I am trying to see which health indicators get auto configured in spring boot actuator. i'm using spring boot 2.2.6, when I run my application locally and I navigate to /actuator/health I see "Status":"up". when I deploy my application on a openshift cluster however the status always shows down so i'm guessing one of the auto configured health indicators are failing. I use a custom JWT security implementation and it would be impossible to configure the Openshift readiness and liveness probes to use my security implementation. I tried all suggestions I could find on Stackoverflow to set the actuator health endpoint to show all details including setting management.endpoint.show-details to always, management.endpoints.sensitive to "*" or false, management.security.enabled to false etc etc. Nothing seems to work and i'm running out of ideas... i'm thinking that I manually need to start disabling all health checks and then re-enable them one by one to debug this? Any help/suggestions would be much appreciated, my latest management section of my application config file is below...
my config:
management:
security:
enabled: false
#defaults:
#enabled: false
#consul:
#enabled: false
endpoint:
health:
show-details: always
show-components: always
solr:
enabled: false
endpoints:
health:
sensitive: "*"
web:
exposure:
include: "*"
set
endpoints.health.sensitive : false
NOT "management.endpoints.health.sensitive".
It should help you to debug. Also
management.endpoint.health.show-details: always
in your setup there is a security level between management and endpoint.
Related
I'm trying to configure spring actuator metrics along with micrometer to be sent to Datadog stastd agent.
Still, I'd like to get them all sent with a tag, so that I can filter in my Datadog dashboard just my service metrics, and not considering other services metrics.
I've added:
management:
metrics:
tags:
application: my_app
to my service metrics configuration, but I can't see this tag value in Datadog dashboard. I'm not seeing anything weird in app logs nor actuator logfile neither.
I have nothing else regarding metrics in my service, as I don't want to implement custom metrics, just want to use the one provided by actuator.
This is how the whole metrics configuration looks like:
management:
metrics:
export:
statsd:
host: ${STATSD_AGENT_HOST}
port: ${STATSD_AGENT_HOST_PORT}
flavor: datadog
tags:
application: my_app
endpoints:
web:
exposure:
include: "*"
endpoint:
health:
show-details: ALWAYS
Versions:
micrometer version: 1.6.4
actuator version: 2.4.3
spring version: 2.3.8
Any clue about what I could be missing to get the tag reaching Datadog?
Thanks!
We figured this out in the comments, I'm posting an answer that summarizes it all up: it seems the root cause was using different versions of different spring-boot modules.
It is a good rule of thumb to not define the versions yourself but use BOMs and let them define the versions for you, e.g. see: spring-boot-dependencies. This way you will use the compatible (and tested) versions.
management.metrics.tags.your-tag is the way to add tags to all of your metrics. A good way to check this is looking at /actuator/metrics.
I have configured my spring boot application monitor-client to register to Eureka. I have a separate spring boot admin (SBA) application monitor that monitors all applications registered to Eureka.
If the context-path is not set in my application, everything is working fine. However if the context-path is set, SBA does not show correct information anymore. From the documentation it seems that I need to update the metadata properties of Eureka which I have done.
My monitor application is configured as follows:
application.properties:
spring.application.name=monitor-client
server.servlet.context-path=/monitor-client
server.port=9876
# Monitoring config
management.endpoints.web.exposure.include=*
eureka.instance.metadataMap.management.context-path=/monitor-client/actuator
My application is showing as 'offline' but I can browse all the details in the 'insight' tab. I suppose SBA correctly access the actuator endpoints but incorrectly uses the /health endpoint and I do not understand how that is possible?
If I go to the administration interface of SBA, I notice that the wrench endpoint and the health endpoint are not the same:
localhost:9876/monitor-client/actuator (wrench)
localhost:9876/actuator/health (health)
I've fiddled around with some settings but between the managment settings, the actuator settings and the eureka settings, I'm not sure which one is to be configured for this to work.
I've tried:
management.endpoints.web.base-path
eureka.instance.health-check-url-path
I'm currently using spring boot 2.1.2.RELEASE and matching version of SBA
Can you try with these configuration
server:
servlet:
context-path: /monitor-client
#management config
eureka:
instance:
health-check-url-path: /actuator/health
metadata-map:
management.context-path: /monitor-client/actuator
client:
serviceUrl:
defaultZone: ${EUREKA_SERVICE_URL:http://localhost:8761}/eureka/
management:
endpoint:
health:
show-details: always
endpoints:
web:
base-path: /actuator
exposure:
include: "*"
I'm deploying an application on SAP Cloud Foundry, with Spring Actuator 2.0 embedded but the endpoints are not showing up as expected. Only the default ones (health, info) are enabled.
The very same setup works locally and all desired endpoints are available. I'm even trying to explicitly enable them, even though documentation says they are already enabled by default.
There's no information on CF logs about any issues with the Actuator.
Here's my Actuator dependency on pom.xml:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
<version>2.1.2.RELEASE</version>
</dependency>
And here's my application.yml containing the Actuator setup, including explicit enablement of the endpoints.
management:
endpoint:
beans:
enabled: true
caches:
enabled: true
env:
enabled: true
health:
enabled: true
info:
enabled: true
loggers:
enabled: true
metrics:
enabled: true
endpoints:
web:
exposure:
include: beans, caches, env, health, info, loggers, metrics
Am I missing something? Couldn't find any hard restrictions about this on SAP CF as well.
I decided to re-create the application and now it seems to work.
I'm really not sure why a simple redeployment was not working and there was nothing about it in the logs.
The endpoints are there now and for reference, I'm using the same configuration above (I might try removing all the "enable" flags, though).
I am using spring boot 2.0.4 and want to expose my actuator endpoints. When adding the following to application.yml only info, health are being exposed.
management:
endpoints:
web:
exposure:
include: "*"
When I run http://localhost:8080/actuator I get
{"_links":{"self":{"href":"http://localhost:8080/actuator","templated":false},"health":{"href":"http://localhost:8080/actuator/health","templated":false},"info":{"href":"http://localhost:8080/actuator/info","templated":false}}}
Spring Boot 2.0 takes a slightly different approach to ensure web endpoints security. The majority of Web endpoints are now disabled by default (Only the /health and /info endpoints are exposed) and the management.security.enabled property has been removed. There is no longer a separate security auto-configuration for the Actuator, individual endpoints may be enabled/disabled and/or exposed via configuration in the application.properties file. For example:
# disable beans endpoint
management.endpoints.beans.enabled=false
# expose all endpoints:
management.endpoints.web.exposure.include=*
See additional info Spring official documentation: https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.0-Migration-Guide#endpoints
=
Getting forbidden error while accessing actuator running on different port other than application port using custom spring security configuration.
application.properties file
management.security.enabled=false
management.context-path=/manage
management.port=8085
server.context-path=/lnhcverifyhcp
server.port=8090
spring boot version - 1.3.3.RELEASE
Getting forbidden error on accessing actuator url's
I had the same issue, my mcAfee using that port. Actually 403 is from McAfee.
hit this url and see what you get - http://localhost:8081/
I'm assuming that you're using Spring Security with Spring Actuator. So, the configuration to escape the Actuator out the Security are:
endpoints:
health:
sensitive: false
management:
security:
enabled: false
Hope this help!
You can disable security on the management port by adding this to your application.properties file:
management.security.enabled=false
Or, set your own username and password:
See https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-monitoring.html