I'm using Spring Boot 1.5.1 with:
compile 'io.micrometer:micrometer-spring-legacy:1.0.6'
compile 'io.micrometer:micrometer-registry-prometheus:1.0.6'
Spring properties file:
management.security.enabled=true
endpoints.prometheus.enabled=true
endpoints.prometheus.sensitive=false
In my Prometheus config file I added basic_auth:
basic_auth:
username: username
password: passw0rd
In my [prometheusURL]/targets I keep getting:
server returned HTTP status 403
What is the proper way for Prometheus to authenticate each scrape of Spring metrics?
EDIT: I can pass through Spring Security with this command:
curl --cookie "SESSION=7f18cfe7-9a54-4fcf-9662-21d81247c705" http://localhost:8082/management/metrics
AFAIK in prometheus config file we can pass only basic_auth or bearer_token. There are no other options for headers.
Related
I am running Spring Cloud Dataflow on Kubernetes runtime.
Currently, I am using K8 secrets to manage secrets for the dataflow server, and skipper server. Going forward I want to use Spring Cloud Vault as a secrets manager.
Is there any support to configure vault secrets in dataflow and skipper servers?
SCDF Version: springcloud/spring-cloud-dataflow-server:2.10.0
Skipper Version: springcloud/spring-cloud-skipper-server:2.9.0
I enabled following configuration in
application.yaml
vault:
enabled: true
authentication: KUBERNETES
uri: http://<vault_host>
backend: secret
application-name: scdf-server
kubernetes:
role: internal-app
bootstrap.yaml
spring:
application:
name: scdf-server
I was expecting scdf-server to inject secrets from the vault kV backend, but it seems it's not activating the vault config.
Spring Cloud Vault isn't in the classpath of the standard build.
You can follow these instructions to add jar files to the containers.
I am just started with Kong API with One API
I am able to run kong api locally using its official docker image available.
And on other side I am having another Spring-Boot microservice locally running inside same Docker engine.
Problem : What configuration needs in kong api yaml file so that I can connect to my spring-boot microservice ?
My kong -api yaml file
services:
- name: control-service-integration
url: http://localhost:8080/
plugins:
- name: oneapi
config:
edgemicro_proxy: edgemicro_demo_v0
add_application_id_header: true
authentication:
apikey:
header_name: "x-api-key"
upstream_auth:
basic_auth:
username: username
password: password
routes:
- name: control-service-route
request_buffering: false
response_buffering: false
paths:
- /edgemicro-demo-v0
From kon-one api service i am getting always 502 Bad Gateway error.
Let me know if anything information required.
I found the solution for this
in above YAML
services:
- name: control-service-integration
url: http://localhost:8080/
add this value in-front of url section http://host.docker.internal:8080/ after doing lot of trials and errors finally now I am able to connect my app which is running on host.
I’m trying to access the credentials kept at a vault location through spring boot, I have roleID , secretID, nameSpace, vaultPath & address given to me.
The credentials are kept at a specific vault path.
I am trying to configure this in application.yml, but it fails, also trying to figure out where to specify the vault path.
application.yml:
spring:
application:
name: DIT
spring.cloud.vault:
authentication: APPROLE
scheme: https
uri: <uri>
namespace:
app-role:
role-id:
secret-id:
For one of our customer, who is using Spring Boot version 2.0.0 Release, we have Spring cloud config server with native settings. For local development, we want to disable spring cloud config server so that other spring boot micro-services can use application-local.yml settings.
I tried below options but its not working
Setting spring.cloud.config.enabled=false in bootstrap.yml file
Setting -Dspring.profiles.active="local"
When I run the micro-services, it is still looking for config server. Any inputs.
Can not remove the dependency of config-starter reference in gradle file as a workaround
These are the configurations that worked for me. I'm using Eureka service to find where the config server is.
spring:
cloud:
config:
enabled: false
discovery:
enabled: false
eureka:
client:
enabled: false
to run the local service without loading props from any remote config server you need to disable the bootstrap file and config.
resources/bootstrap.yml --> resources/application.yml
with this springboot will load your application.yml by default.
How can I config different username/password for spring cloud config for each application.
I need that one application can't read the configuration of other application.
I can set an user/password but is for all:
security:
user:
name: account
password: mypassword