完成动态路由脚本配置

openresty/lua/tenant_router.lua

@@ -1,13 +1,11 @@
 local redis = require "resty.redis"
 
 -- 定义Redis连接参数
-local REDIS_HOST = "redis-host"
+local REDIS_HOST = "redis"
 local REDIS_PORT = 6379
+local REDIS_PASSWORD = "secret_redis"
 local REDIS_TIMEOUT = 1000  -- 1秒超时
 
-local ngx_shared = ngx.shared
-local env_cache = ngx_shared.env_cache  -- 需在nginx.conf定义共享内存lua_shared_dict env_cache 10m;
-
 local _M = {}
 
 -- 设置后端upstream
@@ -20,7 +18,7 @@ function set_upstream(tenant, env)
         ngx.log(ngx.ERR, "Upstream not found for env: " .. tostring(env))
         return ngx.exit(ngx.HTTP_BAD_REQUEST)  -- 使用标准HTTP状态码
     end
-    ngx.log(ngx.INFO, "Backend routing: ", "tenant=", tenant, "env=", env, ", upstream=", ngx.var.upstream)
+    ngx.log(ngx.NOTICE, "Backend routing: ", "tenant=", tenant, ", env=", env, ", upstream=", ngx.var.upstream)
 end
 
 -- 设置前端upstream
@@ -33,36 +31,45 @@ function set_frontend_upstream(tenant, env)
         ngx.log(ngx.ERR, "Frontend upstream not found for env: " .. tostring(env))
         return ngx.exit(ngx.HTTP_BAD_REQUEST)  -- 使用标准HTTP状态码
     end
-    ngx.log(ngx.INFO, "Frontend routing: ", "tenant=", tenant, "env=", env, ", frontend_upstream=", ngx.var.frontend_upstream)
+    ngx.log(ngx.NOTICE, "Frontend routing: ", "tenant=", tenant, ", env=", env, ", frontend_upstream=", ngx.var.frontend_upstream)
 end
 
 -- 根据租户信息获取环境变量
 function get_env(tenant)
     local cache_key = "tenant_identification_location_" .. tenant
-    local cache_res = env_cache:get(cache_key)
-    if cache_res then
-        ngx.log(ngx.DEBUG, "Cache hit: ", cache_key)
-        return cache_res
-    end
-
     local red = redis:new()
     red:set_timeouts(REDIS_TIMEOUT, REDIS_TIMEOUT, REDIS_TIMEOUT)
 
+    -- 连接到Redis
     local ok, connect_err = red:connect(REDIS_HOST, REDIS_PORT)
     if not ok then
         ngx.log(ngx.ERR, "Redis connect failed: ", connect_err)
         return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)  -- 使用标准HTTP状态码
     end
 
+    -- 认证Redis
+    local ok, auth_err = red:auth(REDIS_PASSWORD)
+    if not ok then
+        ngx.log(ngx.ERR, "Failed to authenticate Redis: ", auth_err)
+        return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)
+    end
+
+    -- 选择数据库 0（默认数据库）
+    local ok, err = red:select(0)
+    if not ok then
+        ngx.log(ngx.ERR, "Failed to select Redis database: ", err)
+        return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)
+    end
+
+    -- 从Redis中获取环境变量
     local env = red:get(cache_key)
     if not env then
-        ngx.log(ngx.ERR, "No environment found for tenant:", tenant)
+        ngx.log(ngx.ERR, "No environment found for tenant key: ", cache_key)
         red:set_keepalive(10000, 100)  -- 归还连接到连接池
         return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)  -- 使用标准HTTP状态码
     end
 
     red:set_keepalive(10000, 100)
-    env_cache:set(cache_key, env, 60)  -- 缓存60秒
 
     return env
 end

openresty/nginx.conf

@@ -91,9 +91,6 @@ http {
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
 
-    #定义共享内存区域
-    lua_shared_dict env_cache 10m;
-
     include /etc/nginx/sites-available/*.conf;
 
     # Don't reveal OpenResty version to clients.