Microservice architecture | 2.1 using spring cloud config to manage service configuration items

Time:2022-5-24
catalogue

preface

reference material
《Spring Microservices in Action》
Principle and practice of spring cloud Alibaba microservice
“Spring cloud framework development tutorial in Silicon Valley of station B” Zhou Yang

Springcloud config provides centralized external configuration support for microservices in the microservice architecture, and the configuration server provides a centralized external configuration for all environments of different microservice applications;


1. Basic knowledge points of spring cloud config

1.1 features, advantages and disadvantages

characteristic

  • Non distributed key value storage;
  • Provide close integration of spring and non spring services;
  • Multiple back ends can be used to store configuration data;
  • Easy to build and deploy;
  • It is closely integrated with spring boot and can be configured with annotations;

1.2 server side and client side of config

  • The server side is a distributed configuration center, which is an independent microservice application;
  • The client side is the basic setting or micro service application in the distributed system, and manages the relevant configuration by specifying the configuration center;

1.3 configuration storage

  • Spring cloud config supports storing configurations in git, database, SVN and local files;

1.4 three common environment configuration names

  • dev: development environment;
  • prd: actual environment;
  • test: test environment;
  • The general test environment is the copy of the actual environment;

1.5 disadvantages of using local file to store configuration

  • Put the responsibility of maintaining the environment on the developers;

1.6 role of spring cloud config

  • Centralized management of configuration files;
  • Different environments have different configurations, dynamic configuration updates and deployment by environment, such as dev / test / prod / beta / release;
  • The configuration is dynamically adjusted during operation. It is no longer necessary to write configuration files on the machines deployed by each service. The service will uniformly pull and configure its own information from the configuration center;
  • When the configuration changes, the service can sense the change of the configuration and apply the new configuration without restarting;
  • Expose the configuration information in the form of rest interface;

2. Example of configuring server

2.1 introduction of POM XML dependency file

org.springframework.cloud
    spring-cloud-config-server

2.2 modify bootstrap Yaml profile

Bootstrap. Under resources package Yaml, configure the server’s own configuration file;

  • The naming convention for application configuration files isApplication name – environment name yml
    • The environment name can be: dev (development environment), PRD (actual environment), test (test environment);
  • The configuration of which environment needs to be started can be usedprofileProperty. If this attribute is not specified, it will be loaded by defaultapplication.ymlConfiguration data in the file;

2.2.1 configure in local file

server:
  Port: 8888 #spring cloud configuration server will listen on the port
spring:
  application:
    Name: name of XXX config server # service
  profiles:
    Active: native # is the back-end repository (file system) used to store configuration
  cloud:
    config:
      server:
        native:
          Search locations: classpath: / config / # [important parameters] storage location path of configuration file

2.2.2 configuring on Git

  • The corresponding configuration center warehouse needs to be established on git tools such as GitHub or gitee in advance. A simple example:https://gitee.com/dlhjw/config-demo
  • In fact, the config package of local files and the configuration under the package are placed in the GIT warehouse;
server:
  Port: 8888 #spring cloud configuration server will listen on the port
spring:
  application:
    Name: name of XXX config server # service
  cloud:
     config:
        server:
          #Using git as the back-end repository
          git:
            uri:  https://gitee.com/dlhjw/config-demo #Warehouse of configuration file
            Username: git account
            Password: git password
            Default label: Master # profile branch
            Search paths: root directory of config # configuration file
            Force pull: true # configuration file directory

2.3 mark notes on the main program class

@EnableConfigServer: indicates that the service is a config configuration server;

@SpringBootApplication: indicates that it is a spring boot application;

2.4 writing client configuration files

Create a new package named config under the local Src / main / resources resource directory, and the configuration file under the package is the configuration file of the client;

  • You can create these profiles here:

    • Xxx-client-dev.yml: the client configuration example to be used in point 3 below;
    • xxx-client-prd.yml
    • xxx-client-test.yml
  • As shown in the figure below:

3. The client obtains the server configuration example

3.1 introduction of POM XML dependency

org.springframework.cloud
    spring-cloud-starter-config
  • Because each service will put the relevant configuration in the configuration server, the dependency can be added to the parent project to represent the public dependency;

3.2 modify bootstrap YML profile

  • In bootstrap YML;
  • Remember the bootstrap in 2. Service configuration management What are the characteristics of YML? That’s it.
    • That is, when using the spring cloud config configuration center, you need to add the configuration attribute connected to the configuration center in the bootstrap configuration file to load the configuration information of the external configuration center;
    • Specifically, it refers to the following two attributes:
      • spring.application.name: Specifies the name of the client (XXX client);
      • spring.profiles.active: Specifies the environment (DEV) to be configured;
    • From these two attributes, you can find the xxx-client-dev.yml configuration file under the config package of the configuration server;

3.2.1 the server uses local file mode to store configuration

spring:
  application:
    Name: XXX client # client, using the configuration in the server
  profiles:
    Active: dev # specifies that the current environment is the development environment
  cloud:
    config:
      fail-fast: true
      #Get the location of config configuration server through URI
      #uri: http://localhost:8888
      discovery:
        Service ID: XXX config server # obtains the config configuration server through service discovery
        enabled: true
      Profile: ${spring. Profiles. Active} # is used to locate the configuration information. Use spring. Profile above profiles. The value dev of the active property
      Label: ${spring. Profiles. Active} # local storage, this parameter is useless
---
spring:
  profiles: dev
eureka:
  instance:
    prefer-ip-address: true
    lease-renewal-interval-in-seconds: 5
    lease-expiration-duration-in-seconds: 20
    metadata-map:
      version: v1.0
  client:
    serviceUrl:
      defaultZone: http://localhost:1025/eureka
    registry-fetch-interval-seconds: 10
---
spring:
  profiles: prd
eureka:
  instance:
    prefer-ip-address: true
    metadata-map:
      version: v1.0
  client:
    serviceUrl:
      Defaultzone: http: // {actual environment address}: 1025 / Eureka

3.2.2 the server uses git to store configuration

spring:
  application:
    Name: XXX client # client, using the configuration in the server
  profiles:
    Active: dev # specifies that the current environment is the dev development environment
  cloud:
    config:
      fail-fast: true
      #Get the location of config configuration server through URI
      uri:  http://localhost:8888 #Service discovery mechanism can also be used here
      Profile: ${spring. Profiles. Active} # is used to locate the configuration information. Use spring. Profile above profiles. The value dev of the active property
      Label: Master # corresponds to the branch of GIT
---
#The following is the same as the lower part in point 3.2.1 above, which is omitted here

3.3 process for client to obtain server configuration

3.3.1 reading process of local configuration

  • After the client service is started, the client finds the configuration server through URI or service discovery mechanism;
  • Configure the server according to the client’sspring.application.nameAndspring.profiles.activeFind xxx-client-dev.yml of the configuration file under the config package of the configuration server;

4. Configuration of dynamic refresh service

4.1 use @ refreshscope annotation

  • Spring boot actuator provides a@RefreshScopeAnnotations that allow the development team to access/refreshEndpoint, forcing the spring boot application to re read the application configuration;
  • The annotation is added to the main program class of the client;
@SpringBootApplication
@RefreshScope
public class Application {
    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }
}

4.2 several ways to refresh the micro service configuration

  • Using spring cloud busPushMechanism to tell all clients that the configuration has changednews。 An additional middleware (such as rabbitmq) is required to run, but the consul registry does not support this push mechanism;
  • Use the provided by spring boot actuator@RefreshScopeNotes;
  • Restart all servers or containers;

5. Use spring cloud config to encrypt sensitive configuration information

5.1 download and install Oracle JCE jar required for encryption

  • The jar package cannot be downloaded through Maven and must be downloaded from Oracle;
  • After downloading the zip file containing JCE jar, you must do the following:
    • Switch to$JAVA_HOME/jre/lib/securityfolder;
    • take$JAVA_HOME/jre/lib/securityLocal in directory_ policy. Jar and us_ export_ policy. Backup jar files to other locations;
    • Unzip the JCE zip file downloaded from Oracle;
    • Set local_ policy. Jar and us_ export _ policy. Copy jar to$JAVA_HOME/jre/lib/securityIn the directory;
    • Configure spring cloud config to use encryption;

5.2 create encryption key

  • Need to alwaysENCRYPT_KEYThe environment variable is set to:export ENCRYPT_KEY=IMSYMMETRIC
  • For symmetric keys, you should pay attention to the following two points:
    • The length of the symmetric key should be 12 or more characters, preferably a random character set;
    • Do not lose the symmetric key. Once something is encrypted with an encryption key, it cannot be decrypted without a symmetric key;

Decryption and encryption properties

  • encryption encrypt
  • decrypt decrypt
  • Use replace X in the configuration file to use the encrypted value:
    • spring.database.password:"{cipher}result"
  • By default: after the above operations are completed, the configuration file is encrypted. However, the interface for obtaining the configuration file can be defined in the controller of the configuration server, and the interface returns the encrypted and decrypted data;
  • Therefore, 5.4 configuring microservices to use encryption at the client is required;

5.4 configure microservices to use encryption on clients

  • Configure spring cloud config and do not decrypt the properties on the server;

    • spring.cloud.config.server.encrypt.enabled=false
    • Set the symmetric key on the client server;
    • takespring-security-rsa JARAdd to client servicepom.xmlIn the document;
    org.springframework.security
      spring-security-rsa
  • In this way, when calling the interface for obtaining the configuration file defined in the controller of the configuration server, the returned data is encrypted;


last

Newcomer production, if there are mistakes, welcome to point out, thank you very much!Welcome to follow official account and share some more daily things!If you need to reprint, please mark the source!