1、聚合监控
HystrixDashboard主要的功能是针对某一个微服务进行监控,
Turbine主要的功能是针对多个微服务进行监控。
2、实例应用
2.1、创建turbine监控工程
pom.xml
<?xml version="1.0"?>
<project
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.zemel</groupId>
<artifactId>microcloud</artifactId>
<version>1.0.0</version>
</parent>
<artifactId>microcloud-consumer-turbine</artifactId>
<name>microcloud-consumer-turbine</name>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-eureka</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-hystrix</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-hystrix-dashboard</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-turbine</artifactId>
</dependency>
</dependencies>
</project>
App.java
package com.zemel.consumer;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.hystrix.dashboard.EnableHystrixDashboard;
import org.springframework.cloud.netflix.turbine.EnableTurbine;
@SpringBootApplication
@EnableHystrixDashboard
@EnableTurbine
public class Turbine9101App {
public static void main(String[] args) {
SpringApplication.run(Turbine9101App.class, args);
}
}
application.yml
server:
port: 9101 # turbine的监听端口为9101
# turbine监控多个微服务配置
turbine:
app-config: PROVIDER-COMPANY,DEPT-8001
cluster-name-expression: new String("default")
eureka:
client:
serviceUrl:
defaultZone: http://admin:admin@eurekaserver-7001.com:7001/eureka,http://admin:admin@eurekaserver-7002.com:7002/eureka,http://admin:admin@eurekaserver-7003.com:7003/eureka
instance:
instanceId: trubine-9101.com
prefer-ip-address: true #访问地址显示
# 不建议修改以下两项
# lease-expiration-duration-in-seconds: 2 #心跳间隔时间(默认30s)
# lease-renewal-interval-in-seconds: 5 #如果现在超过了5s间隔(默认是90秒)
重点就是配置:配置多给服务名称。
3、访问
4、本次实例工程用了两个实例,Company没有采取Spring-security安全策略,DeptRest采取了安全策略
导致的结果如下:
Turbine工程启动的时候报错,没有权限访问DeptRest采取了安全策略的服务,错误信息如下:
com.netflix.turbine.monitor.instance.InstanceMonitor$MisconfiguredHostException: [{"timestamp":1544683452795,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/hystrix.stream"}]
at com.netflix.turbine.monitor.instance.InstanceMonitor.init(InstanceMonitor.java:318) ~[turbine-core-1.0.0.jar:na]
at com.netflix.turbine.monitor.instance.InstanceMonitor.access$100(InstanceMonitor.java:103) ~[turbine-core-1.0.0.jar:na]
at com.netflix.turbine.monitor.instance.InstanceMonitor$2.call(InstanceMonitor.java:235) [turbine-core-1.0.0.jar:na]
at com.netflix.turbine.monitor.instance.InstanceMonitor$2.call(InstanceMonitor.java:229) [turbine-core-1.0.0.jar:na]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_91]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_91]
解决方案如下:
在采取安全方案的DeptRest工程忽略web监控地址:
package com.zemel.security.config;
import javax.annotation.Resource;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception {
super.configure(web);
web.ignoring().antMatchers("/hystrix.stream", "turbine.stream");
// spring.secruity.ignored:
// /hystrix.stream
// /turbine.stream
}
@Resource
public void configGloabl(AuthenticationManagerBuilder auth)throws Exception{
auth.inMemoryAuthentication().withUser("wendy").password("wendy").roles("USER")
.and().withUser("admin").password("hello").roles("USER", "ADMIN");
}
/*security:
sessions: stateless
basic:
enabled: true #启用SpringSecurity的安全配置
user:
name: zemel #认证用户名
password: 123456 # 认证密码
role: # 授权角色
- USER */
@Override
protected void configure(HttpSecurity http) throws Exception {
// 表示所有的访问都必须认证,认证处理后才可以正常进行
http.httpBasic().and().authorizeRequests().anyRequest().fullyAuthenticated();
// 所有的rest服务一定要设置为无状态,以提升操作效率和性能
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
主要通过WebSecurity的接口赦免指定路径的访问权限。