Persist Sentinel Rate‑Limiting Rules with Nacos to Prevent Loss After Restart

Background

In a previous article we introduced using Sentinel for rate limiting and fallback, but the rules are kept only in memory; they are lost when the client restarts.

Solution Overview

Sentinel supports external data sources such as ZooKeeper, Nacos, and Apollo. This article demonstrates using Nacos as the configuration center to persist Sentinel rules.

2.1 Create rate‑limiting rule configuration in Nacos

In Nacos create a configuration file with:

DataId: alibaba-sentinel-client-rules Group: SENTINEL_GROUP Format: JSON

Example JSON content:

[
  {
    "resource": "hello",
    "limitApp": "default",
    "grade": 1,
    "count": 5,
    "strategy": 0,
    "controlBehavior": 0,
    "clusterMode": false
  }
]

Field meanings: resource: name of the protected resource limitApp: caller origin; default means all callers grade: 0 for thread‑count limit, 1 for QPS limit count: threshold value strategy: traffic‑control strategy controlBehavior: effect (reject, warm‑up, rate‑limit) clusterMode: whether cluster mode is enabled

2.2 Add Nacos data source to Sentinel client

Add Maven dependencies (no version needed for sentinel-datasource-nacos because it is already included in spring-cloud-starter-alibaba-sentinel).

<dependencies>
  <!-- SpringBoot web -->
  <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
  </dependency>

  <!-- Sentinel -->
  <dependency>
    <groupId>com.alibaba.cloud</groupId>
    <artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
  </dependency>

  <!-- Nacos as Sentinel data source -->
  <dependency>
    <groupId>com.alibaba.csp</groupId>
    <artifactId>sentinel-datasource-nacos</artifactId>
  </dependency>
</dependencies>

Configure the data source in application.properties:

spring.application.name=alibaba-sentinel-client
server.port=8002

# Sentinel dashboard address
spring.cloud.sentinel.transport.dashboard=localhost:8080

# Nacos data source configuration
spring.cloud.sentinel.datasource.ds2.nacos.server-addr=127.0.0.1:8848
spring.cloud.sentinel.datasource.ds2.nacos.data-id=alibaba-sentinel-client-rules
spring.cloud.sentinel.datasource.ds2.nacos.group-id=SENTINEL_GROUP
spring.cloud.sentinel.datasource.ds2.nacos.data-type=json
spring.cloud.sentinel.datasource.ds2.nacos.rule-type=flow

After restarting the client, the rule appears in the Sentinel console.

2.3 Service testing

Open the Sentinel console, click “Flow Control Rules → Single Machine”. The rule created in Nacos is displayed. Change the threshold value to 1 in Nacos, refresh the console, and see the updated value. Access the protected endpoint http://127.0.0.1:8002/hello to observe the rate‑limiting effect.

Bidirectional synchronization from Dashboard to Nacos

The Sentinel Dashboard does not automatically push rule changes back to Nacos. To enable this, the Dashboard source code must be modified and rebuilt.

3.1 Download source code

Clone the Sentinel repository, checkout version 1.7.2 that matches the client.

3.2 Modify flow‑rule code

Copy the four Nacos‑related classes from test/com.alibaba.csp.sentinel.dashboard.rule.nacos to main/com.alibaba.csp.sentinel.dashboard.rule. Edit NacosConfigUtil to set the correct GROUP_ID and FLOW_DATA_ID_POSTFIX (e.g., alibaba-sentinel-client-flow-rules). GROUP_ID: corresponds to the Nacos group FLOW_DATA_ID_POSTFIX: suffix used to build the DataId for flow rules

Replace the default provider/publisher in FlowControllerV2 with Nacos‑specific ones:

// before
@Qualifier("flowRuleDefaultProvider")
private DynamicRuleProvider<List<FlowRuleEntity>> ruleProvider;
@Qualifier("flowRuleDefaultPublisher")
private DynamicRulePublisher<List<FlowRuleEntity>> rulePublisher;

// after
private FlowRuleNacosProvider ruleProvider;
private FlowRuleNacosPublisher rulePublisher;

Update the front‑end menu in sidebar.html to use dashboard.flow instead of dashboard.flowV1 so that the new controller is invoked.

<!-- before -->
<li ui-sref-active="active">
  <a ui-sref="dashboard.flowV1({app: entry.app})">
    <i class="glyphicon glyphicon-filter"></i>  流控规则
  </a>
</li>

<!-- after -->
<li ui-sref-active="active">
  <a ui-sref="dashboard.flow({app: entry.app})">
    <i class="glyphicon glyphicon-filter"></i>  流控规则
  </a>
</li>

Rebuild the dashboard:

mvn clean package

3.3 Create configuration in Nacos

Manually create a DataId alibaba-sentinel-client-flow-rules under group SENTINEL_GROUP with the same JSON rule content used earlier.

3.4 Add data source to client

Update the client’s application.properties to reference the new DataId and restart the service.

spring.application.name=alibaba-sentinel-client
server.port=8002
spring.cloud.sentinel.transport.dashboard=localhost:8080
spring.cloud.sentinel.datasource.ds2.nacos.server-addr=127.0.0.1:8848
spring.cloud.sentinel.datasource.ds2.nacos.data-id=alibaba-sentinel-client-flow-rules
spring.cloud.sentinel.datasource.ds2.nacos.group-id=SENTINEL_GROUP
spring.cloud.sentinel.datasource.ds2.nacos.data-type=json
spring.cloud.sentinel.datasource.ds2.nacos.rule-type=flow

3.5 Service testing

Open the Sentinel console, view the flow‑control rules – they are now loaded from Nacos. Edit a rule’s threshold (e.g., change to 5) and save. The change is reflected instantly in Nacos and in the client’s behavior.

Conclusion

By leveraging Nacos as a centralized configuration center, Sentinel rule data can be persisted across restarts. However, the Sentinel Dashboard does not natively support pushing modifications back to Nacos; achieving bidirectional sync requires source‑code changes, recompilation, and redeployment of the dashboard.