核心组件版本
<spring.boot.version>2.7.8</spring.boot.version>
<spring.cloud.version>2021.0.5</spring.cloud.version>
<spring.cloud.alibaba.version>2021.0.4.0</spring.cloud.alibaba.version>
说明
本文只是一个测试用例,需要 admin client 和 server 都配置同一个账号,才能保证 server 和 client 都需要登录,而且 server 能访问 client 的 actuator/** 地址
SpringBootAdminServer
maven 依赖
spring-boot-admin-server-ui 在 spring-boot-admin-starter-server 中依赖,无需单独引入
<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-security -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<exclusions>
<exclusion>
<artifactId>spring-boot-starter-logging</artifactId>
<groupId>org.springframework.boot</groupId>
</exclusion>
</exclusions>
</dependency>
<!-- https://mvnrepository.com/artifact/de.codecentric/spring-boot-admin-starter-server -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
<version>${spring.boot.version}</version>
</dependency>
<!-- alibaba spring cloud nacos -->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
</dependency>
<!-- alibaba spring cloud nacos -->
</dependencies>
properties 配置
nacos 微服务等配置忽略,贴出与 SpringBootAdmin 相关的配置
spring.web.resources.static-locations=classpath:/META-INF/resources/,classpath:/resources/,classpath:/static/,classpath:/public/,classpath:/assets/
spring.security.user.name=actuator
spring.security.user.password=actuator
# spring admin server 下探每个 client actuator 时的账号,包括下探自己的 actuator
spring.boot.admin.instance-auth.enabled=true
spring.boot.admin.instance-auth.default-user-name=${spring.security.user.name}
spring.boot.admin.instance-auth.default-password=${spring.security.user.password}
SecurityConfig
SpringBootAdminServer 中的 SecurityConfig 有些特殊,参考 Securing Spring Boot Admin Server,
springboot2.7.x 已经废弃了 WebSecurityConfigurerAdapter ,方法改写下即可,参考 Spring Security without the WebSecurityConfigurerAdapter
启动 SpringBootAdminServer
账号密码是 actuator/actuator,登录即可
SpringBootAdminClient
maven 依赖
核心包 spring-boot-admin-starter-client
<!-- https://mvnrepository.com/artifact/de.codecentric/spring-boot-admin-starter-client -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>${spring.boot.version}</version>
</dependency>
<!-- alibaba spring cloud nacos -->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
</dependency>
<!-- alibaba spring cloud nacos -->
<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-security -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<exclusions>
<exclusion>
<artifactId>spring-boot-starter-logging</artifactId>
<groupId>org.springframework.boot</groupId>
</exclusion>
</exclusions>
</dependency>
properties 配置
nacos 微服务等配置忽略,只需要配置 springsecurity 登录账号即可
spring.security.user.name=actuator
spring.security.user.password=actuator
启动SpringBootAdminClient
因为客户端采用 actuator/actuator 登录,而 AdminServer 中配置了下探账号,所以 SpringBootAdminServer中能够访问到 client/actuator/**,能够获取到所有检测数据,同时,客户端正常情况下,需要登录才能访问数据,也不存在数据泄露的问题