catalogue
preface
reference material:
《Spring Microservices in Action》
Principle and practice of spring cloud Alibaba microservice
“Spring cloud framework development tutorial in Silicon Valley of station B” Zhou Yang
Springcloud config provides centralized external configuration support for microservices in the microservice architecture, and the configuration server provides a centralized external configuration for all environments of different microservice applications;
1. Basic knowledge points of spring cloud config
1.1 features, advantages and disadvantages
characteristic:
- Non distributed key value storage;
- Provide close integration of spring and non spring services;
- Multiple back ends can be used to store configuration data;
- Easy to build and deploy;
- It is closely integrated with spring boot and can be configured with annotations;
1.2 server side and client side of config
- The server side is a distributed configuration center, which is an independent microservice application;
- The client side is the basic setting or micro service application in the distributed system, and manages the relevant configuration by specifying the configuration center;
1.3 configuration storage
- Spring cloud config supports storing configurations in git, database, SVN and local files;
1.4 three common environment configuration names
- dev: development environment;
- prd: actual environment;
- test: test environment;
- The general test environment is the copy of the actual environment;
1.5 disadvantages of using local file to store configuration
- Put the responsibility of maintaining the environment on the developers;
1.6 role of spring cloud config
- Centralized management of configuration files;
- Different environments have different configurations, dynamic configuration updates and deployment by environment, such as dev / test / prod / beta / release;
- The configuration is dynamically adjusted during operation. It is no longer necessary to write configuration files on the machines deployed by each service. The service will uniformly pull and configure its own information from the configuration center;
- When the configuration changes, the service can sense the change of the configuration and apply the new configuration without restarting;
- Expose the configuration information in the form of rest interface;
2. Example of configuring server
2.1 introduction of POM XML dependency file
org.springframework.cloud
spring-cloud-config-server2.2 modify bootstrap Yaml profile
Bootstrap. Under resources package Yaml, configure the server’s own configuration file;
- The naming convention for application configuration files isApplication name – environment name yml;
- The environment name can be: dev (development environment), PRD (actual environment), test (test environment);
- The configuration of which environment needs to be started can be used
profileProperty. If this attribute is not specified, it will be loaded by defaultapplication.ymlConfiguration data in the file;
2.2.1 configure in local file
server:
Port: 8888 #spring cloud configuration server will listen on the port
spring:
application:
Name: name of XXX config server # service
profiles:
Active: native # is the back-end repository (file system) used to store configuration
cloud:
config:
server:
native:
Search locations: classpath: / config / # [important parameters] storage location path of configuration file2.2.2 configuring on Git
- The corresponding configuration center warehouse needs to be established on git tools such as GitHub or gitee in advance. A simple example:https://gitee.com/dlhjw/config-demo;
- In fact, the config package of local files and the configuration under the package are placed in the GIT warehouse;
server:
Port: 8888 #spring cloud configuration server will listen on the port
spring:
application:
Name: name of XXX config server # service
cloud:
config:
server:
#Using git as the back-end repository
git:
uri: https://gitee.com/dlhjw/config-demo #Warehouse of configuration file
Username: git account
Password: git password
Default label: Master # profile branch
Search paths: root directory of config # configuration file
Force pull: true # configuration file directory2.3 mark notes on the main program class
@EnableConfigServer: indicates that the service is a config configuration server;
@SpringBootApplication: indicates that it is a spring boot application;
2.4 writing client configuration files
Create a new package named config under the local Src / main / resources resource directory, and the configuration file under the package is the configuration file of the client;
-
You can create these profiles here:
- Xxx-client-dev.yml: the client configuration example to be used in point 3 below;
- xxx-client-prd.yml
- xxx-client-test.yml
-
As shown in the figure below:
3. The client obtains the server configuration example
3.1 introduction of POM XML dependency
org.springframework.cloud
spring-cloud-starter-config- Because each service will put the relevant configuration in the configuration server, the dependency can be added to the parent project to represent the public dependency;
3.2 modify bootstrap YML profile
- In bootstrap YML;
- Remember the bootstrap in 2. Service configuration management What are the characteristics of YML? That’s it.
- That is, when using the spring cloud config configuration center, you need to add the configuration attribute connected to the configuration center in the bootstrap configuration file to load the configuration information of the external configuration center;
- Specifically, it refers to the following two attributes:
spring.application.name: Specifies the name of the client (XXX client);spring.profiles.active: Specifies the environment (DEV) to be configured;
- From these two attributes, you can find the xxx-client-dev.yml configuration file under the config package of the configuration server;
3.2.1 the server uses local file mode to store configuration
spring:
application:
Name: XXX client # client, using the configuration in the server
profiles:
Active: dev # specifies that the current environment is the development environment
cloud:
config:
fail-fast: true
#Get the location of config configuration server through URI
#uri: http://localhost:8888
discovery:
Service ID: XXX config server # obtains the config configuration server through service discovery
enabled: true
Profile: ${spring. Profiles. Active} # is used to locate the configuration information. Use spring. Profile above profiles. The value dev of the active property
Label: ${spring. Profiles. Active} # local storage, this parameter is useless
---
spring:
profiles: dev
eureka:
instance:
prefer-ip-address: true
lease-renewal-interval-in-seconds: 5
lease-expiration-duration-in-seconds: 20
metadata-map:
version: v1.0
client:
serviceUrl:
defaultZone: http://localhost:1025/eureka
registry-fetch-interval-seconds: 10
---
spring:
profiles: prd
eureka:
instance:
prefer-ip-address: true
metadata-map:
version: v1.0
client:
serviceUrl:
Defaultzone: http: // {actual environment address}: 1025 / Eureka3.2.2 the server uses git to store configuration
spring:
application:
Name: XXX client # client, using the configuration in the server
profiles:
Active: dev # specifies that the current environment is the dev development environment
cloud:
config:
fail-fast: true
#Get the location of config configuration server through URI
uri: http://localhost:8888 #Service discovery mechanism can also be used here
Profile: ${spring. Profiles. Active} # is used to locate the configuration information. Use spring. Profile above profiles. The value dev of the active property
Label: Master # corresponds to the branch of GIT
---
#The following is the same as the lower part in point 3.2.1 above, which is omitted here3.3 process for client to obtain server configuration
3.3.1 reading process of local configuration
- After the client service is started, the client finds the configuration server through URI or service discovery mechanism;
- Configure the server according to the client’s
spring.application.nameAndspring.profiles.activeFind xxx-client-dev.yml of the configuration file under the config package of the configuration server;
4. Configuration of dynamic refresh service
4.1 use @ refreshscope annotation
- Spring boot actuator provides a@RefreshScopeAnnotations that allow the development team to access
/refreshEndpoint, forcing the spring boot application to re read the application configuration; - The annotation is added to the main program class of the client;
@SpringBootApplication
@RefreshScope
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}4.2 several ways to refresh the micro service configuration
- Using spring cloud busPushMechanism to tell all clients that the configuration has changednews。 An additional middleware (such as rabbitmq) is required to run, but the consul registry does not support this push mechanism;
- Use the provided by spring boot actuator@RefreshScopeNotes;
- Restart all servers or containers;
5. Use spring cloud config to encrypt sensitive configuration information
5.1 download and install Oracle JCE jar required for encryption
- The jar package cannot be downloaded through Maven and must be downloaded from Oracle;
- After downloading the zip file containing JCE jar, you must do the following:
- Switch to
$JAVA_HOME/jre/lib/securityfolder; - take
$JAVA_HOME/jre/lib/securityLocal in directory_ policy. Jar and us_ export_ policy. Backup jar files to other locations; - Unzip the JCE zip file downloaded from Oracle;
- Set local_ policy. Jar and us_ export _ policy. Copy jar to
$JAVA_HOME/jre/lib/securityIn the directory; - Configure spring cloud config to use encryption;
- Switch to
5.2 create encryption key
- Need to alwaysENCRYPT_KEYThe environment variable is set to:
export ENCRYPT_KEY=IMSYMMETRIC; - For symmetric keys, you should pay attention to the following two points:
- The length of the symmetric key should be 12 or more characters, preferably a random character set;
- Do not lose the symmetric key. Once something is encrypted with an encryption key, it cannot be decrypted without a symmetric key;
Decryption and encryption properties
- encryption
encrypt:- Send with post request:http://localhost:8888/encrypt , the message body is the value to be encryptedx. You can get the encrypted result result;
- decrypt
decrypt:- Send with post request:http://localhost:8888/decrypt , the message body is the value to be decryptedResult to get the decrypted result X;
- Use replace X in the configuration file to use the encrypted value:
spring.database.password:"{cipher}result";
- By default: after the above operations are completed, the configuration file is encrypted. However, the interface for obtaining the configuration file can be defined in the controller of the configuration server, and the interface returns the encrypted and decrypted data;
- Therefore, 5.4 configuring microservices to use encryption at the client is required;
5.4 configure microservices to use encryption on clients
-
Configure spring cloud config and do not decrypt the properties on the server;
spring.cloud.config.server.encrypt.enabled=false- Set the symmetric key on the client server;
- take
spring-security-rsa JARAdd to client servicepom.xmlIn the document;
org.springframework.security spring-security-rsa -
In this way, when calling the interface for obtaining the configuration file defined in the controller of the configuration server, the returned data is encrypted;
last
Newcomer production, if there are mistakes, welcome to point out, thank you very much!Welcome to follow official account and share some more daily things!If you need to reprint, please mark the source!
