微技术

关注技术领域,分享资讯和经验。

Spring Boot Admin-应用健康监控后台管理

Spring Boot Admin 用于监控基于 Spring Boot 的应用,它是在 Spring Boot Actuator 的基础上提供简洁的可视化 WEB UI。

1. 什么是Spring Boot Admin?


Spring Boot Admin(下文简称SBA)是一个社区开源项目,用于管理和监控你的Spring Boot应用。应用通过SBA Client注册到SBA Server中,可通过HTTP请求或者Spring Cloud发现(例如Eureka、Consul),UI展示通过Vue在Spring Boot Actuator端点上获取应用监控数据进行管理。

2. 开始使用


2,1 配置好你的SBA Server服务端程序

2.1.1 添加spring-boot-admin-starter-server的Maven依赖到你的pom.xml中:

<dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-starter-server</artifactId>
    <version>2.0.2</version>
</dependency>
<dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-server-ui</artifactId>
    <version>2.0.2</version>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>

2.1.2 打开你的Spring Boot启动文件中添加@EnableAdminServer 注解用于激活SBA Server配置:

import de.codecentric.boot.admin.server.config.EnableAdminServer;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
@EnableAdminServer
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }
}

注意如果你需要将应用以war形式部署,请将启动文件做如下改变:

import de.codecentric.boot.admin.server.config.EnableAdminServer;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;

@SpringBootApplication
@EnableAdminServer
public class Application extends SpringBootServletInitializer {

    @Override
    protected SpringApplicationBuilder configure(SpringApplicationBuilder builder) {
        return builder.sources(Application.class);
    }

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }
}

2.1.3 在你的SBA Server中的 application.yml 中进行相关配置:

spring:
  # 配置SBA Client连接的安全账号密码
  security:
    user:
      name: admin
      password: admin
  boot:
    admin:
      ui:
        # 修改网页显示的tab标题
        title: "应用监控管理"
        # 修改网页的brand的图标和标题
        brand: "<img src='assets/img/icon-spring-boot-admin.svg'><span>应用监控管理</span>"
server:
  port: 7070

2.1.4 进行Spring Security相关配置:

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    private final String adminContextPath;

    public SecurityConfig(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");

        http.authorizeRequests()
                .antMatchers(
                        adminContextPath + "/assets/**",
                        adminContextPath + "/login"
                ).permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
                .logout().logoutUrl(adminContextPath + "/logout").and()
                .httpBasic().and()
                .csrf()
                .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                .ignoringAntMatchers(
                        "/instances",
                        "/actuator/**",
                        adminContextPath + "/logout"
                );
    }
}

2.2 注册你的客户端应用

为了注册你的应用在SBA Server中,你可以使用SBA Client 或者使用Spring Cloud Discovery(例如:Eureka, Consul, ...)。

2.2.1 配置你的Spring Boot Admin客户端

每一个想注册的应用都必须包含SBA Client,同时为了确保Actuator端点的安全,建议添加 spring-boot-starter-security 依赖用于保护端点安全访问。
添加 spring-boot-admin-starter-client 的Maven依赖到你的pom.xml中:

<dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-starter-client</artifactId>
    <version>2.0.2</version>
</dependency>
<!-- 可选择添加下面依赖 -->
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

2.2.2. 在你的SBA Client中的 application.yml 中配置你的SBA Server的服务地址:

spring:
  boot:
    admin:
      client:
        # 这个URL地址是SBA Server的服务地址,你需要将你的应用注册到该地址上
        url: http://localhost:7070
        # 配置连接到监测管理平台的Security安全密码
        username: admin
        password: admin
        instance:
          metadata:
            # 配置发送到SBA Server的SBA Client的端点安全密码
            user.name: ${spring.security.user.name}
            user.password: ${spring.security.user.password}
  security:
    user:
      name: root
      password: root
# 官方文档中有提到, SpringBoot 的 Logging 配置的级别有7个:TRACE , DEBUG , INFO , WARN , ERROR , FATAL , OFF
logging:
  # 设置日志保存的路径,path和file只需要设置一个,指定path则日志名称固定为spring.log
  path: /java-log
  # 打印日志的级别
  level:
    root: info
# 在默认情况下大多数Actuator的端点并没有完全公开,这里我将所有端点都进行公开进行管理
management.endpoints.web.exposure.include: "*" 

2.2.3. 如果你添加了 spring-boot-starter-security 依赖,你需要进行如下配置使SBA Server服务端能够访问SBA Client客户端的Actuator端点:

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.httpBasic().and()
                .authorizeRequests().antMatchers("/actuator/**").authenticated()
                .anyRequest().permitAll();
    }
}

3.至此相关配置已经完成,现在让我们启动SBA Server服务端程序,打开浏览器输入http://localhost:7070 访问它。