Shulou(Shulou.com)06/02 Report--

What is the Spring Boot Admin pit guide? in view of this question, this article introduces in detail the corresponding analysis and answers, hoping to help more partners who want to solve this problem to find a more simple and feasible way.

Direct registration of the service failed

Common registration failure problems can be divided into the following two types

The Spring Boot Admin server and the client are not on the same server

Prompt that the security check failed.

The solution to the first problem:

The boot.admin.client.instance.service-url attribute must be configured on the client side so that the Spring Boot Admin server can obtain the client's data through the network (otherwise it will be obtained by default through the hostname)

Boot: admin: client: url: ${your spring boot admin url} username: ${your spring boot admin username} password: ${your spring boot admin password} instance: prefer-ip: true service-url: ${your spring boot client url}

The solution to the second problem:

First of all, the problem of security verification is that the server now configures the account password, and then the client provides the account password to log in when registering to complete the verification.

The implementation of this process, as a Spring family bucket project, is recommended to use Spring Security to solve the problem, so if the verification fails, it is probably due to problems with the configuration of Spring Security.

Next, we will introduce how to configure the server and the client to deal with this problem.

Server configuration

Loading Spring Security dependencies through maven

Org.springframework.boot spring-boot-starter-security

Set the user name and password of the server (use this account password to log in when the client registers)

Spring: security: user: name: liumapp password: superliumapp

Write Spring Security configuration classes

Import de.codecentric.boot.admin.server.config.AdminServerProperties;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;import org.springframework.security.web.csrf.CookieCsrfTokenRepository / * file SecuritySecureConfig.java * author liumapp * github https://github.com/liumapp * email liumapp.com@gmail.com * homepage http://www.liumapp.com * date 2018-11-29 * / @ Configurationpublic class SecuritySecureConfig extends WebSecurityConfigurerAdapter {private final String adminContextPath; public SecuritySecureConfig (AdminServerProperties adminServerProperties) {this.adminContextPath = adminServerProperties.getContextPath ();} @ Override protected void configure (HttpSecurity http) throws Exception {/ / @ formatter:off SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler () SuccessHandler.setTargetUrlParameter ("redirectTo"); successHandler.setDefaultTargetUrl (adminContextPath + "/") Http.authorizeRequests () .antMatrices (adminContextPath + "/ assets/**"). PermitAll () .antMatrices (adminContextPath + "/ login"). PermitAll () .anyRequest (). Authenticated () .and () .formLogin (). LoginPage (adminContextPath + "/ login"). LoginPage (successHandler). And () .logout () .logoutUrl (adminContextPath + "/ logout") .and () .httpBasic (). And () .csrf () .csrfTokenRepository (CookieCsrfTokenRepository.withHttpOnlyFalse ()) .originingAntMatching (adminContextPath + "/ instances") AdminContextPath + "/ actuator/**") / / @ formatter:on}}

In the above code, all you need to pay attention to is an AdminServerProperties class, by browsing some of its source code:

@ ConfigurationProperties ("spring.boot.admin") public class AdminServerProperties {/ * * The context-path prefixes the path where the Admin Servers statics assets and api should be * served. Relative to the Dispatcher-Servlet. * / private String contextPath = ""; / * * The metadata keys which should be sanitized when serializing to json * / private String [] metadataKeysToSanitize = new String [] {". * password$", ". * secret$", ". * key$", ". * $token$", ". * credentials.*", ". * vcap_services$"}; / * * For Spring Boot 2.x applications the endpoints should be discovered automatically using the actuator links. * For Spring Boot 1.x applications SBA probes for the specified endpoints using an OPTIONS request. * If the path differs from the id you can specify this as id:path (e.g. Health:ping). * / private String [] probedEndpoints = {"health", "env", "metrics", "httptrace:trace", "httptrace", "threaddump:dump", "threaddump", "jolokia", "info", "logfile", "refresh", "flyway", "liquibase", "heapdump", "loggers", "auditevents", "mappings", "scheduledtasks", "configprops", "caches", "beans"} / / the following is omitted.}

We can find that AdminServerProperties defines the configuration properties of Spring Boot Admin, and login is naturally one of them, so we must introduce AdminServerProperties when we write the Spring Security configuration class.

At this point, the configuration of Spring Security on the Spring Boot Admin server is over. Let's start the Security configuration on the client side.

Client configuration

First of all, for the client, we need to introduce additional Spring Boot Admin Client dependencies in addition to Spring Security dependencies:

De.codecentric spring-boot-admin-starter-client 2.0.2 org.springframework.boot spring-boot-starter-security

On this basis, the account password is set by writing the client application.yml configuration file.

Spring: boot: admin: client: url: ${your sba server url} username: ${your sba username} password: ${your sba password} instance: service-base-url: ${your client url}

Next, configure the Spring Security on the client side to allow the Server side to read the data exposed by actuator.

Add a configuration class:

Import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;@Configurationpublic class SecurityPermitAllConfig extends WebSecurityConfigurerAdapter {@ Override protected void configure (HttpSecurity http) throws Exception {http.authorizeRequests () .anyRequest () .permitAll () .and () .csrf () .disable ();}}

At this point, the problem of being unable to register successfully because of security verification can be solved.

Registration succeeded but log could not be displayed

There are two reasons for this problem.

The client log is not stored as a file

After client containerization deployment, log files are not mapped to host disk

For the first case, the solution is relatively simple: save the log generated by the system as a file:

Logging: file:. / log/client.log pattern: file: "% clr (% d {yyyy-MM-dd HH:mm:ss.SSS}) {faint}% clr (% 5p)% clr (${PID}) {magenta}% clr (- -) {faint}% clr ([.15t]) {faint}% clr (%-40.40logger {39}) {cyan}% clr (:) {faint}% m%n%wEx"

The second situation is more complicated, first of all, we have to clear what tools are used to deploy the container, but generally speaking, it can be done directly through file mapping.

Here, take docker as an example, map log files by setting volumes in docker

Volumes: -. / log:/client/log/ registered successfully but the information display is incomplete

Occasionally, there is a situation where the Spring Boot Admin client registers the server successfully, but the statistics page displays too little data (maybe only the log column)

The reason for this problem is that we do not have the actuator interface address of the open client for server access.

Then the solution is also very simple, allowing the server to access actuator.

First of all, we need to make sure that the project has an actuator dependency (generally speaking, spring-boot-admin-starter-client itself contains this dependency, so no additional introduction is required):

Org.springframework.boot spring-boot-starter-actuator

Then open the port of actuator and add the following to the configuration file on the client side:

Management: endpoints: web: exposure: include: "*"

At the same time, considering the differences between client and server domain names, by the way, cross-domain is also solved, and cross-domain configuration class is added:

Import org.springframework.context.annotation.Configuration;import org.springframework.web.servlet.config.annotation.CorsRegistry;import org.springframework.web.servlet.config.annotation.WebMvcConfigurer / * @ author liumapp * @ file CorsConfig.java * @ email liumapp.com@gmail.com * @ homepage http://www.liumapp.com * @ date 2018-8-11 * / @ Configurationpublic class CorsConfig implements WebMvcConfigurer {public void addCorsMappings (CorsRegistry registry) {registry.addMapping ("/ *") .allowCredentials (true) .allowedHeaders ("*") .allowedOrigins ("*") .allowedMethods ("*") }}

This is the answer to the question about the Spring Boot Admin pit guide. I hope the above content can be of some help to you. If you still have a lot of doubts to solve, you can follow the industry information channel to learn more about it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.