How to disable tomcat 8 websocket server endpoint autodiscovery - websocket

I need to do some processing on the endpoint classes before they can be deployed and then deploy them manually. However it seems simply having a class annotated with #ServerEndpoint in my war is enough to deploy the endpoint in Tomcat and when I try to manually deploy later obviously I can't because the URL has been deployed already. Is there any way to disable the autodiscovery of endpoints?

Looking at the source for the version I'm using - 8.0.28, there's no dedicated option. The code deploying the endpoints is in org.apache.tomcat.websocket.server.WsSci. The quickest 'shurest' hack is to put my endpoints into the javax.websocket package. I elected to use their ServerApplicationConfig hook instead which serves my purposes if with some minor issues.

Related

Spring Cloud Config Server on Pivotal Cloud Foundry

I have two microservices. A Spring Cloud Config Server and another module that implements Spring Cloud Config Client. When I use the default configuration for the Spring Cloud Config Server service (localhost:8888) I can start it locally without any issues, after which I can start my other module as well, using a bootstrap.yml, it clearly finds the Config Server, fetches its properties and starts properly. All good. Now I'd like to push both of these services to Pivotal Cloud Foundry.
The Config Server service works just fine, service is up and running in my Space, and using the browser I can verify that it can still fetch the property files from the specific GitHub repository.
The problem is the other module, the client. I've replaced the default localhost:8888 in its bootstrap.yml file (spring.cloud.config.url parameter) to the now active service in the cloud using the Route bound to it and tried to start it locally. Unfortunately now it simply timeouts during startup. At this point I tried to specify longer timeouts but nothing helps.
Interesting thing is that if I directly copy the URL from the logs that timeouts I see it works properly in the browser locally. So why not in IntelliJ when I try to package the client with the changed parameter?
Sorry, I can't include much details here, but I hope maybe there is a straightforward solution that I've missed. Thanks!

SpringBoot - Reload SSL Cert using Spring Cloud Config

I'm learning about using SSL Certificates with Spring Boot. Specially using Let's Encrypt ones.
They have the limitation of being expired after 3 months, so they should be renewed and as far as I know, when renewing the certificate we need to restart the Spring Boot app in order to make it load the new one instead.
Some time ago, I was playing around with Eureka and Zuul Gateway, to develop microservices... And I recall I also set a git repo to be used as a Spring Cloud Config. I do not remember well, I think we can use Spring Cloud Config without using the microservice arch.
So my question is: Can we use this Spring Cloud Config mechanism that reload properties to reload the SSL Certificate? The idea would be to trigger the properties reloading mechanism, and as the ssl is configured via those properties, I think maybe it can be reloaded.
I'm planning on automating the process of getting and renewing the Let's Encrypt certificate and avoid the downtime on my app.
Best regards!
SSL certs are applied at the JVM level - neither Spring Boot nor Spring Cloud Config has any control over this, and so to apply a new cert would require a restart of the JVM instance your app runs in, because you've updated your keystore. Being able to dynamically add certs without shutting down the JVM would be a major security flaw.
In the AWS ecosystem, the idea is that if you ever shut down your VM, you lose that VM, and the contents on it are gone forever. With Spring Cloud (Config, Zuul, Eureka) you can spin up VMs that get registered with Eureka via Config, and Zuul uses the info in Eureka to do the load balancing. So, the way it should be done is you spin up another VM with your Spring Boot instance with the updated cert, and kill off the older VM which evaporates thanks to AWS, and Zuul takes care of the dirty work of being a "reverse web proxy", routing the requests to the new web server as required.
The can of worms you open going this route is that now you have to implement 4 servers and a VPN to support them, your Zuul server becomes the target of external web requests, and you might need to look into the "circuit breaker" pattern on how to handle HTTP request failures - Hystrix is the next thing to look into.
With Digital Ocean, I'm not sure what you might have to do differently, but a JVM restart is unavoidable.
Actually, it depends. Certificates are applied on SSLContext level and SSLContext can be refreshed during runtime. It is completely possible to update the certificate in KeyStore and refresh the SSLContext, moreover, Tomcat has a special helper function reloadSslHostConfigs that helps you to do that.
So what you ask is completely doable:
Spring Cloud triggers certificate update event notification or via polling
Your application loads updated certificate either from Spring-Cloud or from some shared storage
Your application issues reloadSslHostConfigs, so that Tomcat updates its SSLContext
For implementation details of the certificate reloading, you can take a look at the letsencrypt-helper library. It allows generating and keeping-up fresh your LetsEncrypt certificate without JVM restart.

Recommended/Alternative ways of starting a Spring Boot app if config server is down?

Was wondering the recommended way of starting a spring boot app if the Spring cloud config server is temporarily down or unavailable. What would be the approach? I know of the retry configurations, but I am wondering if there is a way to have a 'replica' config server and use that as a failover (or something along those lines).
Sure, why not?
After all, spring-cloud-config server exposes rest API and all the interaction with spring boot microservices is done over HTTP.
From this point of view, you can scale out the spring cloud config server by providing more than one instance of it all are up-and-running and mapping them to one virtual IP.
If you're running in some kind of orchestrated environment (like kubernetes) it is a very easy thing to do.

Is it possible to deploy multiple Spring Boot applications to a server?

We can create restful API in spring boot jar file?
1)can we split multiple jar file in Apache server?
2) if we split multiple jar file how will identify which jar contain correct rest APIs
How spring boot jar file will work in server?
For Development Environment
You can configure ports via application.properties or via system properties.
Or with option to jvm --server.port=8081
So, there is no problem to run a few APIs on single machine with different ports.
You don't need Apache Server. Spring Boot has it's own embedded for you. So, you can easily use it.
Let's say you have two APIs.
localhost:8081 (Checkout Service)
localhost:8082 (Payment Service)
Hostname and port - it's your identification for each service.
When you trying to search something in Google.
You browser - it's a client.
And Google's servers - it's a server.
The same here. Checkout Service trying to delegate some job to Payment Service. So, Checkout Service - it's a client. And this client should know the address of Payment Service.
For Production Environment
You should think twice, how you will monitor performance, manage scalability and so on.

How to deploy a spring integration component?

I've developed a spring integration component that is to sit on a server and process messages coming in over an inbound RMI channel do some processing/filtering and then send out some messages over a different RMI channel.
Currently, for testing, I've been running it using a Main class that just loads the context, which sets up the inbound RMI gateway and it's working fine. But I don't think that this is appropriate for a production environment.
What is the best way to deploy this type of project to a server?
If I were working in a .Net I'd be deploying this type of application as a windows service, is that what I should be doing here?
The application that is sending me data is hosted in Tomcat, would it be a good idea to also run this application within the same Tomcat container (Current requirements are for both components to be on the same machine this may change)? And if so how?
I'm currently looking into Spring Boot, am I on the right path?
I think the best would be Spring Boot, as it's made to easily allow running different types of applications. Also, you don't need Tomcat if you can run the same component with a simple Main and not using UI. Spring Boot, also, has a sample using Spring Integration here, so you should be up and running in no time.

Resources