1、问题背景
在测试环境,切换至贵阳环境时,突然dubbo部署服务后,在别的服务遇到我们内部自己定义的异常时,会出现以下报错:
Tried 3 times of the providers [XXXX:XXX] (1/1) from the registry XXX:2181 on the consumer XXX using the dubbo version 3.2.16. Last error is: Failed to invoke remote method: getTenantOpenApiConfig, provider: DefaultServiceInstance{serviceName='service-doc', host='XXX', port=XXX, enabled=true, healthy=true, metadata={dubbo.endpoints=[{"port":XXX,"protocol":"dubbo"}], dubbo.metadata-service.url-params={"prefer.serialization":"fastjson2,hessian2","version":"1.0.0","dubbo":"2.0.2","release":"3.2.16","side":"provider","port":"XXX","protocol":"dubbo"}, dubbo.metadata.revision=d01d9a20f83863e80ccece49eae4cd8d, dubbo.metadata.storage-type=local, timestamp=1731417845837}}, service{name='com.netease.ys.athena.api.service.TenantService',group='null',version='1.0.0',protocol='dubbo',port='20880',params={side=provider, release=3.2.16, methods=getTenantOpenApiConfig,isNosPrivateTenant, logger=slf4j, deprecated=false, dubbo=2.0.2, interface=com.netease.ys.athena.api.service.TenantService, service-name-mapping=true, version=1.0.0, generic=false, revision=1.0-SNAPSHOT, application=service-doc, prefer.serialization=fastjson2,hessian2, payload=16777216, dynamic=true, service.filter=tracing,dubboLog,-exception, REGISTRY_CLUSTER=default, register=true},}, cause: org.apache.dubbo.remoting.RemotingException: java.io.IOException: org.apache.dubbo.common.serialize.SerializationException: java.lang.IllegalArgumentException: [Serialization Security] Serialized class com.xxx.common.AthenaException is not in allow list. Current mode is `STRICT`, will disallow to deserialize it by default. Please add it into security/serialize.allowlist or follow FAQ to configure it.
java.io.IOException: org.apache.dubbo.common.serialize.SerializationException: java.lang.IllegalArgumentException: [Serialization Security] Serialized class com.netease.ys.athena.common.AthenaException is not in allow list. Current mode is `STRICT`, will disallow to deserialize it by default. Please add it into security/serialize.allowlist or follow FAQ to configure it.
at org.apache.dubbo.common.serialize.DefaultSerializationExceptionWrapper.handleToIOException(DefaultSerializationExceptionWrapper.java:353)
at org.apache.dubbo.common.serialize.DefaultSerializationExceptionWrapper.access$000(DefaultSerializationExceptionWrapper.java:27)
at org.apache.dubbo.common.serialize.DefaultSerializationExceptionWrapper$ProxyObjectInput.readThrowable(DefaultSerializationExceptionWrapper.java:181)
at org.apache.dubbo.rpc.protocol.dubbo.DecodeableRpcResult.handleException(DecodeableRpcResult.java:186)
at org.apache.dubbo.rpc.protocol.dubbo.DecodeableRpcResult.decode(DecodeableRpcResult.java:114)
at org.apache.dubbo.rpc.protocol.dubbo.DecodeableRpcResult.decode(DecodeableRpcResult.java:153)
at org.apache.dubbo.remoting.transport.DecodeHandler.decode(DecodeHandler.java:61)
at org.apache.dubbo.remoting.transport.DecodeHandler.received(DecodeHandler.java:49)
at org.apache.dubbo.remoting.transport.dispatcher.ChannelEventRunnable.run(ChannelEventRunnable.java:64)
at org.apache.dubbo.common.threadpool.ThreadlessExecutor$RunnableWrapper.run(ThreadlessExecutor.java:151)
at org.apache.dubbo.common.threadpool.ThreadlessExecutor.waitAndDrain(ThreadlessExecutor.java:77)
at org.apache.dubbo.rpc.AsyncRpcResult.get(AsyncRpcResult.java:219)
at org.apache.dubbo.rpc.protocol.AbstractInvoker.waitForResultIfSync(AbstractInvoker.java:292)
at org.apache.dubbo.rpc.protocol.AbstractInvoker.invoke(AbstractInvoker.java:194)
at org.apache.dubbo.rpc.listener.ListenerInvokerWrapper.invoke(ListenerInvokerWrapper.java:71)
at brave.dubbo.TracingFilter.invoke(TracingFilter.java:120)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at com.netease.ys.odin.sdk.common.dubbo.TraceIdFilter.invoke(TraceIdFilter.java:26)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.rpc.filter.RpcExceptionFilter.invoke(RpcExceptionFilter.java:40)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at com.alibaba.dubbo.rpc.Invoker$CompatibleInvoker.invoke(Invoker.java:77)
at com.netease.ysf.isolation.core.unit.dubbo.DubboTraceFilter.invoke(DubboTraceFilter.java:54)
at com.alibaba.dubbo.rpc.Filter.invoke(Filter.java:34)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CallbackRegistrationInvoker.invoke(FilterChainBuilder.java:197)
at org.apache.dubbo.rpc.protocol.ReferenceCountInvokerWrapper.invoke(ReferenceCountInvokerWrapper.java:106)
at org.apache.dubbo.rpc.cluster.support.AbstractClusterInvoker.invokeWithContext(AbstractClusterInvoker.java:412)
at org.apache.dubbo.rpc.cluster.support.FailoverClusterInvoker.doInvoke(FailoverClusterInvoker.java:82)
at org.apache.dubbo.rpc.cluster.support.AbstractClusterInvoker.invoke(AbstractClusterInvoker.java:366)
at org.apache.dubbo.rpc.cluster.router.RouterSnapshotFilter.invoke(RouterSnapshotFilter.java:46)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.monitor.support.MonitorFilter.invoke$original$KCmLLvOt(MonitorFilter.java:108)
at org.apache.dubbo.monitor.support.MonitorFilter.invoke$original$KCmLLvOt$accessor$b860Fxap(MonitorFilter.java)
at org.apache.dubbo.monitor.support.MonitorFilter$auxiliary$RDFx4XP6.call(Unknown Source)
at org.apache.skywalking.apm.agent.core.plugin.interceptor.enhance.InstMethodsInter.intercept(InstMethodsInter.java:86)
at org.apache.dubbo.monitor.support.MonitorFilter.invoke(MonitorFilter.java)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.rpc.cluster.filter.support.MetricsClusterFilter.invoke(MetricsClusterFilter.java:57)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.rpc.protocol.dubbo.filter.FutureFilter.invoke(FutureFilter.java:52)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.spring.security.filter.ContextHolderParametersSelectedTransferFilter.invoke(ContextHolderParametersSelectedTransferFilter.java:40)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.metrics.filter.MetricsFilter.invoke(MetricsFilter.java:86)
at org.apache.dubbo.rpc.cluster.filter.support.MetricsConsumerFilter.invoke(MetricsConsumerFilter.java:38)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.rpc.cluster.filter.support.ConsumerClassLoaderFilter.invoke(ConsumerClassLoaderFilter.java:40)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.rpc.cluster.filter.support.ConsumerContextFilter.invoke(ConsumerContextFilter.java:119)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CopyOfFilterChainNode.invoke(FilterChainBuilder.java:349)
at org.apache.dubbo.rpc.cluster.filter.FilterChainBuilder$CallbackRegistrationInvoker.invoke(FilterChainBuilder.java:197)
at org.apache.dubbo.rpc.cluster.support.wrapper.AbstractCluster$ClusterFilterInvoker.invoke(AbstractCluster.java:101)
at org.apache.dubbo.rpc.cluster.support.wrapper.MockClusterInvoker.invoke(MockClusterInvoker.java:106)
at org.apache.dubbo.rpc.cluster.support.wrapper.ScopeClusterInvoker.invoke(ScopeClusterInvoker.java:171)
at org.apache.dubbo.registry.client.migration.MigrationInvoker.invoke(MigrationInvoker.java:294)
at org.apache.dubbo.rpc.proxy.InvocationUtil.invoke(InvocationUtil.java:64)
at org.apache.dubbo.rpc.proxy.InvokerInvocationHandler.invoke(InvokerInvocationHandler.java:81)
at com.netease.ys.athena.api.service.TenantServiceDubboProxy0.getTenantOpenApiConfig$sentryProxy1(TenantServiceDubboProxy0.java)
at com.netease.ys.athena.api.service.TenantServiceDubboProxy0.getTenantOpenApiConfig(TenantServiceDubboProxy0.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.dubbo.config.spring.util.LazyTargetInvocationHandler.invoke(LazyTargetInvocationHandler.java:54)
at com.netease.ys.athena.api.service.TenantServiceDubboProxy0.getTenantOpenApiConfig$sentryProxy1(TenantServiceDubboProxy0.java)
at com.netease.ys.athena.api.service.TenantServiceDubboProxy0.getTenantOpenApiConfig(TenantServiceDubboProxy0.java)
at com.netease.ys.athena.webapp.athena.auth.AuthManager.authOpenApi$sentryProxy5(AuthManager.java:372)
at com.netease.ys.athena.webapp.athena.auth.AuthManager.authOpenApi(AuthManager.java)
at com.netease.ys.athena.webapp.athena.aspect.ApiAspect.around$sentryProxy1(ApiAspect.java:89)
at com.netease.ys.athena.webapp.athena.aspect.ApiAspect.around(ApiAspect.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:644)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:633)
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:175)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
主要意思就是序列化时遇到了异常:java.lang.IllegalArgumentException。我们自己定义的AthenaException不在允许列表中。当前模式为“STRICT”,默认情况下不允许对其进行反序列化。请将其添加到security/serialize.allowlist或按照常见问题解答进行配置。
2、问题解决
1、我们按照这里的提示,查了文档,在各服务的application.yml下新增了这个配置:
application:
name: @app.name@
id: @app.name@
qos-enable: false
serialization-allowlist: xxx.common.AthenaException
然后重新部署,果然还是不行。
2、后面看了很多的社区信息、还有官方文档。最后还是决定把dubbo版本进行升级,看文档升级到3.2.16。并且把配置改为了: serialize-check-status: WARN
application:
name: @app.name@
id: @app.name@
qos-enable: false
serialize-check-status: WARN
我们升级了dubbo以后,在服务提供方抛出异常的时候,如果这个异常不在序列化名单内,还是没解决,最后还需把序列化的方式改为hessian2,当前dubbo版本是3.2,默认的序列化方式fastjson2,改为hessian2就解决了这个问题。
provider:
filter: 'tracing,dubboLog,-exception'
prefer-serialization: hessian2
serialization: hessian2
参考资料:
https://github.com/apache/dubbo/pull/11769
https://cn.dubbo.apache.org/zh-cn/download/
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
