoNetty config, message size estimator, estimate ByteBuf,ByteBufHolder and FileRegion size.
singleEventExecutorPerGroupBooleantrueNoNetty config, single thread execute the event of ChannelPipeline.
SocketChannelConfig
soKeepAliveBooleanfalseNoSocket config, enable tcp keepalive.
soReuseAddrBooleantrueNoSocket config, allow reuse of local addresses. The default value in reactor-netty is true.
soLingerInteger-1NoSocket config, the delay time for closing the socket.
tcpNoDelayBooleantrueNoSocket config, enable Nagle algorithm.
soRcvBufInteger--NoSocket config, the size of the socket receive buffer. The default value is system dependent.
soSndBufInteger--NoSocket config, the size of the socket send buffer. The default value is system dependent.
ipTosInteger0NoIP config, the Type of Service (ToS) octet in the Internet Protocol (IP) header.
allowHalfClosureBooleanfalseNoNetty config, Sets whether the channel should not close itself when its remote peer shuts down output to make the connection half-closed.
connectTimeoutMillisInteger30000NoNetty config, the connect timeout of the channel in milliseconds.
writeBufferHighWaterMarkInteger65536NoNetty config, the high water mark of the write buffer.
writeBufferLowWaterMarkInteger32768NoNetty config, the low water mark of the write buffer.
writeSpinCountInteger16NoNetty config, the maximum loop count for a write operation.
autoReadBooleanfalseNoNetty config, channel read method will be invoked automatically so that a user application doesn't need to call it at all. The default value in reactor-netty is false, and can only be false.
allocTypeStringpooledNoNetty config, set the ByteBufAllocator which is used for the channel to allocate buffers.
messageSizeEstimatorInteger8NoNetty config, message size estimator, estimate ByteBuf,ByteBufHolder and FileRegion size.
singleEventExecutorPerGroupBooleantrueNoNetty config, single thread execute the event of ChannelPipeline.
shenyu.register config#

This is the relevant configuration for the ShenYu gateway to register to the registration center. For the configuration of the registration center, please refer to Register Center Instance Config.

NameTypeDefaultRequiredDescription
enabledbooleanfalseYesWhether to start.
registerTypeStringzookeeperYesWhich registry to use, currently supports zookeeper, etcd.
serverListsStringlocalhost:2181YesThe address of the register center. If using clusters, separate with ,.
propsWhen using different register types, the attribute values are different.
  • props config

When using different register center, the attribute values are different.

When the registerType is zookeeper, the supported properties are as follows.

NameTypeDefaultRequiredDescription
sessionTimeoutint30000Nosession time out(millisecond).
connectionTimeoutint3000Noconnection time out(millisecond).

When the registerType is etcd, the supported properties are as follows.

NameTypeDefaultRequiredDescription
etcdTimeoutint30000Noetcd time out(millisecond).
etcdTTLint5Noclient lease time to live(second).
shenyu.httpclient config#

This is the HttpClient configuration used to send proxy requests after proxying the Http and SpringCloud protocols in the ShenYu gateway.

NameTypeDefaultRequiredDescription
strategyStringwebClientNoType of http client, defaults to webClient.
- webClient: use by WebClientPlugin
- netty: use by NettyHttpClientPlugin.
connectTimeoutint45000NoConnection timeout (millisecond), the default value is 45000.
responseTimeoutint3000NoThe response timeout (millisecond), the default value is 3000.
readerIdleTimeint3000NoThe reader idle timeout (millisecond), the default value is 3000.
writerIdleTimeint3000NoThe writer idle timeout (millisecond), the default value is 3000.
allIdleTimeint3000NoThe all idle timeout (millisecond), the default value is 3000.
readTimeoutint3000NoRead timeout (millisecond), the default value is 3000.
writeTimeoutint3000NoWrite timeout (millisecond), the default value is 3000.
wiretapBooleanfalseNoEnables wiretap debugging for Netty HttpClient, the default value is 'false'.
keepAliveBooleanfalseNoEnable or Disable Keep-Alive support for the outgoing request, the default value is 'false'.
poolHttpClient connection pool config.
proxyHttpClient proxy config.
sslHttpClient ssl config.
  • pool config

HttpClient connection pool configuration:

NameTypeDefaultRequiredDescription
typeStringELASTICNoType of pool for HttpClient to use, defaults to ELASTIC.
- ELASTIC: The connection pool can be cached and grown on demand
- FIXED: The connection pool cache and reuse a fixed maximum The number of connections.
- DISABLED: The connection pool will always create a new connection.
nameStringproxyNoThe channel pool map name, defaults to proxy.
maxConnectionsintthe maximum value of 2*CPU and 16NoOnly for type FIXED, the maximum number of connections before starting pending acquisition on existing ones.
the default value is available number of processors*2.
(but with a minimum value of 16).
acquireTimeoutint45000NoOnly for type FIXED, the maximum time in millis to wait for acquiring. the default value is 45000.
maxIdleTimeintNULLNoAfter which the channel will be closed, if NULL there is no max idle time.
  • proxy config

Netty HttpClient proxy configuration:

NameTypeDefaultRequiredDescription
hostStringnullNoHostname for proxy configuration of Netty HttpClient.
portStringnullNoPort for proxy configuration of Netty HttpClient.
usernameStringnullNoUsername for proxy configuration of Netty HttpClient.
passwordStringnullNoPassword for proxy configuration of Netty HttpClient.
nonProxyHostsPatternStringnullNoRegular expression (Java) for a configured list of hosts. that should be reached directly, bypassing the proxy.
  • SSL config

Gateway routing can support routing to http and https back-end services at the same time. The following is the SSL-related configuration:

NameTypeDefaultRequiredDescription
useInsecureTrustManagerBooleanfalseNoInstalls the netty InsecureTrustManagerFactory. This is insecure and not suitable for production.
keyStoreTypeStringPKCS12NoSSL key store type.
keyStorePathStringNoSSL key store path.
keyStorePasswordStringNoSSL key store pass word.
keyStoreProviderStringNoSSL Keystore provider for netty httpClient and webclient.
keyPasswordStringNoSSL key pass word.
trustedX509CertificatesStringNullNoTrusted certificates for verifying the remote endpoint's certificate.(Use , to separate multiple values)
handshakeTimeoutint10000NoSSL handshake timeout. Default to 10000 ms
closeNotifyFlushTimeoutint3000NoSSL close_notify flush timeout. Default to 3000 ms.
closeNotifyReadTimeoutint0NoSSL close_notify read timeout. Default to 0 ms.
defaultConfigurationTypeStringTCPNoThe default ssl configuration type. Defaults to TCP.
- H2: SslProvider will be set depending on OpenSsl.isAlpnSupported(), SslProvider.HTTP2_CIPHERS, ALPN support, HTTP/1.1 and HTTP/2 support.
- TCP: SslProvider will be set depending on OpenSsl.isAvailable().
- NONE: There will be no default configuration.
Filter Configuration#
  • shenyu.file config

File filter properties.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoenable file size filtering
maxSizeInteger10Noupload file maxSize (MB)
  • shenyu.cross config

Cross filter properties:

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoallow cross-domain requests
allowedHeadersStringx-requested-with, authorization, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, clientNoallowedHeaders, Use "," split in multiple cases. the new "allowedHeaders" will append to "Access-Control-Allow-Headers" based on the default value and remove the reduplicative header.
allowedMethodsString"*"NoallowedMethods
allowedAnyOriginBooleanfalseNoWhether to allow any Origin, if it is true, directly set the Access-Control-Allow-Origin to the same value as the Origin, that is, request.getHeaders().getOrigin(), and discard the allowedOrigin configuration.
allowedOriginAllowedOriginConfig-NoSet the allowed request sources.
spacerString""NoSet the allowed subdomains, need to use with domain, prefixes.
domainString""NoSet the allowed subdomains, need to use with spacer, prefixes.
prefixesSet[]NoSet the allowed subdomains, need to use with spacer, domain.
originsSetnullNoSet the domain names that are allowed to be accessed, which can be used separately.
originRegexString""NoSet up access to domains that allow regular matching, available separately.
allowedExposeString""NoallowedExpose
maxAgeString"18000"NomaxAge (ms)
allowCredentialsBooleantrueNoallowCredentials
  • shenyu.exclude config

Exculde filter properties.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNowhether to enable exclude filter and reject the specified request to pass through the gateway.
pathsArraynullYesRequests matching this list can not pass through the gateway (support Path-Matching).
  • shenyu.fallback config

Related configuration of fallback response.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to turn on the fallback response.
pathsArray[]YesAddress of the service fallback request.
  • shenyu.health config

Configuration related to service health status.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to turn on health detection.
pathsArray"/actuator/health""/health_check"NoSet up service health monitoring paths.
  • shenyu.local config

Local forwarding-related configuration.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to enable local forwarding.
sha512KeyString""YesSecret key, according to the secret key to determine whether the need for local forwarding.
shenyu.switchConfig config#

The apache shenyu switch configuration.

NameTypeDefaultRequiredDescription
localBooleantrueNoWhether to open local mode, if so, local operation data, default open.
shenyu.sync config#

The apache shenyu gateway and the Admin System use data synchronization configurations.

The following properties are configured for data synchronization using websocket :

NameTypeDefaultRequiredDescription
urlsStringnullYesThe websocket server address of Admin, separate multiple addresses with ,.
allowOriginString""NoSet the allowed origins, with multiple parameters separated by ;.

The following properties are configured for data synchronization using zookeeper :

NameTypeDefaultRequiredDescription
urlStringnullYeszookeeper server url.
sessionTimeoutintnullYessession timeout (millisecond).
connectionTimeoutintnullYesconnection timeout (millisecond).

The following properties are configured for data synchronization using http long polling :

NameTypeDefaultRequiredDescription
urlStringnullYesAdmin server address.

The following properties are configured for data synchronization using nacos :

NameTypeDefaultRequiredDescription
urlStringnullnacos url
namespaceStringnullYesnamespace
usernameStringnullNousername
passwordStringnullNopassword
acmObject-Noaliyun ACM service configuration.
enabledbooleanfalseNowhether to enable.
endpointStringnullNoACM service address.
namespaceStringnullNonamespace.
accessKeyStringnullNoaccessKey.
secretKeyStringnullNosecretKey.

The following properties are configured for data synchronization using etcd :

NameTypeDefaultRequiredDescription
urlStringnullYesetcd server url.

The following properties are configured for data synchronization using consul :

NameTypeDefaultRequiredDescription
urlStringnullYesconsul server url.
waitTimeintnullYesthe timeout period for requesting consul service to pull configuration information (milliseconds).
watchDelayintnullYesSynchronization interval (milliseconds).
shenyu.extPlugin config#

The apache shenyu supports dynamic loading of custom plug-ins with the following configuration

NameTypeDefaultRequiredDescription
enabledBooleantrueNoopen dynamic loading of custom plug-ins.
pathStringFalsecustom plugins path, if not config, the path is /ext/lib.
threadsInteger1Falsethreads for dynamic loading custom plug-ins.
scheduleTimeInteger300Falseschedule time (s) for dynamic loading custom plug-ins.
scheduleDelayInteger30Falseschedule delay when app startup.
shenyu.scheduler config#

Scheduler config for apache shenyu scheduler thread model.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to turn on Scheduler Thread Model.
typeStringfixedFalsefixed Thread Pool or elastic Scheduler Thread Model.
threadsIntegerMath.max((Runtime.getRuntime().availableProcessors() << 1) + 1, 16)Falsethreads for fixed Thread Pool.
shenyu.upstreamCheck config#

UpstreamCheck config is the configuration used by apache shenyu to detect upstream.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to turn on upstreamCheck.
timeoutInteger3000Notimeout (ms).
healthyThresholdInteger1NohealthyThreshold.
unhealthyThresholdInteger1NounhealthyThreshold.
intervalInteger5000Noschedule time (ms) for checked.
printEnabledBooleantrueNoWhether to turn on print logs.
printIntervalInteger60000Noschedule time (ms) for print logs.
shenyu.ribbon config#

The apache shenyu polling interval configuration.

NameTypeDefaultRequiredDescription
serverListRefreshIntervalInteger10000NoAdjust the refresh interval parameter, refer tocom.netflix.client.config.CommonClientConfigKey#ServerListRefreshInterval.
shenyu.metrics config#

The apache shenyu metrics config,the gateway is used to monitor its own operational status.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to enable metrics, true means enable.
nameString""Noname.
hostString""NoIP exposed by the gateway service to the collection service.
portIntegerNullNoPort exposed by the gateway service to the collection service.
jmxConfigString""Nojmx config.
props-Noproperties.
jvm_enabledBooleanNullNoTurn on jvm's monitoring metrics.
shenyu.sharedPool config#

The apache shenyu shared thread pool configuration.

NameTypeDefaultRequiredDescription
enabledBooleanfalseNoWhether to enable shared thread pooling.
prefixString"shenyu-shared"NoThread pool name prefix.
corePoolSizeInteger200NoNumber of core threads in the thread pool.
maximumPoolSizeIntegerInteger.MAX_VALUENoMaximum number of threads in the thread pool.
keepAliveTimeLong60000LNoExcess idle thread keepAlive time, in milliseconds.
maxWorkQueueMemoryLong80% of the current JVM maximum available memoryNoMaximum memory used (byte).
maxFreeMemoryIntegerNoMaximum remaining memory (byte).