How do I customize the spring cloud eureka dashboard. I have to customize the look and feel and also provide restricted access only to admin. Also, how to configure actuator endpoints of all my eureka client which are registered under the dashboard.
Related
I have a Spring Boot (2.4) app (a generic service) and a Eureka discovery server running. The server doesn't register itself as an instance. I am able to navigate to the Eureka dashboard at the default location of localhost:8761 to get an overview of all the registered instances. I successfully see the service is registered in Eureka. However, this dashboard doesn't give any details about the instance except the name and the port number. I want to be able to see the instance meta data. Is this possible using the dashboard? O maybe there is some exposed URL by the Eureka server that I can call in a browser or postman? Or is there an URL available in the Eureka client (the service) that gives details about its Eureka metadata?
I read thet feign clients access something to be able to query the registry. Can I mimic this as human in a browser?
Go to localhost:8761/eureka/apps
I have a spring-boot client app deployed in a customer network and I want to use SBA as a GUI for its actuator endpoints. I cannot use register-client-applications to register the app, mainly because the client app has no connectivity to SBA (its behind a firewall).
Is there a way how to add a client to SBA manually?
You can add use a static configuration for spring cloud's discovery client. So there is no need that the client reach the sba server. See http://codecentric.github.io/spring-boot-admin/current/#spring-cloud-discovery-static-config
Im working with Spring Cloud Zuul + Eureka Server. i know that Zuul will create routes dynamically when there is a service registered on Eureka and it will be route using their Service ID. Is it possible to delegate routes to group services ?
for example i have 2 services that i want to group:
server.port=8081
spring.application.name=company-account-api
server.port=8082
spring.application.name=company-transaction-api
eureka config
spring.application.name=api-discovery
spring.cloud.config.uri=${CONFIG_SERVER_URL:http://localhost:8888}
on Zuul is it possible define a route where i can access the 2 services registered on eureka ?
server.port=9090
spring.application.name=api-gateway
eureka.instance.preferIpAddress=true
eureka.client.registerWithEureka=true
eureka.client.fetchRegistry=true
eureka.serviceurl.defaultzone=http://localhost:8761/eureka
zuul.routes.company-api=/company-**
so when i access http://localhost:9090/company-api/company-account-api & http://localhost:9090/company-api/company-transaction-api the service registered on eureka will be available
You can achieve this with the following config
zuul.ignored-services=*
zuul.routes.company-account-api.serviceId=company-account-api
zuul.routes.company-account-api.path=/company-api/company-account-api/**
zuul.routes.company-transaction-api.serviceId=company-transaction-api
zuul.routes.company-transaction-api.path=/company-api/company-transaction-api/**
Explanation:
zuul.ignored-services=* This will supress the default config
zuul.routes.company-account-api.serviceId=company-account-api
zuul.routes.company-account-api.path=/company-api/company-account-api/**
What is exposed to public is /company-api/company-account-api/** which will be internally mapped to company-account-api service.
If you are not using service discovery then you can do it using url instead of service name
zuul.routes.company-account-api.url=http://accountapihost:accountapiport
zuul.routes.company-account-api.path=/company-api/company-account-api/**
I am using Eureka discovery, Spring Boot Admin (1.5.4) and several services. Each service has enabled basic auth to actuator endpoints:
security.user.name=admin
security.user.password=admin
management.security.enabled=true
SBA fetches info about services from eureka and because of secured endpoints I have configured eureka's metadata map like this:
eureka.instance.metadata-map.user.name=${security.user.name}
eureka.instance.metadata-map.user.password=${security.user.password}
but still getting 401 Unauthorized:
o.s.b.a.e.m.MvcEndpointSecurityInterceptor - Full authentication is required to access actuator endpoints. Consider adding Spring Security or set 'management.security.enabled' to false.
What am I missing? If I turn management.security.enabled off it works.
I want to expose a REST-ful service as an API to the outside world on Bluemix Public. Therefore I have a liberty app, containing a REST service implemented in JAX-RS.
Additionally I leverage the "API Management Service" to secure that app, via Plans, Authentication etc. So thanks to the API Management Gateway I have a secure proxy to my service exposed.
Yet, the app that provides my service remains accessible to the outside via the Bluemix route. So, it can be called without any credentials or whatsoever.
Is there a way, to only have my API Management gateway access the service implementation app?
One approach would be to delete the route of the service implementing app, but how would you then bind the API Management to the service?
Happy to hear your thoughts or alternative solutions.
If your API is running on Bluemix Public as a Cloud Foundry application, there is currently not a way to create a route such that it is only accessible by the API management service, but not the the outside world. You should implement security within your jax-rs application (easy to with web.xml security-constraint) and add those credentials to APIm service if you still want to use APIm to get monitoring, throttling, discovery, etc.
Another option would be to deploy the application in a VM and then use Secure Gateway to connect to it:
https://github.com/IBM-Bluemix/onprem-integration-demo