构建生产级 LLM API 网关:多模型路由、限流与故障转移
·
当你的应用同时对接 OpenAI、Claude、DeepSeek、本地 vLLM 时,一个可靠的网关层是工程化的第一步。
一、为什么需要 LLM 网关?
在 AI 应用进入生产环境后,你会面临这些真实问题:
| 痛点 | 没有网关 | 有网关 |
|---|---|---|
| 多模型切换 | 改代码、改环境变量 | 配置驱动,热切换 |
| 成本控制 | 不知道哪个模型花了多少钱 | 实时计量、配额管理 |
| 限流保护 | 上游 API 429 后应用崩溃 | 令牌桶限流,排队等待 |
| 故障转移 | 单一模型挂了,整个服务不可用 | 自动 fallback 到备用模型 |
| 可观测性 | 日志散落,排查困难 | 统一 trace,每次调用可追溯 |
本文用 Go 从零构建一个生产可用的 LLM 网关,具备路由、限流、熔断、故障转移能力。
二、架构设计
┌──────────┐ ┌─────────────────────────────────────┐ ┌───────────┐
│ Client │────▶│ LLM Gateway │────▶│ OpenAI │
└──────────┘ │ ┌─────┐ ┌──────┐ ┌──────────────┐ │ └───────────┘
│ │Router│▶│Limiter│▶│CircuitBreaker│ │ ┌───────────┐
│ └─────┘ └──────┘ └──────────────┘ │────▶│ Claude │
│ ┌─────────┐ ┌──────────┐ │ └───────────┘
│ │Metrics │ │Fallback │ │ ┌───────────┐
│ └─────────┘ └──────────┘ │────▶│ DeepSeek │
└─────────────────────────────────────┘ └───────────┘
核心模块:
- Router — 根据请求特征(模型名、token 预算、优先级)选择后端
- RateLimiter — 令牌桶算法,按模型+租户维度限流
- CircuitBreaker — 熔断器,连续失败后自动隔离故障后端
- Fallback — 多级降级链:主模型 → 备用模型 → 缓存结果
三、项目结构
llm-gateway/
├── main.go
├── gateway/
│ ├── router.go # 路由策略
│ ├── limiter.go # 令牌桶限流
│ ├── breaker.go # 熔断器
│ ├── fallback.go # 降级策略
│ └── proxy.go # HTTP 反向代理
├── provider/
│ ├── provider.go # Provider 接口
│ ├── openai.go # OpenAI 适配
│ ├── claude.go # Anthropic 适配
│ └── registry.go # Provider 注册中心
├── config/
│ └── config.go # 配置加载
└── metrics/
└── metrics.go # Prometheus 指标
四、核心实现
4.1 Provider 抽象层
首先定义统一的 Provider 接口,屏蔽不同 LLM 厂商的 API 差异:
// provider/provider.go
package provider
import (
"context"
"time"
)
// ChatRequest 统一的聊天请求
type ChatRequest struct {
Model string `json:"model"`
Messages []Message `json:"messages"`
MaxTokens int `json:"max_tokens,omitempty"`
Temperature float64 `json:"temperature,omitempty"`
Stream bool `json:"stream"`
}
type Message struct {
Role string `json:"role"`
Content string `json:"content"`
}
// ChatResponse 统一的聊天响应
type ChatResponse struct {
ID string `json:"id"`
Model string `json:"model"`
Content string `json:"content"`
FinishReason string `json:"finish_reason"`
Usage Usage `json:"usage"`
}
type Usage struct {
PromptTokens int `json:"prompt_tokens"`
CompletionTokens int `json:"completion_tokens"`
TotalTokens int `json:"total_tokens"`
}
// Provider LLM 厂商接口
type Provider interface {
Name() string
// Chat 同步聊天(非流式)
Chat(ctx context.Context, req *ChatRequest) (*ChatResponse, error)
// ChatStream 流式聊天,通过 channel 返回增量
ChatStream(ctx context.Context, req *ChatRequest) (<-chan *StreamChunk, error)
// SupportedModels 返回该 Provider 支持的模型列表
SupportedModels() []string
// HealthCheck 健康检查
HealthCheck(ctx context.Context) error
}
type StreamChunk struct {
Content string `json:"content"`
Done bool `json:"done"`
Error error `json:"-"`
}
4.2 OpenAI Provider 适配器
把 OpenAI 的 /v1/chat/completions 适配到统一接口:
// provider/openai.go
package provider
import (
"bufio"
"bytes"
"context"
"encoding/json"
"fmt"
"io"
"net/http"
"strings"
"time"
)
type OpenAIProvider struct {
name string
baseURL string
apiKey string
client *http.Client
models []string
}
func NewOpenAIProvider(name, baseURL, apiKey string, models []string) *OpenAIProvider {
return &OpenAIProvider{
name: name,
baseURL: strings.TrimRight(baseURL, "/"),
apiKey: apiKey,
client: &http.Client{Timeout: 120 * time.Second},
models: models,
}
}
func (p *OpenAIProvider) Name() string { return p.name }
func (p *OpenAIProvider) SupportedModels() []string { return p.models }
func (p *OpenAIProvider) HealthCheck(ctx context.Context) error {
req, _ := http.NewRequestWithContext(ctx, "GET", p.baseURL+"/models", nil)
req.Header.Set("Authorization", "Bearer "+p.apiKey)
resp, err := p.client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
return fmt.Errorf("health check failed: %d", resp.StatusCode)
}
return nil
}
// openaiReq OpenAI 原生请求格式
type openaiReq struct {
Model string `json:"model"`
Messages []Message `json:"messages"`
MaxTokens int `json:"max_tokens,omitempty"`
Temperature float64 `json:"temperature,omitempty"`
Stream bool `json:"stream"`
}
type openaiResp struct {
ID string `json:"id"`
Model string `json:"model"`
Choices []openaiChoice `json:"choices"`
Usage openaiUsage `json:"usage"`
}
type openaiChoice struct {
Message Message `json:"message"`
FinishReason string `json:"finish_reason"`
}
type openaiUsage struct {
PromptTokens int `json:"prompt_tokens"`
CompletionTokens int `json:"completion_tokens"`
TotalTokens int `json:"total_tokens"`
}
func (p *OpenAIProvider) Chat(ctx context.Context, req *ChatRequest) (*ChatResponse, error) {
body := openaiReq{
Model: req.Model,
Messages: req.Messages,
MaxTokens: req.MaxTokens,
Temperature: req.Temperature,
Stream: false,
}
buf, _ := json.Marshal(body)
httpReq, _ := http.NewRequestWithContext(ctx, "POST",
p.baseURL+"/v1/chat/completions", bytes.NewReader(buf))
httpReq.Header.Set("Content-Type", "application/json")
httpReq.Header.Set("Authorization", "Bearer "+p.apiKey)
resp, err := p.client.Do(httpReq)
if err != nil {
return nil, fmt.Errorf("openai request failed: %w", err)
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
bodyBytes, _ := io.ReadAll(resp.Body)
return nil, fmt.Errorf("openai returned %d: %s", resp.StatusCode, string(bodyBytes))
}
var result openaiResp
if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
return nil, fmt.Errorf("decode response: %w", err)
}
return &ChatResponse{
ID: result.ID,
Model: result.Model,
Content: result.Choices[0].Message.Content,
FinishReason: result.Choices[0].FinishReason,
Usage: Usage{
PromptTokens: result.Usage.PromptTokens,
CompletionTokens: result.Usage.CompletionTokens,
TotalTokens: result.Usage.TotalTokens,
},
}, nil
}
// ChatStream 流式适配:解析 SSE 事件流
func (p *OpenAIProvider) ChatStream(ctx context.Context, req *ChatRequest) (<-chan *StreamChunk, error) {
streamReq := *req
streamReq.Stream = true
body := openaiReq{
Model: streamReq.Model,
Messages: streamReq.Messages,
MaxTokens: streamReq.MaxTokens,
Temperature: streamReq.Temperature,
Stream: true,
}
buf, _ := json.Marshal(body)
httpReq, _ := http.NewRequestWithContext(ctx, "POST",
p.baseURL+"/v1/chat/completions", bytes.NewReader(buf))
httpReq.Header.Set("Content-Type", "application/json")
httpReq.Header.Set("Authorization", "Bearer "+p.apiKey)
resp, err := p.client.Do(httpReq)
if err != nil {
return nil, fmt.Errorf("stream request: %w", err)
}
ch := make(chan *StreamChunk, 64)
go func() {
defer resp.Body.Close()
defer close(ch)
scanner := bufio.NewScanner(resp.Body)
for scanner.Scan() {
select {
case <-ctx.Done():
return
default:
}
line := scanner.Text()
if !strings.HasPrefix(line, "data: ") {
continue
}
data := strings.TrimPrefix(line, "data: ")
if data == "[DONE]" {
ch <- &StreamChunk{Done: true}
return
}
var chunk struct {
Choices []struct {
Delta struct {
Content string `json:"content"`
} `json:"delta"`
} `json:"choices"`
}
if err := json.Unmarshal([]byte(data), &chunk); err != nil {
continue
}
if len(chunk.Choices) > 0 && chunk.Choices[0].Delta.Content != "" {
ch <- &StreamChunk{Content: chunk.Choices[0].Delta.Content}
}
}
}()
return ch, nil
}
4.3 Provider 注册中心
支持动态注册,方便运维时热加载:
// provider/registry.go
package provider
import (
"fmt"
"sync"
)
type Registry struct {
mu sync.RWMutex
providers map[string]Provider
// modelToProvider 模型名 → Provider 名的映射
modelToProvider map[string]string
}
func NewRegistry() *Registry {
return &Registry{
providers: make(map[string]Provider),
modelToProvider: make(map[string]string),
}
}
func (r *Registry) Register(p Provider) {
r.mu.Lock()
defer r.mu.Unlock()
r.providers[p.Name()] = p
for _, model := range p.SupportedModels() {
// 如果同一个模型被多个 Provider 注册,保留第一个作为主,后面的作为备用
if _, exists := r.modelToProvider[model]; !exists {
r.modelToProvider[model] = p.Name()
}
}
}
func (r *Registry) GetProvider(name string) (Provider, bool) {
r.mu.RLock()
defer r.mu.RUnlock()
p, ok := r.providers[name]
return p, ok
}
// ResolveModel 根据模型名解析到 Provider
func (r *Registry) ResolveModel(model string) (Provider, error) {
r.mu.RLock()
defer r.mu.RUnlock()
// 1. 直接匹配模型名
if provName, ok := r.modelToProvider[model]; ok {
return r.providers[provName], nil
}
// 2. 如果模型名包含 provider 前缀,如 "openai/gpt-4o"
for name, p := range r.providers {
for _, m := range p.SupportedModels() {
if m == model {
return r.providers[name], nil
}
}
}
return nil, fmt.Errorf("no provider found for model: %s", model)
}
五、限流:滑动窗口 + 令牌桶
按 租户:模型 维度限流,使用高效的滑动窗口算法:
// gateway/limiter.go
package gateway
import (
"sync"
"time"
)
// RateLimiter 基于滑动窗口的限流器
type RateLimiter struct {
mu sync.Mutex
windows map[string]*slidingWindow
rate int // 每分钟允许的请求数
interval time.Duration // 窗口大小
}
type slidingWindow struct {
timestamps []time.Time
limit int
interval time.Duration
}
func NewRateLimiter(rate int, interval time.Duration) *RateLimiter {
return &RateLimiter{
windows: make(map[string]*slidingWindow),
rate: rate,
interval: interval,
}
}
// Allow 检查是否允许该 key 的请求通过
func (rl *RateLimiter) Allow(key string) bool {
rl.mu.Lock()
defer rl.mu.Unlock()
w, exists := rl.windows[key]
if !exists {
w = &slidingWindow{
timestamps: make([]time.Time, 0),
limit: rl.rate,
interval: rl.interval,
}
rl.windows[key] = w
}
return w.allow()
}
func (w *slidingWindow) allow() bool {
now := time.Now()
cutoff := now.Add(-w.interval)
// 清理过期的时间戳
valid := w.timestamps[:0]
for _, ts := range w.timestamps {
if ts.After(cutoff) {
valid = append(valid, ts)
}
}
w.timestamps = valid
if len(w.timestamps) >= w.limit {
return false
}
w.timestamps = append(w.timestamps, now)
return true
}
// TokensRemaining 剩余配额
func (rl *RateLimiter) TokensRemaining(key string) int {
rl.mu.Lock()
defer rl.mu.Unlock()
w, exists := rl.windows[key]
if !exists {
return rl.rate
}
now := time.Now()
cutoff := now.Add(-w.interval)
count := 0
for _, ts := range w.timestamps {
if ts.After(cutoff) {
count++
}
}
remaining := w.limit - count
if remaining < 0 {
remaining = 0
}
return remaining
}
六、熔断器
当某个 Provider 连续失败时,自动熔断,避免雪崩:
// gateway/breaker.go
package gateway
import (
"errors"
"sync"
"time"
)
type State int
const (
StateClosed State = iota // 正常
StateOpen // 熔断打开,拒绝请求
StateHalfOpen // 半开,探测恢复
)
type CircuitBreaker struct {
mu sync.Mutex
state State
failureCount int
successCount int
threshold int // 连续失败阈值
halfOpenMax int // 半开状态最多允许的成功探测数
timeout time.Duration // 熔断打开后的冷却时间
lastFailure time.Time
openAt time.Time
onStateChange func(name string, from, to State)
name string
}
func NewCircuitBreaker(name string, threshold int, timeout time.Duration) *CircuitBreaker {
return &CircuitBreaker{
name: name,
threshold: threshold,
timeout: timeout,
halfOpenMax: 3,
state: StateClosed,
}
}
var ErrCircuitOpen = errors.New("circuit breaker is open")
// Call 执行受熔断保护的操作
func (cb *CircuitBreaker) Call(fn func() error) error {
cb.mu.Lock()
if cb.state == StateOpen {
if time.Since(cb.openAt) > cb.timeout {
cb.toState(StateHalfOpen)
cb.mu.Unlock()
} else {
cb.mu.Unlock()
return ErrCircuitOpen
}
} else {
cb.mu.Unlock()
}
err := fn()
cb.mu.Lock()
defer cb.mu.Unlock()
if err != nil {
cb.failureCount++
cb.lastFailure = time.Now()
if cb.state == StateHalfOpen {
cb.toState(StateOpen)
} else if cb.state == StateClosed && cb.failureCount >= cb.threshold {
cb.toState(StateOpen)
}
return err
}
// 成功
if cb.state == StateHalfOpen {
cb.successCount++
if cb.successCount >= cb.halfOpenMax {
cb.failureCount = 0
cb.successCount = 0
cb.toState(StateClosed)
}
} else {
cb.failureCount = 0
}
return nil
}
func (cb *CircuitBreaker) toState(s State) {
if cb.state == s {
return
}
old := cb.state
cb.state = s
if s == StateOpen {
cb.openAt = time.Now()
}
if cb.onStateChange != nil {
cb.onStateChange(cb.name, old, s)
}
}
七、故障转移与降级链
当主模型不可用时,自动降级到备用模型:
// gateway/fallback.go
package gateway
import (
"context"
"fmt"
"log"
"llm-gateway/provider"
)
// FallbackChain 降级链:主模型 → 备用1 → 备用2 → ...
type FallbackChain struct {
registry *provider.Registry
breakerMap map[string]*CircuitBreaker
defaultChain []string // 默认降级链(模型名列表)
}
func NewFallbackChain(reg *provider.Registry, defaultChain []string) *FallbackChain {
fc := &FallbackChain{
registry: reg,
breakerMap: make(map[string]*CircuitBreaker),
defaultChain: defaultChain,
}
// 为每个模型创建熔断器
for _, model := range defaultChain {
fc.breakerMap[model] = NewCircuitBreaker(model, 5, 30*time.Second)
}
return fc
}
完整实现中还需要 breakerMap 导入 time 包。
八、网关主入口
把所有组件串联起来:
// main.go
package main
import (
"context"
"encoding/json"
"log"
"net/http"
"os"
"os/signal"
"time"
)
func main() {
// 1. 初始化 Provider
openai := provider.NewOpenAIProvider(
"openai-primary",
"https://api.openai.com",
os.Getenv("OPENAI_API_KEY"),
[]string{"gpt-4o", "gpt-4o-mini", "gpt-3.5-turbo"},
)
claude := provider.NewOpenAIProvider( // 假设你有个兼容 OpenAI 格式的 Claude 代理
"claude",
"https://api.anthropic.com",
os.Getenv("ANTHROPIC_API_KEY"),
[]string{"claude-sonnet-4-20250514"},
)
deepseek := provider.NewOpenAIProvider(
"deepseek",
"https://api.deepseek.com",
os.Getenv("DEEPSEEK_API_KEY"),
[]string{"deepseek-chat", "deepseek-reasoner"},
)
// 2. 注册到注册中心
reg := provider.NewRegistry()
reg.Register(openai)
reg.Register(claude)
reg.Register(deepseek)
// 3. 初始化中间件
limiter := NewRateLimiter(100, time.Minute) // 每租户每分钟 100 次
fallback := NewFallbackChain(reg, []string{
"gpt-4o", "gpt-4o-mini", "deepseek-chat",
})
// 4. 路由处理器
mux := http.NewServeMux()
mux.HandleFunc("/v1/chat/completions", func(w http.ResponseWriter, r *http.Request) {
tenantID := r.Header.Get("X-Tenant-ID")
if tenantID == "" {
tenantID = "default"
}
// 解析请求
var chatReq provider.ChatRequest
if err := json.NewDecoder(r.Body).Decode(&chatReq); err != nil {
http.Error(w, err.Error(), 400)
return
}
// 限流检查
limitKey := fmt.Sprintf("%s:%s", tenantID, chatReq.Model)
if !limiter.Allow(limitKey) {
w.Header().Set("Retry-After", "60")
http.Error(w, `{"error":"rate limited"}`, 429)
return
}
// 解析 Provider
prov, err := reg.ResolveModel(chatReq.Model)
if err != nil {
http.Error(w, err.Error(), 400)
return
}
// 执行请求(带熔断保护)
breaker := fallback.breakerMap[chatReq.Model]
if breaker == nil {
breaker = NewCircuitBreaker(chatReq.Model, 5, 30*time.Second)
}
var resp *provider.ChatResponse
err = breaker.Call(func() error {
var callErr error
resp, callErr = prov.Chat(r.Context(), &chatReq)
return callErr
})
if err != nil {
if err == ErrCircuitOpen {
// 熔断时尝试降级
for _, fallbackModel := range fallback.defaultChain {
if fallbackModel == chatReq.Model {
continue
}
fbProv, fbErr := reg.ResolveModel(fallbackModel)
if fbErr != nil {
continue
}
chatReq.Model = fallbackModel
resp, err = fbProv.Chat(r.Context(), &chatReq)
if err == nil {
break
}
}
}
if err != nil {
http.Error(w, err.Error(), 500)
return
}
}
w.Header().Set("Content-Type", "application/json")
w.Header().Set("X-Model-Used", chatReq.Model)
w.Header().Set("X-RateLimit-Remaining",
fmt.Sprintf("%d", limiter.TokensRemaining(limitKey)))
json.NewEncoder(w).Encode(resp)
})
// 5. 启动服务
srv := &http.Server{Addr: ":8080", Handler: mux}
go func() {
log.Println("LLM Gateway listening on :8080")
if err := srv.ListenAndServe(); err != http.ErrServerClosed {
log.Fatal(err)
}
}()
// 优雅关闭
quit := make(chan os.Signal, 1)
signal.Notify(quit, os.Interrupt)
<-quit
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
srv.Shutdown(ctx)
}
九、生产环境补充
9.1 配置热加载
# config.yaml
providers:
- name: openai-primary
type: openai
base_url: https://api.openai.com
api_key: ${OPENAI_API_KEY}
models: [gpt-4o, gpt-4o-mini]
weight: 100
routes:
- match:
model: gpt-4o
primary: openai-primary
fallback: [deepseek-chat]
rate_limit:
rpm: 50
circuit_breaker:
failure_threshold: 5
timeout_seconds: 30
9.2 Prometheus 指标
var (
requestTotal = prometheus.NewCounterVec(
prometheus.CounterOpts{Name: "llm_gateway_requests_total"},
[]string{"provider", "model", "status"},
)
requestDuration = prometheus.NewHistogramVec(
prometheus.HistogramOpts{Name: "llm_gateway_request_duration_seconds"},
[]string{"provider", "model"},
)
rateLimitHits = prometheus.NewCounterVec(
prometheus.CounterOpts{Name: "llm_gateway_rate_limit_hits_total"},
[]string{"tenant", "model"},
)
circuitBreakerState = prometheus.NewGaugeVec(
prometheus.GaugeOpts{Name: "llm_gateway_circuit_breaker_state"},
[]string{"provider"},
)
)
9.3 成本追踪
每次请求记录 token 用量,按模型价格计费,写入时序数据库。示例价格结构:
type Pricing struct {
PromptPer1K float64 // $/1K tokens
CompletionPer1K float64
}
var modelPrices = map[string]Pricing{
"gpt-4o": {0.0025, 0.01},
"gpt-4o-mini": {0.00015, 0.0006},
"deepseek-chat": {0.00014, 0.00028},
}
十、总结
这个 LLM 网关解决的核心问题:
| 能力 | 实现方式 | 价值 |
|---|---|---|
| 统一接口 | Provider 抽象层 + 适配器模式 | 切换模型零代码改动 |
| 限流保护 | 滑动窗口,按租户+模型维度 | 防止 API 费用失控 |
| 熔断降级 | CircuitBreaker + FallbackChain | 单点故障不影响整体服务 |
| 可观测性 | 结构化日志 + Prometheus 指标 | 每次调用可追溯、可告警 |
| 成本控制 | Token 计量 + 按量计费 | 清楚知道钱花在哪 |
完整代码约 500 行,直接可编译运行。在生产环境,你可以进一步加上:请求去重(幂等键)、响应缓存、优先级队列、WebSocket 流式代理。
代码可用 go build -o llm-gateway . 直接编译,配置文件示例见 config.yaml。
一站式 AI 云服务平台
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)