Spring Boot Admin可以将 Actuator 中的信息进行界面化的展示,用于监控所有 Spring Boot 应用的健康状况,提供实时警报功能。
使用步骤
1.服务器
1.Maven导入依赖
必须是web应用 所以导入spring-boot-starter-web
admin版本必须和springboot一致
<!--
报错:java.lang.IllegalStateException: Calling [asyncError()] is not valid for a request with Async state [MUST_DISPATCH]
解决:移除tomcat,换成jetty
-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jetty</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
<version>2.2.1</version>
</dependency>
2.启动类添加注解:@EnableAdminServer
3.yml配置服务端口
server.port=8888
4.启动项目,访问配置的8888端口
可以看到可视化界面,因为还没有客户端注册进来,所以应用数为0.
2.客户端
1.Maven导入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>2.2.1</version>
</dependency>
2.yml配置admin服务器地址和本机端口
server:
port: 9999
spring:
boot:
admin:
client:
url: http://localhost:8888
此时再访问admin服务器:
3.展示health信息
yml配置:
management:
endpoint:
health:
show-details: always
4.展示所有信息
# #可以控制哪个不显示
management:
endpoint:
health:
show-details: always
##展示所有信息
endpoints:
web:
exposure:
include: "*"
3.整合 SpringSecurity
1.Maven引入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
2.指定账号密码
spring.security.user.name=admin
spring.security.user.password=admin
3.config配置
/**
* @Author: lzp
* @Description:
* @Date Create in 21:02 2022/4/28
* @Modified By:
*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public SecurityConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter( "redirectTo" );
http.authorizeRequests()
.antMatchers( adminContextPath + "/assets/**" ).permitAll()
.antMatchers( adminContextPath + "/login" ).permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage( adminContextPath + "/login" ).successHandler( successHandler ).and()
.logout().logoutUrl( adminContextPath + "/logout" ).and()
.httpBasic().and()
.csrf().disable();
}
}
4.启动项目
输入账号密码可以进入界面
5.客户端需要配置账号和密码才可以被监控
spring:
boot:
admin:
client:
url: http://localhost:8888
username: admin
password: admin
4.邮件配置
1.客户端Maven引入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
</dependency>
2.yml配置
spring:
mail:
host: smtp.qq.com # 发件人使用的qq邮箱服务
username: 624753336@qq.com
# 授权码,不是密码,在qq邮箱设置‐账号里面有生成授权码
password: yxuabccitdmsbfib
boot:
admin:
client:
url: http://localhost:8888
username: admin
password: admin
notify:
mail:
# # 发件人
from: 624753336@qq.com
# 收件人,多个中间用,分隔
to: 624753336@qq.com
授权码在qq邮箱 设置 账户里边 点击这个按钮可以获取
3.测试
启动客户端,启动服务器,可以监控到服务正常运行,此时关闭客户端 可以收到邮件。
5.拦截其他路径访问actuator
客户端是要暴露actuator的web端口的,为了安全,客户端只允许服务端请求actuator的web接口(通过约定好的请求头来判断)
1.服务端配置
增加配置类,添加请求头信息,信息内容为服务端的端口号
@Configuration
public class HttpHeadersProviderConfig implements HttpHeadersProvider {
@Value("${server.port}")
private String port;
@Override
public HttpHeaders getHeaders(Instance instance) {
HttpHeaders httpHeaders = new HttpHeaders();
//设置约定好的请求头
httpHeaders.add("spring-boot-admin-service",port);
return httpHeaders;
}
}
2.客户端配置
增加拦截器,对访问/actuator路径而且请求头中"spring-boot-admin-service"的值不为服务端端口号的请求进行拦截。
@Component
@WebFilter
public class ActuatorFilter implements Filter {
//自定义配置
@Value("${admin.server.port}")
private String adminServicePort;
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
//判断约定好的请求头参数
if (request.getRequestURI().contains("/actuator") && !adminServicePort.equals(request.getHeader("spring-boot-admin-service"))){
//抛出异常,这里异常不能被全局异常处理器拦截,需要自定义一个controller
throw new RuntimeException("抱歉,你无权限访问,Actuator端口受保护! Sorry, you have no permission to access it,Actuator port protected!");
}
filterChain.doFilter(servletRequest, servletResponse);
}
}
3.自定义配置类,配置服务器端端口号
@Component //也可以在使用到该配置的类中添加注解@EnableConfigurationProperties(YmlConfig.class)
@ConfigurationProperties(prefix = "admin.server")
public class YmlConfig {
private String port;
public String getPort() {
return port;
}
public void setPort(String port) {
this.port = port;
}
}
配置文件中配置:
admin.server.port=8888
4.添加基础异常处理controller
拦截器中抛出的异常,会走到这里
@RestController
public class BaseErrorController implements ErrorController {
private final Logger logger = LoggerFactory.getLogger(getClass());
private ErrorAttributes errorAttributes;
private static final String ERROR_PATH = "/error";
@Autowired
public BaseErrorController(ErrorAttributes errorAttributes) {
this.errorAttributes = errorAttributes;
}
@Override
public String getErrorPath() {
return ERROR_PATH;
}
@RequestMapping(value = ERROR_PATH)
public Object errorJson(HttpServletRequest request) {
Map<String, Object> errorInfo = errorAttributes.getErrorAttributes(new ServletWebRequest(request), true);
logger.error("请求异常:{}", errorInfo.toString());
return R.error((Integer)errorInfo.get("status"), (String) errorInfo.get("message"));
}
}
通过浏览器直接访问/actuator
相关文章
暂无评论...
致力于称为最好的程序员导航网站