spring-boot-admin 配合eureka实现 微服务监控

admin server配置：

pom依赖：

          <dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-actuator</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-starter-eureka</artifactId>
		</dependency>
		<dependency>
			<groupId>de.codecentric</groupId>
			<artifactId>spring-boot-admin-server</artifactId>
			<version>${springBootAdminVersion}</version>
		</dependency>
		<dependency>
			<groupId>de.codecentric</groupId>
			<artifactId>spring-boot-admin-server-ui</artifactId>
			<version>${springBootAdminVersion}</version>
		</dependency>
		<!--集成turbine和hystrix-->
		<dependency>
			<groupId>de.codecentric</groupId>
			<artifactId>spring-boot-admin-server-ui-hystrix</artifactId>
			<version>${springBootAdminVersion}</version>
		</dependency>
		<dependency>
			<groupId>de.codecentric</groupId>
			<artifactId>spring-boot-admin-server-ui-turbine</artifactId>
			<version>${springBootAdminVersion}</version>
		</dependency>
		<!--集成Activiti模块-->
		<dependency>
			<groupId>de.codecentric</groupId>
			<artifactId>spring-boot-admin-server-ui-activiti</artifactId>
			<version>${springBootAdminVersion}</version>
		</dependency>
		<!--集成登录UI模块-->
		<dependency>
			<groupId>de.codecentric</groupId>
			<artifactId>spring-boot-admin-server-ui-login</artifactId>
			<version>${springBootAdminVersion}</version>
		</dependency>
		<!--集成security安全模块-->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>
		<!--集成邮件告警-->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-mail</artifactId>
		</dependency>
		<!--添加jolokia依赖-->
		<dependency>
			<groupId>org.jolokia</groupId>
			<artifactId>jolokia-core</artifactId>
		</dependency>
	</dependencies>

 yml配置：

server:
  port: 8505
spring:
  application:
    name: cloud-admin
  boot:
    admin:
      routes:
        endpoints: env,metrics,dump,jolokia,info,configprops,trace,logfile,refresh,flyway,liquibase,heapdump,loggers,auditevents,hystrix.stream,activiti
      notify:
        mail:
          to: 1173227952@qq.com #邮件告警 收件人列表
          from: 653787585@qq.com  #邮件告警 发件人列表
  mail: #邮件告警配置
    host: smtp.qq.com
    username: 653787585@qq.com  #发送方的邮箱
    password: xurokmklgmjnbcgh #对于qq邮箱而言 需要在邮箱设置里面生成的授权码，这个不是真实的密码
#    properties:
#      mail.debug: false
#      mail.smtp.auth: true

eureka:
  instance:
    leaseRenewalIntervalInSeconds: 10
    health-check-url-path: /actuator/health
  client:
    registryFetchIntervalSeconds: 5
    serviceUrl:
      defaultZone: http://192.168.1.204:8201/eureka/

management:
  security:
    enabled: false  #关闭Basic认证

security: #配置登陆用户名、密码
  user:
    name: admin
    password: admin
  basic:
    enabled: false

 启动类添加注解：

package com.boao.platform.admin;

import de.codecentric.boot.admin.config.EnableAdminServer;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.context.annotation.Configuration;

@Configuration
@EnableAutoConfiguration
@SpringBootApplication
@EnableDiscoveryClient
@EnableAdminServer
//@EnableEurekaClient
public class AdminApplication {

	public static void main(String[] args) {
		SpringApplication.run(AdminApplication.class, args);
	}

}

 结合Security的权限控制类：包含 admin server登陆、指定url过滤功能

package com.boao.platform.admin.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * 配置HTTPBASIC权限验证
 * Created by liyy on 2018/8/6.
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, proxyTargetClass = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) throws Exception {
        //忽略css.jq.img等文件
        web.ignoring().antMatchers("/**.html", "/**.css", "/img/**", "/**.js", "/third-party/**","/api/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable() //HTTP with Disable CSRF
                .authorizeRequests() //Authorize Request Configuration
                .antMatchers("/login",
                        "/api/**",
                        "/**/heapdump",
                        "/**/loggers",
                        "/**/liquibase",
                        "/**/logfile",
                        "/**/flyway",
                        "/**/auditevents",
                        "/**/jolokia").permitAll() //放开"/api/**"：为了给被监控端免登录注册并解决Log与Logger冲突
                .and()
                .authorizeRequests()
                .antMatchers("/**").hasRole("USER")
                .antMatchers("/**").authenticated()
                .and() //Login Form configuration for all others
                .formLogin()
                .loginPage("/login.html")
                .loginProcessingUrl("/login").permitAll()
                .defaultSuccessUrl("/")
                .and() //Logout Form configuration
                .logout()
                .deleteCookies("remove")
                .logoutSuccessUrl("/login.html").permitAll()
                .and()
                .httpBasic();

    }
}

client端配置：

               <!--增加eureka-server的依赖 -->
		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-starter-eureka</artifactId>
		</dependency>
                <dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-actuator</artifactId>
		</dependency>
		<!--开启HTTP basic认证,保护actuator敏感端点-->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>

yml配置：

security:
  user:
    name: admin
    password: 123456
eureka:
    instance:
      statusPageUrlPath: /info
      healthCheckUrlPath: /health
      preferIpAddress: true
      metadata-map: #admin监控模块需要获取此处的用户名、密码进行访问敏感端口
        user.name: ${security.user.name}
        user.password: ${security.user.password}
    client:
        serviceUrl:
            defaultZone: http://192.168.1.241:8201/eureka/

结合Security的权限控制类：包含 指定url过滤功能

package com.boao.platform.search.config;

import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * 配置HTTPBASIC权限验证
 * 需结合网关zuul服务配置 strip-prefix: false（转发时带上前缀/api），统一使用api前缀实现过滤，由于涉及服务较多 后续再统一处理。
 * Created by liyy on 2018/8/6.
 */
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) throws Exception {
        //忽略css.jq.img等文件
        web.ignoring().antMatchers("/**.html", "/**.css", "/img/**", "/**.js", "/third-party/**","/search/**","/EnterpriseExtend/**","/EnterpriseExtendRecommend/**");
    }

}