Talk about the pit you stepped on due to the improper use of alibaba sentinel

Posted by Btown2 on Fri, 07 Jan 2022 03:12:54 +0100



Sentinel is a flow control component for distributed service architecture. It mainly takes flow as the starting point to help developers ensure the stability of micro services from multiple dimensions such as current limiting, flow shaping, fuse degradation, system load protection and hotspot protection. Since hytrix entered the maintenance state in 2018, and then hytrix was removed in spring cloud 2020.0, it can be expected that alibaba sentinel is basically the first choice for the fuse degradation component of spring cloud in the future.

Today, let's talk about some examples of fuse degradation failure caused by improper use of alibaba sentinel. Because sentinel is still in iterative updating, there will be some differences between different versions, and some problems may have been fixed in the iteration of versions.

The sentinel dashboard used in the version demonstrated in this article is 1.8.0. The version of Alibaba using spring cloud is 2.2.3 RELEASE


Failure scenario example

Downgrade does not take effect


Cause analysis

Custom global exception handling is used in the project. The statistics of different constants or exception proportions are shown in

When this method is executed, the custom global exception will be handled before

This method executes because we have handled the exception in the global exception, such as converting it into an object, which leads to abstractsentinelinterceptor Aftercompletion is unable to get the exception, so it is unable to count the different constant or exception proportion



In the official issue, some netizens have put forward solutions

Because I found the answer through source code tracking before checking the issue. Here is my implementation idea. My idea is to define a section and make exception statistics in AfterThrowing of the section. Because the slice is executed before the global exception. I directly copy the source of sentinel statistics. The core code is as follows

public class StatisticsExceptionCountAspect {

    private BaseWebMvcConfig baseWebMvcConfig;

    @Pointcut("execution(* com.github.lybgeek.sentinel.controller..*.*(..))")
    public void pointcut(){


    @AfterThrowing(pointcut = "pointcut()",throwing = "ex")
    public void afterAfterThrowing(Throwable ex){"statisticsExceptionCount...");

     * Statistical anomaly
     * @param ex
    private void traceException(Throwable ex) {
        Entry entry = getEntryInRequest();
        if (entry != null) {
            Tracer.traceEntry(ex, entry);
    protected Entry getEntryInRequest() {
        RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
        ServletRequestAttributes attributes = (ServletRequestAttributes)requestAttributes;
        HttpServletRequest request = attributes.getRequest();
        Object entryObject = request.getAttribute(baseWebMvcConfig.getRequestAttributeName());
        return entryObject == null ? null : (Entry)entryObject;

Non effectiveness of authorization rules


Cause analysis

Not implemented in project

Interface, so the request source cannot be resolved



Customize the request source parser in your project. The example code is as follows

 * @description: Resolve access sources for authorization rules--Black and white list.
 * When authorization rules are to be, they must be configured RequestOriginParser,Otherwise, the authorization rule cannot take effect
public class CustomRequestOriginParser implements RequestOriginParser {

    public String parseOrigin(HttpServletRequest request) {
        String origin = request.getParameter("origin");
            //It depends on whether the interface carries the origin parameter. If the carried parameter is origin=pc,
            // When the source of the sentinel dashborder authorization rule is set to pc, it means that the request source is pc and the black-and-white list configuration is required

            return origin;
        //If the interface does not carry the requested parameters, it means that the black-and-white list is set according to ip
        return request.getRemoteAddr();

Hot spot rule does not take effect


Cause analysis

If the web buried point takes url as the resource name, the rule will not take effect



Take the name defined by the @ SentinelResource annotation as the resource name

Refer to official issue

After configuring the hotspot rule and configuring @ SentinelResource, it may also appear

java.lang.reflect.UndeclaredThrowableException: null

Solution: you need to add throws BlockException or blockHandler in the method to handle exceptions

Refer to official issue

Sample code

@GetMapping(value = "/paramFlowRule/{msg}")
            @ApiImplicitParam(name="msg",defaultValue = "hello",value="information", paramType = "path"),
    @ApiOperation(value = "Test hotspot rule")
    @SentinelResource(value = "testParamFlowRule")
    public AjaxResult<String> testParamFlowRule(@PathVariable("msg") String msg) throws BlockException {
        System.out.println(String.format("msg : %s",msg));
        return AjaxResult.success("Test hotspot rule");



This article mainly introduces the common problems that may be encountered when using alibaba sentinel. It can not be said that Alibaba is really good at open source in China. Most of the problems can be solved in the official issue

The demo link at the bottom of the article provides other fuse degradation examples and function examples based on file persistent fuse degradation configuration. Interested friends can have a look.


demo link