I setup my services to use the spring cloud eureka based config server.
version info: spring cloud 1.0.1.RELEASE
When I set it up as a fixed endpoint, I can see that it gets the right configuration file and that I can access actuator endpoints like health, info etc. so a .../manage/info returns the correct information.
However when I set it up to use discovery, the same actuator endpoints timeout on trying got access them.
In each case the configuration file is retrieved and downloaded (included log file).
Is there an issue with how I setup config server and bookmark service (the service which uses the config server)?
My configuration server setting is as follows:
server:
port: 8888
contextPath: /configurationservice
eureka:
client:
registerWithEureka: true
fetchRegistry: true
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
leaseRenewalIntervalInSeconds: 10
statusPageUrlPath: /configurationservice/info
homePageUrlPath: /configurationservice/
healthCheckUrlPath: /configurationservice/health
preferIpAddress: true
spring:
cloud:
config:
server:
native:
searchLocations: file:/Users/larrymitchell/libertas/configserver/configfiles
The service bootstrap.yml settings are:
spring:
profiles:
default: development
active: development
application:
name: bookmarkservice
cloud:
config:
enabled: true # note this needs to be turned on if you wnat the config server to work
# uri: http://localhost:8888/configurationservice
label: 1.0.0
discovery:
enabled: true
serviceId: configurationservice
The application.yml settings are:
# general spring settings
spring:
application:
name: bookmarkservice
profiles:
default: development
active: development
# name of the service
service:
name: bookmarkservice
# embedded web server settings
# some of these are specific to tomcat
server:
port: 9001
# the context path is the part after http:/localhost:8080
contextPath: /bookmarkservice
tomcat:
basedir: target/tomcat
uri-encoding: UTF-8
management:
context-path: /manage
security:
enabled: false
eureka:
client:
registerWithEureka: true
fetchRegistry: true
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
statusPageUrlPath: /bookmarkservice/manage/info
homePageUrlPath: /bookmarkservice/manage
healthCheckUrlPath: /bookmarkservice/manage/health
preferIpAddress: true
The startup log for bookmark service is as follows:
2015-06-24 17:52:49.806 DEBUG 11234 --- [ main] o.s.web.client.RestTemplate : Created GET request for "http://10.132.1.56:8888/configurationservice/bookmarkservice/development/1.0.0"
2015-06-24 17:52:49.890 DEBUG 11234 --- [ main] o.s.web.client.RestTemplate : Setting request Accept header to [application/json, application/*+json]
2015-06-24 17:52:50.439 DEBUG 11234 --- [ main] o.s.web.client.RestTemplate : GET request for "http://10.132.1.56:8888/configurationservice/bookmarkservice/development/1.0.0" resulted in 200 (OK)
2015-06-24 17:52:50.441 DEBUG 11234 --- [ main] o.s.web.client.RestTemplate : Reading [class org.springframework.cloud.config.environment.Environment] as "application/json;charset=UTF-8" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter#2b07e607]
2015-06-24 17:52:50.466 INFO 11234 --- [ main] b.c.PropertySourceBootstrapConfiguration : Located property source: CompositePropertySource [name='configService', propertySources=[MapPropertySource [name='file:/Users/larrymitchell/libertas/configserver/configfiles/1.0.0/bookmarkservice-development.yml']]]
2015-06-24 17:52:50.503 INFO 11234 --- [ main] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext#5fa23965: startup date [Wed Jun 24 17:52:50 EDT 2015]; parent: org.springframework.context.annotation.AnnotationConfigApplicationContext#5cced717
2015-06-24 17:52:51.723 WARN 11234 --- [ main] .i.s.PathMatchingResourcePatternResolver : Skipping [/var/folders/kq/ykvl3t4n3l71p7s9ymywb4ym0000gn/T/spring-boot-libs/06f98804e83cf4a94380b46591b976b1d17c36b8-eureka-client-1.1.147.jar] because it does not denote a directory
2015-06-24 17:52:53.662 INFO 11234 --- [ main] o.s.b.f.config.PropertiesFactoryBean : Loading properties file from URL [jar:file:/Users/larrymitchell/libertas/vipaas/applicationservices/bookmarkservice/target/bookmarkservice.jar!/lib/spring-integration-core-4.1.2.RELEASE.jar!/META-INF/spring.integration.default.properties]
Ok, after talking it over with another coworker I figured out what the actual issue is.
Part of the confusion is that I am using the spring cloud (https://github.com/VanRoy/spring-cloud-dashboard) which is a great front end by the way. So when the service starts we see it for to discovery and retrieve the correct configuration file and load it. After I go to the spring cloud console and see a setting of UP which means that it is discovered and registered though discovery. There is a second status indicator which is when the spring cloud dashboard takes the registered endpoint and get health. In my issue the endpoint was showing up as UNKNOWN.
If I then use the endpoint that shows up in the console and try the info actuator endpoint then the request times out. This was the nature of my problem
Ok, so what was the issue?
Basically since I defined the in the application.yml and since when the service registers in bootstrap it does not know the port yet and then it picks a default of 8080 (my assumption since that is what it does). The server port is set in application.yml to 9001 but discovery sees a registration of 8080 so the spring cloud console cannot access the localhost:8080/bookmarkservice/manage/health since there is no service at that endpoint (which is at 9001 actually). Other services also cannot find the service.
By moving the server.port to bootstrap.yml then the correct endpoint of rate service is registered and the service properly accessible.
Related
How to correctly write to the config?
Information taken from here
https://altinity.com/blog/integrating-clickhouse-with-ldap-part-one
Operator
https://github.com/Altinity/clickhouse-operator
Unknown setting server: while parsing profile 'ldap' in users configuration file: while loading configuration file '/etc/clickhouse-server/users.xml'
settings:
# to allow scrape metrics via embedded prometheus protocol
prometheus/endpoint: /metrics
prometheus/port: 8888
prometheus/metrics: true
prometheus/events: true
prometheus/asynchronous_metrics: true
ldap_servers/ldap_test/host: host ldap
ldap_servers/ldap_test/port: 389
ldap_servers/ldap_test/bind_dn: DC=passport,DC=local
profiles:
ldap/server: ldap_test
DedupeResponseHeader is not working for me in Spring Cloud Greenwich.SR3, I have added CORS configuration in application.yml, and downstream application is also sending Access-Control-Allow-Origin in response header, which in ending up with:
The 'Access-Control-Allow-Origin' header contains multiple values 'http://localhost:4200, http://localhost:4200', but only one is allowed.
I have used DedupeResponseHeader but that is not working for me still seeing same error in browser console. Following is the config for CORS and DedupeResponseHeader:
spring:
cloud:
gateway:
default-filters:
- DedupeResponseHeader=Access-Control-Allow-Origin, RETAIN_UNIQUE
globalcors:
add-to-simple-url-handler-mapping: true
corsConfigurations:
'[/**]':
allowedOrigins: "http://localhost:4200"
allowedMethods: "*"
allowedHeaders: "*"
Tried in filters also, but also didn't work
spring:
cloud:
gateway:
routes:
- id: dedupe_response_header_route
uri: http://localhost:4200
predicates:
- Method=OPTIONS
- Method=GET
filters:
- DedupeResponseHeader=Access-Control-Allow-Origin
Couldn't figure out the reason why its not working, double checked the spring cloud version. I appreciate, if someone could help to understand why DedupeResponseHeader not working.
You can use the latest version of the spring cloud i.e. 2020.0.2 --- it is working perfectly there.
Problem
Does anyone know how to configure bootstrap.yml to tell Spring Cloud Vault to go to the correct path for k2 v2 and not try other paths first?
Details
I can successfully connect to my Vault, running k2 v2, but Spring Cloud will always try to connect to paths in the vault that don't exist, throwing a 403 on startup.
Status 403 Forbidden [secret/application]: permission denied; nested exception is org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden
The above path, secret/application, doesn't exist because k2 v2 puts data in the path. For example: secret/data/application.
This isn't a show-stopper because Spring Cloud Vault does check other paths, including the correct one that has the data item in the path, but the fact a meaningless 403 is thrown during startup is like a splinter in my mind.
Ultimately, it does try the correct k2 v2 path
2019-03-18 12:22:46.611 INFO 77685 --- [ restartedMain] b.c.PropertySourceBootstrapConfiguration : Located property source: CompositePropertySource {name='vault', propertySources=[LeaseAwareVaultPropertySource {name='secret/data/my-app'}
My configuration
spring.cloud.vault:
kv:
enabled: true
backend: secret
profile-separator: '/'
default-context: my-app
application-name: my-app
host: localhost
port: 8200
scheme: http
authentication: TOKEN
token: my-crazy-long-token-string
Thanks for your help!
Add the following lines in your bootstrap.yml, this disables the generic backend
spring.cloud.vault:
generic:
enabled: false
for more information https://cloud.spring.io/spring-cloud-vault/reference/html/#vault.config.backends.generic
In addition to the accepted answer it's important to turn off (or just remove) fail-fast option:
spring.cloud.vault:
fail-fast: false
spring.cloud.vault.generic.enabled is deprecated in spring-cloud 3.0.0, but the 403 error is still there. To disable the warning (by telling spring to use the exact context), this is what I used:
spring:
config:
import: vault://
application:
name: my-application
cloud:
vault:
host: localhost
scheme: http
authentication: TOKEN
token: my-crazy-long-token-string
kv:
default-context: my-application
Other configs were set to default (such as port = 8200, backend = secret, etc.)
We are developing a Boot-Admin dashboard using the codecentric provided library of spring-boot-admin-server version 1.4.5
Some of the applications are registering itself with the server via Eureka, and some directly using the spring-boot-admin-starter-client version 1.4.5.
All components are deployed on a PCF environment and are communication over HTTPS. In either ways, the applications though are able to register themselves with the admin sever but are showing up as OFFLINE only. There are no errors reported in the logs for any of the components viz. admin-server, admin-client, eureka-server, eureka-client.
However the only application showing as Up is the admin server itself.
The application properties for spring-boot-admin-client app to run in PCF is:
spring:
application:
name: bootadmin-ms-charlie
boot:
admin:
url: https://bootadmin-dashboard.abc.intl.com
ssl:
trust_store:
path: classpath:ssl/sslcacert.jks
password: a-password
As the result is same for both methods of registration, I've skipped putting the config here for apps registering via Eureka path to keep it simple.
The same is working perfectly fine locally, where the admin dashboard shows all the applications as expected.
Is there any configuration that needs to be done in specific to Cloud Foundry?
Or any obvious mistake that I might have made?
Any suggestions are most welcome.
---EDIT---
Here are the logs from SBA server showing that the communication between server and client is working okay. If these logs give any indication of an error, please point out.
OUT 2017-01-23 05:15:15.139 DEBUG 10 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing POST request for [/api/applications]
OUT 2017-01-23 05:15:15.151 DEBUG 10 --- [nio-8080-exec-1] m.m.a.RequestResponseBodyMethodProcessor : Read [class de.codecentric.boot.admin.model.Application] as "application/json;charset=UTF-8" with [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter#7df33a9f]
OUT 2017-01-23 05:15:15.163 DEBUG 10 --- [nio-8080-exec-1] o.s.w.s.m.m.a.HttpEntityMethodProcessor : Written [Application [id=3805ee6a, name=bootadmin-ms-charlie, managementUrl=http://23fcf304-82d6-44cd-7fce-2a5027de9f21:8080, healthUrl=http://23fcf304-82d6-44cd-7fce-2a5027de9f21:8080/health, serviceUrl=http://23fcf304-82d6-44cd-7fce-2a5027de9f21:8080]] as "application/json" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter#7df33a9f]
OUT 2017-01-23 05:15:15.166 DEBUG 10 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
OUT 2017-01-23 05:15:15.166 DEBUG 10 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Successfully completed request
OUT bootadmin-dashboard.abc-intl.com - [23/01/2017:05:15:15.140 +0000] "POST /api/applications HTTP/1.1" 201 302 308 "-" "Java/1.8.0_121" 60.16.25.20:43224 x_forwarded_for:"10.10.10.10" x_forwarded_proto:"https" vcap_request_id:a40159e4-543f-40e0-627e-e8f1e7688b99 response_time:0.034164523 app_id:adcc8a33-83f4-448d-9ae2-bf2a2b16ea72
OUT 2017-01-23 05:15:18.719 DEBUG 10 --- [ updateTask1] o.s.web.client.RestTemplate : Created GET request for "http://23fcf304-82d6-44cd-7fce-2a5027de9f21:8080/health"
OUT 2017-01-23 05:15:18.722 DEBUG 10 --- [ updateTask1] o.s.web.client.RestTemplate : Setting request Accept header to [application/json, application/*+json]
The logs from client are all clean. It throws warning of "Failed to refister" only when the server is down.
Based upon the discussion on https://github.com/codecentric/spring-boot-admin/issues/399 it has been found out that below properties are vital for SBA clients to work with Dashboard on Cloud Foundry or container based architecture:
spring:
boot:
admin:
client:
management-url: <complete management-url for the client>
health-url: <complete health endpoint url for the client>
service-url: <complete root/service url for the client>
This is due to the fact that, when a client registers itself with the
SBA server it uses the runC container ID to form its service url. Such url is not valid for the Cloud Foundry router. That results in failure of communication between SBA dashboard and the client later on, causing it to show as OFFLINE.
The other approach can be to go ahead with container IPs, using spring.boot.admin.client.prefer-ip=true. That would list all containers/CF instacnes on SBA but not give a clear picture of overall health of the complete app from a site/AZ. Also direct connection to containers is never encouraged in CF as per the principles of cloud-native app and 12-factors.
I'm trying to set up a couple of services using Spring Cloud and everything seems to work fine up until the moment I deploy the Eureka client services to Tomcat. When I call a service through my gateway app, I get the following error:
o.s.c.n.z.filters.post.SendErrorFilter : Error during filtering
com.netflix.zuul.exception.ZuulException: Forwarding error
...
Caused by: com.netflix.hystrix.exception.HystrixRuntimeException: hello timed-out and no fallback available.
...
Caused by: java.util.concurrent.TimeoutException: null
It works perfectly from eclipse however. It even works when I run the discovery and gateway services from Tomcat, and run the Eureka client service from eclipse. But as soon as I run the same service on tomcat, I get the error.
I'm using Brixton.M5, Java 8 and Tomcat 8.
Again, the code seems to work, the problem is it doesn't work after being deployed to Tomcat.
I have one Tomcat instance for the Discovery and Gateway services, and a second Tomcat instance for the Eureka client services.
Here's some code and config..
DiscoveryServerApp
#SpringBootApplication
#EnableEurekaServer
public class DiscoveryServerApp extends SpringBootServletInitializer
{
public static void main(String[] args)
{
SpringApplication.run(DiscoveryServerApp.class, args);
}
}
DiscoveryServer - application.yml
# Configure this Discovery Server
eureka:
instance:
hostname: discovery
client: # Not a client, don't register with yourself
registerWithEureka: false
fetchRegistry: false
serviceUrl:
defaultZone: http://localhost:1111/discovery/eureka/
server:
port: 1111 # HTTP (Tomcat) port
context-path: /discovery
DiscoveryServer - bootstrap.yml
spring:
application:
name: discovery
jmx:
default-domain: com.example.cloud.discovery
GatewayApplication
#SpringCloudApplication
#EnableZuulProxy
public class GatewayApplication extends SpringBootServletInitializer
{
public static void main(String[] args)
{
SpringApplication.run(GatewayApplication.class, args);
}
}
GatewayApplication - application.yml
# Discovery Server Access
eureka:
client:
serviceUrl:
defaultZone: http://localhost:1111/discovery/eureka/
instance:
instanceId: ${spring.application.name}:${spring.application.instance_id:${random.value}}
# HTTP Server
server:
port: 4444 # HTTP (Tomcat) port
context-path: /api
GatewayApplication - bootstrap.yml
# Spring properties
spring:
application:
name: gateway-service # Identify this application
jmx:
default-domain: com.example.cloud.gateway
encrypt:
failOnError: false
DummyApplication
#SpringCloudApplication
#RestController
public class DummyApplication extends SpringBootServletInitializer
{
public static void main(String[] args)
{
SpringApplication.run(DummyApplication.class, args);
}
#RequestMapping( path = "/hello-resource", method = RequestMethod.GET )
public String hello()
{
return "hello";
}
}
DummyApplication - application.yml
# Discovery Server Access
eureka:
client:
serviceUrl:
defaultZone: http://localhost:1111/discovery/eureka/
instance:
instanceId: ${spring.application.name}:${spring.application.instance_id:${random.value}} # Unique id for multiple instances
# HTTP Server
server:
port: 3333 # HTTP (Tomcat) port
context-path: /hello-context
DummyApplication - bootstrap.yml
# Spring properties
spring:
application:
name: hello-service # Service registers under this name
jmx:
default-domain: com.example.cloud.hello
encrypt:
failOnError: false
I figured it out by accident... turns out that the value of server.port needs to match the port of the Tomcat instance where it's deployed. It seems obvious now, but I thought Spring would somehow magically figure that out from the container it's running in. I guess it would be a good idea to read that configuration from an external location to handle different environments without having to make 'code changes'.
So anyways, the answer is: make sure your server.port in application.yml matches the port on the target container.
Thanks to everyone who took the time to help me with this!
You should point your bowser to port 4444 (gateway), not 1111 (eureka).
Ok, #SpringCloudApplication wraps #EnableDiscoveryClient which causes DummyApplication to register itself with Eureka on startup. You can confirm this is happening through the Eureka dashboard.
Assuming DummyApplication registers with Eureka as service name "hello-service", then Zuul / Ribbon will create a route for that service name. Thus, your "/hello-resource" endpoint should be proxied through Zuul at:
http://localhost:4444/api/hello-service/hello-resource/