For security purposes, I'd like to have javamelody running on my app management port, not the main traffic port. This is a 1.5.13 spring boot app running jetty with some actuator endpoints enabled. I have set the actuator property management.port to something other than the server.port.
I can run javamdelody in a standalone jetty server on a third port using an approach like this github project. But three ports is a little wieldy in a micro-service context.
This stackoverflow post has answers for Tomcat, but not for Jetty. Any suggestions to run javamelody on the management port with Jetty?
Related
I have a http rest server written using spring boot application. I want to use port unification(http and https request), Something similar to one provided by jetty.
https://www.eclipse.org/jetty/documentation/jetty-10/programming-guide/index.html#pg-server-io-arch-connection-factory-detecting
Is it possible to do something similar in spring boot application?
My application is similar to one in the spring tutorial here. https://spring.io/guides/tutorials/rest/
Here're my case:
I'll use webflux starter and the default reactor netty server to serve my webflux app via 8080.
I'll use an embedded tomcat to serve my internal admin app which is servlet based, say on 7070.
Does spring boot support this by simply applying some properties settings?
I just checked:
If I have both starter-webflux and starter-tomcat, the tomcat will win at 8080.
If I change server.port = 7070, tomcat will start at 7070 and netty is still ignored.
Thanks
Leon
After reading up on the Spring Boot Actuator features, specifically the health endpoint, I've found it quite useful for implementing docker container health checks for some of my services.
However some of my services are not webapps, and it seems like overkill to enable HTTP just to allow the container to check the app is up and running. Looking through the options, actuator seems to support HTTP endpoints, JMX, and SSH/Telnet, though that last one apparently requires you to be running a JDK, and is going away in boot 2.0.
Are there any established ways of doing container healthchecks for non-web spring boot apps?
I'm using the actuator sub project in my spring boot application. I configured the address and the port of the actuator management functions in the application.properties to separate the monitoring traffic from the production traffic.
management.address=127.0.0.1
management.port=8081
Additionally I want to use java melody and I want to provide the java melody dashboard on the same connection pool as the actuator endpoints. So finally the java melody dashboard should be provided by localhost:8081/monitoring, not(!) by localhost:8080/monitoring.
How can I do that?
You can now use the spring-boot management port (e.g. 8081) for the monitoring page instead of the application http port (e.g. 8080), since javamelody-spring-boot-starter 1.76.
See doc:
https://github.com/javamelody/javamelody/wiki/SpringBootStarter#configuration-in-case-of-management-port
I'm developing a webapplication with Spring-boot using embedded tomcat.
One of the requirements of this app is 2-way SSL (clientAuth).
Enabling ClientAuth is easy enough however we also like to use spring-boot Actuator for management of the app on a different port without clientAuth.
Is there is a clean way to do this?
(Disabling SSL on the actuator endpoints would also be enough)
According to latest spring docs, you can use
management.server.port=8080
management.server.ssl.enabled=false
in the properties to configure the management ports. see production-ready-management-specific-ssl in the spring boot doc for more options.