Currently, I am working on my company's microservices solution which uses Spring Cloud Edgware.SR1. This solution includes the following main flavors:
api-gateway(Zuul), service-discovery(Eureka), uaa, zipkin-server and business logic services.
I am trying to provide a good tracing for all requests in our system. In Zipkin UI I can see a trace for the request that starts in api-gateway, going through uaa to our business logic service. But requests to the Eureka are missing in the trace. Instead, there is a separate trace with a single span for service-discovery endpoint http://eureka/apps/**.
I had the same issue with uaa request to http://user/ endpoint and solved it by adding TraceRestTemplateInterceptor to our Oauth2 client.
However, I found it difficult to override EurekaHttpClient and add the mentioned interceptor.
Is there any other way to propagate trace id to Eureka Clients?
Related
I found many questions from several months back on Application Insights and Service Fabric and I'm wondering if there is any new information.
I would really like to get information for APIs (Stateful and state less service) response time, dependency, traces etc. In typical API, enabling and configuring the application insight with tracing and web api application insight, it shows the server response time, server requests and operation details.
Along with it, it will also have the dependency and tracing information. I would like to get same information for services running on the service fabric. I could add these by adding customize code using nuget like Microsoft.Diagnostics.EventListeners and Microsoft.Diagnostics.EventListeners.Fabric which allows to log the start and end with the custom code.Here are the links which I referred -
https://blogs.msdn.microsoft.com/cloud_solution_architect/2016/10/06/distributed-tracing-in-service-fabric-using-application-insights/
Application Insights in Service Fabric?
https://acom-feature-videos-twitter-card.azurewebsites.net/en-us/documentation/articles/service-fabric-diagnostics-application-insights-setup/
Thanks!
I have a situation, wherein, I have integrated, WSO2APIM, Identity Server, Microsoft ADFS2.0. Configured successfully so that MSADFS is acting as IdP, APIM acting as SP (with /publisher) as a service. Configuration worked fine when accessed(/publisher of APIM), ADFS presented LogonPage, all necessary SAML2.0 exchanges happened perfect and final page (/publisher) presented.
Now, the actual situation is, instead of accessing APIM service (/publisher), I need to access a POST Rest URL(Eg. APIMIP:Port/vendors/payments). This API is configured to hit backend API (Eg. BEIP:Port/vendors/payments).
1. In above situation, I need to pass the SAML authentication information or any other authorized info to actual BE, somehow.
2. How to achieve it.
We have a Zuul proxy (wraped with Spring Cloud/Boot) deployed that fetches configuration from the Spring Config Server. Every time I do changes in the routes I restart Zuul application and I wonder if there is a better approach that can be taken (like refresh of Zuul config information)? :)
Thank you,
You can issue a refresh command via rest:
curl -X POST http://<host>:<port>/refresh
I wrote a simple bash script that commits all my changes to the config file in the Git repository and then issue curl request to all my services.
If you wanted to be fancy you could write a script that first queries your Eureka server to get the list of all services and then refresh them all :)
Zuul Routes could be dynamically refreshed when configuring them in a Git backend for instance, fronted by Spring Cloud Config server and Spring Cloud Bus.
I have covered this scenario in a recent blog post Routing requests and dynamically refreshing routes using Spring Cloud Zuul Server
For #1, Spring cloud config introduced the #RefreshScope annotation which will expose the /refresh endpoint (over HTTP or JMX)
For #2, after '/refresh', spring cloud config will take the latest git commit, For the config changes, essentially there are two ways, 1) pull the changes 2) push the changes, spring cloud bus approach is based on the rabbitmq to push the config changes.
Check out this article
And this also
Many respositories such as github are able to configure Webhook POST endpoints.
Besides the previously mentioned way of manually executing a request to the /refresh endpoint, you could configure your github config repository to use the /request endpoint as the webhook endpoint. That way, you could automatically refresh the properties on push.
I want to integrate keycloak security features to my spring boot based rest apis.
I am using KeyCloak 1.3.1 Final.
Now this is pure rest based api and am doing my testing through postman
I have got my rest api secured and when i try to access it do asks me for authorization, but am not able to execute my request. basically am locked out of my api.
I will quickly list out things that I have already done
Created a spring boot rest api and tested it. It works fine.
Modified my gradle for KeyCloak and configured it as per this document
Configured my keyCloak for the "bearer only" application
I tried to generate access token, but I was not able to. Therefore I created another Client in keycloak with "confidential" and used this client to generate the access token (both the clients were pointing to same application. Am not sure if this is correct)
With this access token, I am trying to make api call but am getting 401
Again am using this document.
I am new to both keycloak and spring.
So what I want to ask here is how can we generate the access token for testing a rest api in a scenario like one which is here.
Any useful resource on KeyCloak that can help me out here. As of now I dont have a clue as to where the problem is? Is it with my api or with how I have configured the KeyCloak.
Also since I am new to spring and I just could not found a decent document on how to configure cloak for spring boot. If you can help with that as well.
Moving further on this I was informed on the KeyCloak mailing list that spring boot adapter only supports basic authentication, and so I decided to incorporate the spring security adapter itself.
I did that and when am running the application and providing creds am still not able to make it work. However something interesting is happening. I am being redirected to http://127.0.0.1:8090/sso/login
I double checked it and that is not the redirect url i have provided.
???
Any idea why?
(Once again am new to it and learning about spring and security on way through this project. So please bear with me.)
So after spending quite a good amount of time and getting some help from keycloak user list here is how i got it to work.
Use Spring Security instead of spring boost security adapter (as I have already mentioned in the the edit, boot adapter is only for basic authentication)
There documentation does a decent job of explaining out everything else refer to that.
I am still testing the whole thing and will document it out for future references.
There are two teams that are working on a REST service and a web client separably.
Is there a tool that scaffolds a REST service given a configuration can return a predetermined result for a URI+VERB combination?
Looking for the same thing. All I have found so far is this project SOAP/REST Mock Service
but I haven't tested it yet.