Spring Cloud 之 微服務監控 Spring Boot Admin
阿新 • • 發佈:2018-12-26
Spring Boot Admin用於管理和監控Spring Boot程式,Spring Boot Admin 作為 Server 端,其他的要被監控的應用作為 Client 端。前面幾篇文章搭建的model如service-feign,service-ribbon,eureka-client之類的都可以是被監控的Client端。
一、搭建Admin Server服務端
新建model:admin-server
pom.xml
<dependencies>
<dependency>
<groupId>de.codecentric</groupId >
<artifactId>spring-boot-admin-starter-server</artifactId>
<version>2.0.1</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId >
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.jolokia</groupId>
<artifactId >jolokia-core</artifactId>
</dependency>
</dependencies>
應用主類添加註解並新增配置(這個配置來資源官方文件推薦):
@SpringBootApplication
@EnableAdminServer
@EnableEurekaClient
public class AdminServerApplication {
public static void main(String[] args) {
SpringApplication.run(AdminServerApplication.class, args);
}
@Profile("insecure")
@Configuration
public static class SecurityPermitAllConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll()//
.and().csrf().disable();
}
}
@Profile("secure")
@Configuration
public static class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
http.authorizeRequests()
.antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout").and()
.httpBasic().and()
.csrf().disable();
// @formatter:on
}
}
}
可以看出是兩種選項,是否需要secure安全保護。可以再配置檔案裡選擇啟用哪種配置。
application.yml
spring:
application:
name: admin-server
profiles:
active:
- secure
server:
port: 9997
# tag::configuration-eureka[]
eureka: #<1>
instance:
leaseRenewalIntervalInSeconds: 10
health-check-url-path: /actuator/health
client:
registryFetchIntervalSeconds: 5
serviceUrl:
defaultZone: ${EUREKA_SERVICE_URL:http://localhost:7777}/eureka/
management:
endpoints:
web:
exposure:
include: "*" #<2>
endpoint:
health:
show-details: ALWAYS
# end::configuration-eureka[]
---
spring:
profiles: insecure
---
spring:
profiles: secure
security:
user:
name: "user"
password: "password"
eureka:
instance:
metadata-map:
user.name: "user" #These two are needed so that the server
user.password: "password" #can access the protected client endpoints
二、修改客戶端
在原來service-feign,service-ribbon,eureka-client三個model的基礎上修改其依賴和配置,新增依賴:
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>2.0.1</version>
</dependency>
配置檔案新增配置:
spring:
boot:
admin:
client:
url: "http://localhost:9997"
management:
endpoints:
web:
exposure:
include: '*'
endpoint:
health:
show-details: ALWAYS
Spring Boot 2.0 的 Actuator 只暴露了 /health、/info 兩個埠(為了安全考慮),所以要配置 management.endpoints.web.exposure.include 的屬性。
三、測試
啟動eureka-server,admin-server,eureka-client,service-feign,service-ribbon
訪問:http://localhost:9997,輸入配置好的使用者名稱和密碼