实现集群CC防护策略设置

2026-01-28 21:05:48 +08:00 · 2023-05-23 19:16:09 +08:00
parent 933329cd51
commit e95175bc12
7 changed files with 1868 additions and 1148 deletions
--- a/pkg/nodeconfigs/http_cc_policy.go
+++ b/pkg/nodeconfigs/http_cc_policy.go
@@ -0,0 +1,19 @@
+// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+//go:build !plus
+
+package nodeconfigs
+
+// HTTPCCPolicy CC策略
+type HTTPCCPolicy struct {
+	IsOn bool `json:"isOn" yaml:"isOn"`
+}
+
+func NewHTTPCCPolicy() *HTTPCCPolicy {
+	return &HTTPCCPolicy{
+		IsOn: true,
+	}
+}
+
+func (this *HTTPCCPolicy) Init() error {
+	return nil
+}
--- a/pkg/nodeconfigs/node_config.go
+++ b/pkg/nodeconfigs/node_config.go
@@ -24,6 +24,7 @@ import (

 var sharedNodeConfig *NodeConfig = nil
 var uamPolicyLocker = &sync.RWMutex{}
+var httpCCPolicyLocker = &sync.RWMutex{}
 var httpPagesPolicyLocker = &sync.RWMutex{}

 type ServerError struct {
@@ -101,6 +102,9 @@ type NodeConfig struct {
 	// UAM相关配置
 	UAMPolicies map[int64]*UAMPolicy `yaml:"uamPolicies" json:"uamPolicies"` // clusterId => *UAMPolicy

+	// CC相关配置
+	HTTPCCPolicies map[int64]*HTTPCCPolicy `yaml:"httpCCPolicies" json:"httpCCPolicies"` // clusterId => *HTTPCCPolicy
+
 	// 自定义页面
 	HTTPPagesPolicies map[int64]*HTTPPagesPolicy `yaml:"httpPagesPolicies" json:"httpPagesPolicies"` // clusterId => *HTTPPagesPolicy

@@ -200,6 +204,9 @@ func CloneNodeConfig(nodeConfig *NodeConfig) (*NodeConfig, error) {
 	uamPolicyLocker.RLock()
 	defer uamPolicyLocker.RUnlock()

+	httpCCPolicyLocker.RLock()
+	defer httpCCPolicyLocker.RUnlock()
+
 	httpPagesPolicyLocker.RLock()
 	defer httpPagesPolicyLocker.RUnlock()

@@ -399,7 +406,20 @@ func (this *NodeConfig) Init(ctx context.Context) (err error, serverErrors []*Se
 	}
 	uamPolicyLocker.RUnlock()

-	// http pages
+	// http cc policy
+	httpCCPolicyLocker.RLock()
+	if len(this.HTTPCCPolicies) > 0 {
+		for _, policy := range this.HTTPCCPolicies {
+			err = policy.Init()
+			if err != nil {
+				httpCCPolicyLocker.RUnlock()
+				return
+			}
+		}
+	}
+	httpCCPolicyLocker.RUnlock()
+
+	// http pages policy
 	httpPagesPolicyLocker.RLock()
 	if len(this.HTTPPagesPolicies) > 0 {
 		for _, policy := range this.HTTPPagesPolicies {
@@ -652,6 +672,23 @@ func (this *NodeConfig) UpdateUAMPolicies(policies map[int64]*UAMPolicy) {
 	this.UAMPolicies = policies
 }

+// FindHTTPCCPolicyWithClusterId 使用集群ID查找CC策略
+func (this *NodeConfig) FindHTTPCCPolicyWithClusterId(clusterId int64) *HTTPCCPolicy {
+	httpCCPolicyLocker.RLock()
+	defer httpCCPolicyLocker.RUnlock()
+	if this.HTTPCCPolicies == nil {
+		return nil
+	}
+	return this.HTTPCCPolicies[clusterId]
+}
+
+// UpdateHTTPCCPolicies 修改集群CC策略
+func (this *NodeConfig) UpdateHTTPCCPolicies(policies map[int64]*HTTPCCPolicy) {
+	httpCCPolicyLocker.Lock()
+	defer httpCCPolicyLocker.Unlock()
+	this.HTTPCCPolicies = policies
+}
+
 // UpdateHTTPPagesPolicies 修改集群自定义页面策略
 func (this *NodeConfig) UpdateHTTPPagesPolicies(policies map[int64]*HTTPPagesPolicy) {
 	httpPagesPolicyLocker.Lock()
--- a/pkg/rpc/pb/service_node.pb.go
+++ b/pkg/rpc/pb/service_node.pb.go
--- a/pkg/rpc/pb/service_node_cluster.pb.go
+++ b/pkg/rpc/pb/service_node_cluster.pb.go
--- a/pkg/rpc/protos/service_node.proto
+++ b/pkg/rpc/protos/service_node.proto
@@ -173,6 +173,9 @@ service NodeService {
 	// 查找节点的UAM策略
 	rpc findNodeUAMPolicies(FindNodeUAMPoliciesRequest) returns (FindNodeUAMPoliciesResponse);

+	// 查找节点的HTTP CC策略
+	rpc findNodeHTTPCCPolicies(FindNodeHTTPCCPoliciesRequest) returns (FindNodeHTTPCCPoliciesResponse);
+
 	// 查找节点的自定义页面策略
 	rpc findNodeHTTPPagesPolicies(FindNodeHTTPPagesPoliciesRequest) returns (FindNodeHTTPPagesPoliciesResponse);

@@ -701,6 +704,20 @@ message FindNodeUAMPoliciesResponse {
 	}
 }

+// 查找节点的HTTP CC策略
+message FindNodeHTTPCCPoliciesRequest {
+	int64 nodeId = 1; // 节点ID
+}
+
+message FindNodeHTTPCCPoliciesResponse {
+	repeated HTTPCCPolicy httpCCPolicies = 1; // HTTP CC策略列表
+
+	message HTTPCCPolicy {
+		int64 nodeClusterId = 1; // 集群ID
+		bytes httpCCPolicyJSON = 2; // HTTP CC策略配置
+	}
+}
+
 // 查找节点的自定义页面策略
 message FindNodeHTTPPagesPoliciesRequest {
 	int64 nodeId = 1; // 节点ID
--- a/pkg/rpc/protos/service_node_cluster.proto
+++ b/pkg/rpc/protos/service_node_cluster.proto
@@ -129,6 +129,12 @@ service NodeClusterService {
 	// 设置集群的UAM策略
 	rpc updateNodeClusterUAMPolicy(UpdateNodeClusterUAMPolicyRequest) returns (RPCSuccess);

+	// 读取集群的HTTP CC策略
+	rpc findEnabledNodeClusterHTTPCCPolicy(FindEnabledNodeClusterHTTPCCPolicyRequest) returns (FindEnabledNodeClusterHTTPCCPolicyResponse);
+
+	// 设置集群的HTTP CC策略
+	rpc updateNodeClusterHTTPCCPolicy(UpdateNodeClusterHTTPCCPolicyRequest) returns (RPCSuccess);
+
 	// 获取集群的DDoS设置
 	rpc findNodeClusterDDoSProtection(FindNodeClusterDDoSProtectionRequest) returns (FindNodeClusterDDoSProtectionResponse);

@@ -464,6 +470,7 @@ message FindEnabledNodeClusterConfigInfoResponse {
 	bool hasMetricItems = 6;
 	bool webpIsOn = 7; // 是否定义了WebP策略
 	bool uamIsOn = 10; // 是否定义了UAM策略
+	bool httpCCIsOn = 12; // 是否定义了CC策略
 	bool hasSystemServices = 8;
 	bool hasDDoSProtection = 9;
 	bool hasHTTPPagesPolicy = 11; // 是否设置了自定义页面策略
@@ -505,6 +512,21 @@ message UpdateNodeClusterUAMPolicyRequest {
 	bytes uamPolicyJSON = 2;
 }

+// 读取集群的HTTP CC策略
+message FindEnabledNodeClusterHTTPCCPolicyRequest {
+	int64 nodeClusterId = 1;
+}
+
+message FindEnabledNodeClusterHTTPCCPolicyResponse {
+	bytes httpCCPolicyJSON = 1;
+}
+
+// 设置集群的HTTP CC策略
+message UpdateNodeClusterHTTPCCPolicyRequest {
+	int64 nodeClusterId = 1;
+	bytes httpCCPolicyJSON = 2;
+}
+
 // 获取集群的DDoS设置
 message FindNodeClusterDDoSProtectionRequest {
 	int64 nodeClusterId = 1;