Application-level monitoring solution Spring Boot Admin

1 Introduction

Spring Boot Admin is a commonly used monitoring method for projects. It can dynamically monitor whether the service is running and the running parameters, such as class calling and traffic. It is divided into server and client:

• server: Provide display UI and monitoring services.
• client: join the server, the project to be monitored.

At the same time, spring-boot-starter-actuator is often mentioned in the monitoring process. After the actuator is used, it will be probed inside the project and provide a series of monitoring API interfaces, such as heap memory and stack memory. The following data is provided by actuator.

If the enterprise develops a small project and does not want to choose Prometheus+Grafana, which is a resource-intensive and workload-intensive solution, Spring Boot Admin is your best choice.

As can be seen from the above figure, Spring Boot Admin can grasp basic indicators such as process, thread, memory, and whether the project is healthy. It has met the daily common needs. The following will introduce how to integrate Spring Boot Admin into daily projects,

2. Integrate springboot

For Spring Boot Admin to take effect, the server and client need to be deployed separately, which will be introduced separately below.

2.1 server side

2.1.1 Prepare the springboot project

First of all, you need to prepare the springboot project, whether you download it on git or create a new one.

2.1.2 Modify the pom file

Add the dependency information of Spring Boot Admin in pom.xml. Since the spring cloud alibaba ecology is used, the nacos package is also added here. Please choose to join.

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
            <optional>true</optional>
        </dependency>

        <dependency>
            <groupId>de.codecentric</groupId>
            <artifactId>spring-boot-admin-starter-server</artifactId>
            <version>2.2.0</version>
        </dependency>

        <!-- SpringCloud Alibaba Nacos -->
        <dependency>
            <groupId>com.alibaba.cloud</groupId>
            <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
        </dependency>
        <!-- SpringCloud Alibaba Nacos Config -->
        <dependency>
            <groupId>com.alibaba.cloud</groupId>
            <artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
        </dependency>
    </dependencies>

2.1.3 Modify the yml file

If the project is a new springboot project, you need to modify the yml configuration file before the project can start

server:
  port: 8008
  servlet:
    context-path: /monitor
spring:
  application:
    name: monitor-resource # Eureka页面显示

2.1.4 Modify the startup class

Add the @EnableAdminServer annotation to the Application startup class. Indicates that the item is server-side for monitoring.

@SpringBootApplication
@EnableAdminServer
public class MonitorApplication {
    
    

    public static void main(String[] args) {
    
    
        SpringApplication.run(MonitorApplication.class, args);
    }

}

After the above is over, the server side of Spring Boot Admin is configured, start the project, and access ip:端口/context-pathcan be accessed. According to the above configuration, we localhost:8088/monitorcan complete the visit. The following is the page style after successful deployment.

2.2. client side

If other springboot projects want to be monitored, they need to connect to the server service. The following will introduce how to configure it.

2.2.1 Modify the pom file

Add the dependency of Spring Boot Admin client to pom.xml.

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
        <dependency>
            <groupId>de.codecentric</groupId>
            <artifactId>spring-boot-admin-starter-client</artifactId>
            <version>2.2.0</version>
        </dependency>

2.2.2 Modify the yml file

In the case of context-path, you need to add spring.boot configuration, otherwise an error will be reported. This article comes with the configuration of nacos, please refer to the configuration information as needed.

server:
  port: 8008
  servlet:
    context-path: /monitor
spring:
  application:
    name: monitor-resource 
  boot:
    admin:
      client:
        api-path:
        url: http://127.0.0.1:8008/monitor  # 这里为server地址，如果有context-path需要加入
        instance:
          prefer-ip: true # 使用ip注册进来
        management-url: /monitor
  cloud:
    nacos:
      discovery:
        # 服务注册地址
        server-addr: ip:8848
        metadata:   # 如果有context-path需要加上，否者报错
          management:
            context-path: ${server.servlet.context-path}/actuator
      config:
        # 配置中心地址
        server-addr: ip:8848
        # 配置文件格式
        file-extension: yml
management:  # actuator配置
  endpoint:
    health:
      show-details: always
  endpoints:
    enabled-by-default: true
    web:
      exposure:
        include: '*'

The above completes the configuration of the Spring Boot Admin client. After starting, you can join the monitoring server service and visit the sever service again. The displayed page is as follows: the


data fed back through the page can already meet daily needs.

3.Security

For daily projects, a lot of information is confidential. If it is leaked to outsiders, it will cause great security problems. Because the monitoring platform includes important information such as server information and interface information, it is recommended to add password control. The following will introduce how to add password authentication to Spring Boot Admin.

3.1 Modify the pom file.

Here we open the server project, use Spring Security technology, and add dependency information.

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

4.2 Modify the application.xml file

Add spring.security configuration, here is the account password to access the monitoring platform.

spring:
  security:
    user:
      name: "admin"
      password: "1qaz@WSX"

4.3 New login and logout configuration

Avoid using the default access address to prevent other people from easily finding the monitoring entrance. Here, the access page is customized.

@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
    
    

    private final String adminContextPath;

    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
    
    
        this.adminContextPath = adminServerProperties.getContextPath();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
    
    
        // @formatter:off
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter( "redirectTo" );

        http.authorizeRequests()
                .antMatchers( adminContextPath + "/assets/**" ).permitAll()
                .antMatchers( adminContextPath + "/login" ).permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin().loginPage( adminContextPath + "/login" ).successHandler( successHandler ).and()
                .logout().logoutUrl( adminContextPath + "/logout" ).and()
                .httpBasic().and()
                .csrf().disable();
    }
}

After the above configuration is completed, restart the service and visit the address configured above again. You can find that you need to use the account password to log in.