Shulou(Shulou.com)05/31 Report--

Today, I'll talk to you about how to migrate Spring-based application configuration to Aliyun application configuration management ACM. Many people may not know much about it. In order to make you understand better, the editor summarized the following. I hope you can get something from this article.

Recently, I met some developer friends who are ready to migrate the original Java Spring application configuration to Ali Cloud application configuration management ACM. There are a lot of interesting problems encountered in the process of migration. This paper will use a simple example to restore the problems encountered in the process of migration and related solutions, in order to achieve the purpose of communicating with readers.

What kind of configuration is suitable for entering the configuration center

This is the first problem encountered by all users who are going to migrate the configuration to the configuration center. We will analyze it from the two dimensions of timeliness and security.

Cdn.com/f174d13b6c9cc95a55d423df21d1349d69518790.png ">

Timeliness: static VS dynamic

Static configuration refers to the configuration content that is basically not modified once the program version is released, such as:

Software version number: obviously, once the version number is determined, the product basically does not need to be changed.

Log style: the layout of the log, such as timestamp, file name, log level, etc., basically does not need a major change.

Three-party software LicenseKey: basically, once released, there are few changes. Do not rule out midway three-party software License upgrade, but this upgrade can generally be based on the software rerelease to resolve configuration changes.

PaaS platform connection string: such as database connection string, including database, user name and password, etc. Unless the password is changed for compliance reasons, or the data is migrated, it rarely changes.

Dynamic configuration refers to some configuration changes when the program is running, which usually affects some running behavior of the program, such as:

Current-limiting degradation parameters: current-limiting degradation parameters are generally not very fixed. Generally speaking, when the system is running, it is best to adjust the current limiting parameters dynamically according to the actual workload pattern, such as threshold RT, peak TPS, and so on.

Monitoring alarm threshold: if the transaction falls by 20% month-on-month, it produces error alarm and critical alarm by 50%. As far as the monitoring system is concerned, the online business characteristics change frequently, so the alarm threshold is generally not written down.

Log printing level: once there is weird behavior online, I hope to increase the log printing level from error to debug, generally prefer to adjust dynamically without the need to restart the application.

Disaster recovery: once the site reverts to disaster, you must want to switch as soon as possible. Therefore, the configuration must take effect in a dynamic second to reduce the capital loss as much as possible.

From the perspective of timeliness, it is generally recommended that users store the static configuration in their own files and keep it as simple as possible, but they need to put the dynamic configuration into the configuration center to enhance the flexibility and effectiveness of the application of dynamic changes.

Security: insensitive VS sensitive

Non-sensitive configuration generally refers to the technical bias, which will not lead to security risks in the configuration after exposure, for example:

Software version number: related to product iteration, no business attribute, non-sensitive configuration.

Log style: generally related to the program post-diagnosis, non-sensitive configuration.

Log printing level: affects more or less log printing, non-sensitive configuration.

Current-limiting degradation parameters: current-limiting degradation is mainly to maintain internal application stability, non-sensitive configuration.

Monitoring alarm threshold: mainly affects the alarm accuracy of the business, non-sensitive configuration.

Disaster recovery and multi-activity: generally related to data master / slave configuration and business fragmentation, non-sensitive configuration.

Sensitive configurations are usually related to business data, and disclosure will cause security risks, such as:

Three-party software LicenseKey: once leaked, LicenseKey is easy to be embezzled, which is a sensitive configuration.

PaaS platform connection string: a typical database connection string, once leaked, no matter internal or external users, can easily log in to the business database to access business sensitive information, for sensitive configuration.

From the perspective of security, we usually recommend that users store the non-sensitive configuration in their own files and keep it as simple as possible, but they need to put the sensitive configuration in the configuration center, encrypt and authenticate it, and try not to make it accessible to unrelated people.

Summary of timeliness and safety analysis

How to migrate Java Application configuration based on Spring Framework

A common configuration annotation pose commonly used by Java developers using the Spring framework is the @ value annotation of Spring.

Original pure static file scene

For example, this configuration contains two configuration parameters, one is the version number of the software, and the other is the database connection string:

Automatically inject the configuration through @ PropertySource and @ value annotations.

Configuration@ComponentScan ("com.alibaba") @ PropertySource ("classpath:myApp.properties") public class AppConfig {@ Value (value= "${url}") private String URL; @ Value (value= "${dbuser}") private String USER; @ Value (value= "${driver}") private String DRIVER; @ Value (value= "${dbpassword}") private String PASSWORD; @ Value (value= "${appVersion}") private String version;}

The above code omits the relevant database connection initialization and other operations.

Start the configuration migration and enter the mixed configuration scenario

Currently, due to security compliance or configuration limitation and other reasons, we need to start migrating the configuration to ACM. After analysis, we found that the configuration of some databases had better be migrated to ACM and marked in red font. All the red parts will be migrated to ACM.

The next three main changes are summarized first.

Add relevant configuration records in the ACM console.

Add ACM SDK related dependencies to the Java project package.

Modify the code a little to add the annotated code to get the configuration in ACM.

The first step is to go directly to ACM to create a configuration item named myapp.dbconfig.properties, and edit the configuration content in the corresponding edit box.

The second step is to add dependencies to maven's pom.xml, as follows.

Com.alibaba.nacos nacos-spring-context 0.2.1-RC1

The third step is to insert API annotations into the corresponding AppConfig.java code to obtain the dynamic configuration through ACM. Code additions such as red fonts.

Configuration @ ComponentScan ("com.journaldev") @ PropertySource ("classpath:myApp.properties") @ EnableNacosConfig (globalProperties = @ NacosProperties (endpoint = "acm.aliyun.com", namespace = "xxx", accessKey = "xxx", secretKey = "xxx") @ NacosPropertySource (dataId = "myApp.dbconfig.properties", autoRefreshed = true) public class AppConfig {@ Value (value= "${url}") private String URL; @ Value (value= "${dbuser}") private String USER @ Value (value= "${driver}") private String DRIVER; @ Value (value= "${dbpassword}") private String PASSWORD; @ Value (value= "${appVersion}") private String version; public String getVersion () {return version;}}

At this point, the change is over. With ACM SDK's support for Spring's @ value annotation capability, the code has been changed almost zero.

A few points for attention

In the above code example, there are a few things to note:

The ACM SDK used in the code is Nacos SDK. Nacos (http://nacos.io) is an open source implementation of ACM, ACM is seamlessly compatible with all Nacos interfaces.

In the code example, plaintext annotations are used to write dead ACM's endpoint, namespace, AK, SK, and so on. In practice, the relevant variables do not have to be written dead.

After reading the above, do you have any further understanding of how the Spring-based application configuration can be migrated to Ali Cloud application configuration management ACM? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.