什么是 Spring Boot Admin?
codecentric 的 Spring Boot Admin 是一个社区项目,用于管理和监控您的Spring Boot ®应用程序。应用程序向我们的 Spring Boot Admin Client 注册(通过 HTTP)或使用 Spring Cloud ®(例如 Eureka、Consul)发现。UI 只是一个位于 Spring Boot Actuator 端点之上的 Vue.js 应用程序。
整合admin
版本
环境 | 版本 |
Spring Boot | 2.4.6 |
JDK | 13 |
Idea | 2020.1 |
Server
pom
<properties>
<java.version>11</java.version>
<spring-boot-admin.version>2.3.1</spring-boot-admin.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-dependencies</artifactId>
<version>${spring-boot-admin.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
yml
server:
port: 8090
servlet:
contest-path: /
spring:
application:
name: admin-server
启动类
@SpringBootApplication
@EnableAdminServer
public class ServerApplication {
public static void main(String[] args) {
SpringApplication.run(ServerApplication.class, args);
}
}
Client
pom
<properties>
<java.version>11</java.version>
<spring-boot-admin.version>2.3.1</spring-boot-admin.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-dependencies</artifactId>
<version>${spring-boot-admin.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
yml
server:
port: 8091
servlet:
contest-path: /
spring:
application:
name: admin-client
boot:
admin:
client:
url: http://localhost:8090
management:
endpoints:
web:
exposure:
include: '*'
endpoint:
health:
show-details: always
测试
分别启动8090和8091项目,下图说明Client成功在Server端注册
打开浏览器输入http://localhost:8090回车
点击实例进入监控页面
功能不一一列举了,admin功能包括:
- 显示 name/id 和版本号
- 显示在线状态
- Logging日志级别管理
- JMX beans管理
- Threads会话和线程管理
- Trace应用请求跟踪
- 应用运行参数信息,如:
- Java 系统属性
- Java 环境变量属性
- 内存信息
- Spring 环境属性
安全认证(security)
添加安全认证也很简单,需要在原来文件的基础上添加以下配置即可:
Server端
pom
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
SecuritySecureConfig
import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import java.util.UUID;
/**
* @ClassName : SecuritySecureConfig //类名
* @Description : //描述
* @Author : //作者
* @Date: 2021-06-04 15:31 //时间
*/
@Configuration(proxyBeanMethods = false)
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
private final AdminServerProperties adminServer;
private final SecurityProperties security;
public SecuritySecureConfig(AdminServerProperties adminServer, SecurityProperties security) {
this.adminServer = adminServer;
this.security = security;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
http.authorizeRequests(
(authorizeRequests) -> authorizeRequests.antMatchers(this.adminServer.path("/assets/**")).permitAll()
.antMatchers(this.adminServer.path("/actuator/info")).permitAll()
.antMatchers(this.adminServer.path("/actuator/health")).permitAll()
.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated()
).formLogin(
(formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and()
).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"),
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))
))
.rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));
}
// Required to provide UserDetailsService for "remember functionality"
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser(security.getUser().getName())
.password("{noop}" + security.getUser().getPassword()).roles("USER");
}
}
yml
spring:
security:
user:
name: 'admin'
password: 'admin'
Client端
yml
spring:
boot:
admin:
client:
username: 'admin'
password: 'admin'
测试
重新启动8090和8091项目
输入配置的用户名密码即可登录(此处是'admin')
邮件通知
admin支持邮件通知,配置如下:
(集成的邮箱以自己需求为主,此处以163邮箱为例)
Server端
pom
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
</dependency>
yml
spring:
mail:
host: smtp.163.com
username: 发送人@163.com
password: 授权码
boot:
admin:
notify:
mail:
enabled: true
to: 接收人@xx.com
from: 发送人@163.com
获取授权码
已经拿到邮箱授权码的可以跳过此步骤
打开浏览器进入https://mail.163.com/登录163邮箱,成功后
这里需要扫描一下二维码发送短信开启(个人吐槽:有点坑短信费)
发送成功后选择'我已发送',把红圈里的授权码复制下来替换掉上面yml中的'授权码'文字
然后修改发送人和接收人邮箱地址,这里要注意一下,username和from必须是相同的邮箱,to是接收人的邮箱
修改完成后重启8090项目
测试
登录进入监控页面
此刻两个项目都正常运行,停止8091项目
启动8091项目
离线邮件
上线邮件
以上就是本篇的全部内容,下面附上github代码地址
参考资料
1.https://codecentric.github.io/spring-boot-admin/current/#clustering-support