From aa2e2c3c938982ffd65e7c55be7a061218d6e85a Mon Sep 17 00:00:00 2001 From: xiaocp2009 <39615122+xiaocp2009@users.noreply.github.com> Date: Mon, 8 Sep 2025 17:05:40 +0800 Subject: [PATCH] =?UTF-8?q?=E7=89=88=E6=9C=AC=E8=A7=84=E6=95=B4V7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/resources/application-prod.yml | 16 ++--- .../src/main/resources/application.yml | 14 ++--- .../common/web/config/UndertowConfig.java | 63 +++++++++++++++++++ .../cds-extend/cds-monitor-admin/pom.xml | 4 +- cds-platform-2025.V1/script/bin/cds.sh | 2 +- 5 files changed, 81 insertions(+), 18 deletions(-) create mode 100644 cds-platform-2025.V1/cds-common/cds-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java diff --git a/cds-platform-2025.V1/cds-admin/src/main/resources/application-prod.yml b/cds-platform-2025.V1/cds-admin/src/main/resources/application-prod.yml index 8858b0e..bfed1eb 100644 --- a/cds-platform-2025.V1/cds-admin/src/main/resources/application-prod.yml +++ b/cds-platform-2025.V1/cds-admin/src/main/resources/application-prod.yml @@ -52,20 +52,20 @@ spring: type: ${spring.datasource.type} ############mysql############### - #!driverClassName: com.mysql.cj.jdbc.Driver + driverClassName: com.mysql.cj.jdbc.Driver # jdbc 所有参数配置参考 https://lionli.blog.csdn.net/article/details/122018562 # rewriteBatchedStatements=true 批处理优化 大幅提升批量插入更新删除性能(对数据库有性能损耗 使用批量操作应考虑性能问题) - #!url: jdbc:mysql://101.42.2.210:3306/cdsdb?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true - #!username: root + url: jdbc:mysql://101.42.2.210:3306/cdsdb?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true + username: root #password: c12321456 - #!password: ENC(s/jC75JXj3bcSLJe3+9ML0JhKPEN6iz1U57Q0n4zei0fi/DCNagIX41osRheliDD) + password: ENC(s/jC75JXj3bcSLJe3+9ML0JhKPEN6iz1U57Q0n4zei0fi/DCNagIX41osRheliDD) ############dameng############### #达梦没有rewriteBatchedStatements属性 - driver-class-name: dm.jdbc.driver.DmDriver # 达梦驱动类 - url: jdbc:dm://101.42.2.210:5236??schema=cdsdb&compatibleMode=mysql&characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai - username: CDSDB - password: ENC(xglMxOJ6z9YyQWL9B7xyC+GCki0GU8lNs+jn4rLHJnWbD7gAlKsu52WkHmy3y119) + #driver-class-name: dm.jdbc.driver.DmDriver # 达梦驱动类 + #url: jdbc:dm://101.42.2.210:5236??schema=cdsdb&compatibleMode=mysql&characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai + #username: CDSDB + #password: ENC(xglMxOJ6z9YyQWL9B7xyC+GCki0GU8lNs+jn4rLHJnWbD7gAlKsu52WkHmy3y119) # # 从库数据源 # slave: diff --git a/cds-platform-2025.V1/cds-admin/src/main/resources/application.yml b/cds-platform-2025.V1/cds-admin/src/main/resources/application.yml index c6b8524..47f137e 100644 --- a/cds-platform-2025.V1/cds-admin/src/main/resources/application.yml +++ b/cds-platform-2025.V1/cds-admin/src/main/resources/application.yml @@ -6,19 +6,19 @@ server: # 应用的访问路径,部署到外部中间件时会被覆盖,以中间件路径(前缀)为准 context-path: / # undertow 配置 - #undertow: + undertow: # HTTP post内容的最大大小。当值为-1时,默认值为大小是无限的 - #max-http-post-size: -1 + max-http-post-size: -1 # 以下的配置会影响buffer,这些buffer会用于服务器连接的IO操作,有点类似netty的池化内存管理 # 每块buffer的空间大小,越小的空间被利用越充分 - #buffer-size: 512 + buffer-size: 512 # 是否分配的直接内存 - #direct-buffers: true - #threads: + direct-buffers: true + threads: # 设置IO线程数, 它主要执行非阻塞的任务,它们会负责多个连接, 默认设置每个CPU核心一个线程 - #io: 8 + io: 8 # 阻塞任务线程池, 当执行类似servlet请求阻塞操作, undertow会从这个线程池中取得线程,它的值设置取决于系统的负载 - #worker: 256 + worker: 256 #tomcat: # tomcat的URI编码 #uri-encoding: UTF-8 diff --git a/cds-platform-2025.V1/cds-common/cds-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java b/cds-platform-2025.V1/cds-common/cds-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java new file mode 100644 index 0000000..84f88ff --- /dev/null +++ b/cds-platform-2025.V1/cds-common/cds-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java @@ -0,0 +1,63 @@ +package org.dromara.common.web.config; + +import io.undertow.server.DefaultByteBufferPool; +import io.undertow.server.handlers.DisallowedMethodsHandler; +import io.undertow.util.HttpString; +import io.undertow.websockets.jsr.WebSocketDeploymentInfo; +import org.dromara.common.core.utils.SpringUtils; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.web.embedded.undertow.UndertowServletWebServerFactory; +import org.springframework.boot.web.server.WebServerFactoryCustomizer; +import org.springframework.core.task.VirtualThreadTaskExecutor; + +/** + * Undertow 自定义配置 + * + * @author Lion Li + */ +@AutoConfiguration +public class UndertowConfig implements WebServerFactoryCustomizer { + + /** + * 自定义 Undertow 配置 + *

+ * 主要配置内容包括: + * 1. 配置 WebSocket 部署信息 + * 2. 在虚拟线程模式下使用虚拟线程池 + * 3. 禁用不安全的 HTTP 方法,如 CONNECT、TRACE、TRACK + *

+ * + * @param factory Undertow 的 Web 服务器工厂 + */ + @Override + public void customize(UndertowServletWebServerFactory factory) { + factory.addDeploymentInfoCustomizers(deploymentInfo -> { + // 配置 WebSocket 部署信息,设置 WebSocket 使用的缓冲区池 + WebSocketDeploymentInfo webSocketDeploymentInfo = new WebSocketDeploymentInfo(); + webSocketDeploymentInfo.setBuffers(new DefaultByteBufferPool(true, 1024)); + deploymentInfo.addServletContextAttribute("io.undertow.websockets.jsr.WebSocketDeploymentInfo", webSocketDeploymentInfo); + + // 如果启用了虚拟线程,配置 Undertow 使用虚拟线程池 + if (SpringUtils.isVirtual()) { + // 创建虚拟线程池,线程池前缀为 "undertow-" + VirtualThreadTaskExecutor executor = new VirtualThreadTaskExecutor("undertow-"); + // 设置虚拟线程池为执行器和异步执行器 + deploymentInfo.setExecutor(executor); + deploymentInfo.setAsyncExecutor(executor); + } + + // 配置禁止某些不安全的 HTTP 方法(如 CONNECT、TRACE、TRACK) + deploymentInfo.addInitialHandlerChainWrapper(handler -> { + // 禁止三个方法 CONNECT/TRACE/TRACK 也是不安全的 避免爬虫骚扰 + HttpString[] disallowedHttpMethods = { + HttpString.tryFromString("CONNECT"), + HttpString.tryFromString("TRACE"), + HttpString.tryFromString("TRACK") + }; + // 使用 DisallowedMethodsHandler 拦截并拒绝这些方法的请求 + return new DisallowedMethodsHandler(handler, disallowedHttpMethods); + }); + }); + } + +} diff --git a/cds-platform-2025.V1/cds-extend/cds-monitor-admin/pom.xml b/cds-platform-2025.V1/cds-extend/cds-monitor-admin/pom.xml index 43176c0..6c3042b 100644 --- a/cds-platform-2025.V1/cds-extend/cds-monitor-admin/pom.xml +++ b/cds-platform-2025.V1/cds-extend/cds-monitor-admin/pom.xml @@ -24,10 +24,10 @@ - + diff --git a/cds-platform-2025.V1/script/bin/cds.sh b/cds-platform-2025.V1/script/bin/cds.sh index 36985e8..650b2e0 100644 --- a/cds-platform-2025.V1/script/bin/cds.sh +++ b/cds-platform-2025.V1/script/bin/cds.sh @@ -3,7 +3,7 @@ AppName=mps-server.jar # JVM参数 -JVM_OPTS="-Dname=$AppName -Duser.timezone=Asia/Shanghai -Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError -XX:+UseZGC" +JVM_OPTS="-Dname=$AppName -Duser.timezone=Asia/Shanghai -Xms2048m -Xmx4096m -XX:MetaspaceSize=512m -XX:MaxMetaspaceSize=2048m -XX:+HeapDumpOnOutOfMemoryError -XX:+UseZGC" APP_HOME=`pwd` LOG_PATH=$APP_HOME/logs/$AppName.log