微服务安全与监控-1
大约 3 分钟
SpringBootAdmin 服务端
1、
// https://mvnrepository.com/artifact/de.codecentric/spring-boot-admin-starter-server
implementation group: 'de.codecentric', name: 'spring-boot-admin-starter-server', version: '2.5.2'
2、
ext.versions = [ // 定义全部的依赖库版本号
admin : '2.3.0', // SpringBootAdmin依赖版本
]
ext.libraries = [ // 依赖库引入配置
// 以下的配置为SpringBootAdmin服务整合
'spring-boot-admin-starter-server' : "de.codecentric:spring-boot-admin-starter-server:${versions.admin}"
]
3、
server: # 服务端配置
port: 8000 # 8000端口
spring:
application: # 配置应用信息
name: microcloud.admin # 是微服务的名称
nacos: # Nacos注册中心配置
discovery: # 发现服务
weight: 80
service: ${spring.application.name} # 使用微服务的名称作为注册的服务名称
server-addr: nacos-server:8848 # Nacos服务地址
namespace: 96c23d77-8d08-4648-b750-1217845607ee # 命名空间ID
group: MICROCLOUD_GROUP # 一般建议大写
cluster-name: MuyanCluster # 配置集群名称
username: muyan # 用户名
password: yootk # 密码
register-enabled: false # 管理端不注册
metadata: # 根据自身的需要配置元数据
version: 1.0 # 自定义元数据项
company: 沐言科技 # 自定义元数据项
url: www.yootk.com # 自定义元数据项
author: 李兴华(爆可爱的小李老师) # 自定义元数据项
yootk:
security:
config:
jwt:
sign: muyan
issuer: MuyanYootk
secret: www.yootk.com
expire: 100000 # 单位:秒
password:
encrypt:
repeat: 5
salt: www.yootk.com
4、
package com.yootk.admin;
import de.codecentric.boot.admin.server.config.EnableAdminServer;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
@SpringBootApplication
@EnableDiscoveryClient
@EnableAdminServer // 启用管理服务端
public class StartSpringBootAdmin8000 {
public static void main(String[] args) {
SpringApplication.run(StartSpringBootAdmin8000.class, args);
}
}
5、
127.0.0.1 microcloud-admin-8000
SpringBootAdmin 安全配置
1、
project(":microcloud-admin-8000") { // 部门微服务
dependencies {
implementation('org.springframework.boot:spring-boot-starter-security')
implementation("org.springframework.boot:spring-boot-starter-web")
implementation(libraries.'spring-boot-admin-starter-server')
implementation('com.alibaba.cloud:spring-cloud-starter-alibaba-nacos-discovery') {
exclude group: 'com.alibaba.nacos', module: 'nacos-client' // 移除旧版本的Nacos依赖
}
implementation('com.alibaba.cloud:spring-cloud-starter-alibaba-nacos-config') {
exclude group: 'com.alibaba.nacos', module: 'nacos-client' // 移除旧版本的Nacos依赖
}
implementation(libraries.'nacos-client') // 引入与当前的Nacos匹配的依赖库
}
}
2、
package com.yootk.admin.config;
import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@Configuration
public class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
private String adminContextPath;
public AdminSecurityConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath(); // 上下文的处理路径
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler =
new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
http.authorizeRequests()
.antMatchers(this.adminContextPath + "/assets/**").permitAll()
.antMatchers(this.adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and().formLogin().loginPage(this.adminContextPath + "/login")
.successHandler(successHandler)
.and().logout().logoutUrl(this.adminContextPath + "/logout")
.and().httpBasic().and().csrf().disable();
}
}
3、
spring:
security:
user:
name: muyan
password: yootk
SpringBootAdmin 客户端接入
1、
// https://mvnrepository.com/artifact/de.codecentric/spring-boot-admin-starter-client
implementation group: 'de.codecentric', name: 'spring-boot-admin-starter-client', version: '2.5.2'
2、
implementation(libraries.'spring-boot-admin-starter-client')
implementation('org.springframework.boot:spring-boot-starter-actuator')
3、
spring:
boot:
admin:
client:
instance:
prefer-ip: true
username: yix
password: yix
url: http://microcloud-admin-8000:8000/
management:
endpoints:
web:
exposure:
include: "*" # 开启全部的监控终端
base-path: /actuator # 访问子路径
微服务离线警告
1、
wxxgmusdafasd
2、
// https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-mail
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-mail', version: '2.5.5'
3、
project(":microcloud-admin-8000") { // 部门微服务
dependencies {
implementation(libraries.'spring-boot-admin-starter-client')
implementation('org.springframework.boot:spring-boot-starter-mail') implementation('org.springframework.boot:spring-boot-starter-actuator')
implementation('org.springframework.boot:spring-boot-starter-security')
implementation("org.springframework.boot:spring-boot-starter-web")
implementation(libraries.'spring-boot-admin-starter-server')
implementation('com.alibaba.cloud:spring-cloud-starter-alibaba-nacos-discovery') {
exclude group: 'com.alibaba.nacos', module: 'nacos-client' // 移除旧版本的Nacos依赖
}
implementation('com.alibaba.cloud:spring-cloud-starter-alibaba-nacos-config') {
exclude group: 'com.alibaba.nacos', module: 'nacos-client' // 移除旧版本的Nacos依赖
}
implementation(libraries.'nacos-client') // 引入与当前的Nacos匹配的依赖库
}
}
4、
spring:
mail:
host: smtp.qq.com
username: 784420216@qq.com
password: wxxgmulpexcubcih
boot:
admin:
notify:
mail:
to: 784420216@qq.com
from: 784420216@qq.com
5、
package com.yootk.admin.config;
import de.codecentric.boot.admin.server.domain.entities.InstanceRepository;
import de.codecentric.boot.admin.server.notify.CompositeNotifier;
import de.codecentric.boot.admin.server.notify.Notifier;
import de.codecentric.boot.admin.server.notify.RemindingNotifier;
import de.codecentric.boot.admin.server.notify.filter.FilteringNotifier;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import java.beans.BeanProperty;
import java.time.Duration;
import java.util.Collections;
import java.util.List;
@Configuration
public class MicroServiceNotificationConfiguration { // 定义一个警报发送配置
private InstanceRepository instanceRepository; // 存储实例
private ObjectProvider<List<Notifier>> provider; // 警报策略
public MicroServiceNotificationConfiguration(InstanceRepository instanceRepository,
ObjectProvider<List<Notifier>> provider) {
this.instanceRepository = instanceRepository;
this.provider = provider;
}
@Bean
public FilteringNotifier getFilterNotifier() {
CompositeNotifier com = new CompositeNotifier(this.provider.getIfAvailable(Collections::emptyList));
return new FilteringNotifier(com, this.instanceRepository);
}
@Bean
@Primary
public RemindingNotifier remindingNotifier() {
RemindingNotifier notifier = new RemindingNotifier(getFilterNotifier(), this.instanceRepository);
notifier.setReminderPeriod(Duration.ofMinutes(1)); // 每分钟提醒1次
notifier.setCheckReminderInverval(Duration.ofSeconds(10)); // 每10秒检查一次
return notifier;
}
}
demo
