从springboot actuator到springboot admin监控springboot、springcloud项目

关于actuator

Actuator 提供了对单个 Spring Boot 的监控，只需要在应用中加入spring-boot-starter-actuator依赖即可自动配置一些bean，并暴露一些HTTP endpoint，常用的如下。但操作较麻烦无可视化，就诞生了springboot admin

低版本1.5.3
/info /health /beans /autoconfig /env /mappings /metrics /trace /dump /heapdump  /configprops /shutdown   /loggers/com.cnct（可指定到不同的包路径层级）
高版本2.1.1
全部增加前缀/actuator;修改部分后缀，如/actuator/threaddump  ,/actuactor/httptrace，/actuator/conditions(原/autoconfig)；
增加了部分端点如/actuator/scheduledtasks，

使用springboot admin监控springboot项目

整体步骤：首先搭建server应用，然后在每个需要监控的应用（即client端）配置server端的访问地址等

1.server端添加依赖，需要启动类开启@EnableAdminServer,端口指定9090

  <dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-starter-server</artifactId>
    <version>2.1.1</version>
  </dependency>
  <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
  </dependency>

2.client端添加依赖（spring-boot-admin-starter-client,该依赖会引入actuator），添加配置后重启，

安全之类详细设置参考官网文档 http://codecentric.github.io/spring-boot-admin/2.1.1/

<dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-starter-client</artifactId>
      <version>2.1.1</version>
</dependency>

#actuator配置,注：低版本这两个配置属性名不同，如果只用admin来监控不直接请求端点接口可以去掉该端口
management.server.port=9999
#开启web关闭服务端点，默认关闭
management.endpoint.shutdown.enabled=true
#springboot admin配置（依赖actuator配置）
spring.boot.admin.client.url=http://localhost:9090 
#暴露所有端点
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always

 

3.安全的监控

server端加入spring security的自动配置jar，配置追加

spring.profiles.active=dev 
spring.security.user.name=majun
spring.security.user.password=123456

启动类新增两个bean

@SpringBootApplication
@EnableAdminServer
public class Actuator2adminApplication {

    public static void main(String[] args) {
        SpringApplication.run(Actuator2adminApplication.class, args);
    }
    @Profile("dev")//开发环境不需要认证
    @Configuration
    public static class SecurityPermitAllConfig extends WebSecurityConfigurerAdapter {
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests().anyRequest().permitAll()
                    .and().csrf().disable();
        }
    }

    @Profile("pro")//生产环境安全认证
    @Configuration
    @Order(101)
    public static class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
        private final String adminContextPath;

        public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
            this.adminContextPath = adminServerProperties.getContextPath();
        }

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
            successHandler.setTargetUrlParameter("redirectTo");
            http.authorizeRequests()
                    .antMatchers(adminContextPath + "/assets/**").permitAll()
                    .antMatchers(adminContextPath + "/login").permitAll()
                    .anyRequest().authenticated()
                    .and()
                    .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
                    .logout().logoutUrl(adminContextPath + "/logout").and()
                    .httpBasic().and()
                    .csrf().disable();
            // @formatter:on
        }
    }

}

client端也需要配置增加访问server端的账号密码

#springboot admin配置有密码时必须配置访问账号密码
spring.boot.admin.client.username=majun
spring.boot.admin.client.password=123456

使用springboot admin监控springcloud项目

Spring Boot Admin注册到eureka,会自动从注册中心抓取应用的相关信息,不需要每个微服务都加入spring-boot-admin-starter-client依赖。也可以监控单体 springboot那样但较麻烦！，推荐通过注册中心监控springcloud项目，无侵入啊

1.server端的依赖，入口类@EnableEurekaClient将server端注册到注册中心

<dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.jolokia</groupId>
            <artifactId>jolokia-core</artifactId>
        </dependency>
        <dependency>
            <groupId>de.codecentric</groupId>
            <artifactId>spring-boot-admin-starter-server</artifactId>
            <version>2.1.1</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

2.server端新增服务注册发现相关配置

eureka.client.service-url.defaultZone=http://localhost:8765/eureka/
#将admin server自身也会注册到eureka,可以选择暴露其自身所有端点
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
#配置支持自身监控
eureka.instance.metadata-map.user.name=majun
eureka.instance.metadata-map.user.password=123456
#eureka.client.registry-fetch-interval-seconds=5
#eureka.instance.lease-renewal-interval-in-seconds=10

 

3.client端只需要配置需要暴露的端点即可，不配置就只暴露health、info两个（配置时按实际选择需要监控，避免过多性能消耗）通过注册中心，client端不需要spring-boot-admin-starter-client依赖，不需要配置admin server端的账号密码

management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always

4.效果预览

 

了解更多，参考官网http://codecentric.github.io/spring-boot-admin/2.1.1/