在生产环境中,需要实时或定期监控服务的可用性。spring-boot 的actuator(监控)功能提供了很多监控所需的接口。简单的配置和使用如下:

1、引入依赖:



[html] view plain copy

 


1. <dependency>  
2. <groupId>org.springframework.boot</groupId>  
3. <artifactId>spring-boot-starter-actuator</artifactId>  
4. </dependency>


如果使用http调用的方式,还需要这个依赖:



[html] view plain copy

 


1. <dependency>  
2. <groupId>org.springframework.boot</groupId>  
3. <artifactId>spring-boot-starter-web</artifactId>  
4. </dependency>



2、配置:

application.yml中指定监控的HTTP端口(如果不指定,则使用和server相同的端口):

 



management:
  port: 54001
  # close security. 关闭身份验证,否则无法查询出数据
  security:
    enabled: false



 

3、使用:

查看health指标:http://localhost:54001/health



[plain] view plain copy

 


1. {"status":"UP","diskSpace":{"status":"UP","total":120031539200,"free":33554337792,"threshold":10485760},"db":{"status":"UP","dataSource1":{"status":"UP","database":"MySQL","hello":1},"dataSource2":{"status":"UP","database":"MySQL","hello":1}}}


4、自定义指标:
4.1 /health:在某个类中implements HealthIndicator接口,然后实现其中的health()方法即可:

代码:

 



[java] view plain copy

 

1. @SpringBootApplication  
2. @EnableScheduling  
3. public class MySpringBootApplication implements HealthIndicator{  
4. private static Logger logger = LoggerFactory.getLogger(MySpringBootApplication.class);  
5.       
6. public static void main(String[] args) {  
7. class, args);  
8. "My Spring Boot Application Started");  
9.     }  
10.   
11. /** 
12.      * 在/health接口调用的时候,返回多一个属性:"mySpringBootApplication":{"status":"UP","hello":"world"} 
13.      */  
14. @Override  
15. public Health health() {  
16. return Health.up().withDetail("hello", "world").build();  
17.     }  
18. }



/health 运行结果(注意第二个指标):

{"status":"UP","mySpringBootApplication":{"status":"UP","hello":"world"},"diskSpace":{"status":"UP","total":120031539200,"free":33554337792,"threshold":10485760},"db":{"status":"UP","dataSource1":{"status":"UP","database":"MySQL","hello":1},"dataSource2":{"status":"UP","database":"MySQL","hello":1}}}

 

4.2 /info:配置如下,可以直接给一个字符串,也可以从pom.xml配置中获取

 



[plain] view plain copy

 


1. info:  
2.   app:  
3.     name: "@project.name@" #从pom.xml中获取  
4.     description: "@project.description@"  
5.     version: "@project.version@"  
6.     spring-boot-version: "@project.parent.version@"


/info的结果如下:

 

 

{"app":{"name":"my-spring-boot","description":"Test Project for Spring Boot","version":"1.0","spring-boot-version":"1.3.6.RELEASE"}}

 

 

官网:http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#production-ready

源代码参考:https://github.com/xujijun/my-spring-boot

 

 

----------------------------

 

 



异常情况:



 



  • 地址:http://localhost:8088/health


/health 只有status信息,没有其他 
  
   {"status":"UP"} 
 
• 地址:http://localhost:8088/metrics
 
  
   /metrics 提示没有权限 
  
   WhitelabelErrorPage
1. 
Thisfor/error,this.
1. 
MonNov2010:42:152017There(type=Unauthorized,=401).Fullthis.

 



 



解决办法【设置端点访问 】:



 



  • 方式1-关闭验证 



application.properties添加配置参数management.security.enabled=false


  • 方式2-开启HTTP basic认证 
  • 添加依赖    



<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency>


  • application.properties 添加用户名和密码


security.user.name=adminsecurity.user.password=123456management.security.enabled=truemanagement.security.role=ADMIN


  • 访问URL http://localhost:8080/env 后,就看到需要输入用户名和密码了。 



 



原因分析:



 



  • Actuator endpoints 【断点】:



1. 
Actuator.
1. 
SpringBoot-in endpoints and you can also add your own. 
1. 
For.
1. 
Actuator端点允许您监视和与您的应用程序进行交互。SpringBoot包含许多内置的端点,您也可以添加自己的端点。例如,端点提供基本的应用程序健康信息。
1. 
The.
1. 
Most,. For,default,/health.
1. 
端点的暴露方式取决于您选择的技术类型。大多数应用程序选择HTTP监视,其中端点的ID映射到一个URL。例如,默认情况下,health端点将被映射到/health。

 



The following technology agnostic endpoints are available:



ID

Description

Sensitive

 Default

actuator

Provides a hypermedia-based “discovery page” for the other endpoints. Requires Spring HATEOAS to be on the classpath.

为其他端点提供基于超媒体的“发现页面”。要求Spring HATEOAS在类路径上。

true

auditevents

Exposes audit events information for the current application.

公开当前应用程序的审计事件信息。

true

autoconfig

Displays an auto-configuration report showing all auto-configuration candidates and the reason why they ‘were’ or ‘were not’ applied.

显示一个auto-configuration的报告,该报告展示所有auto-configuration候选者及它们被应用或未被应用的原因

true

beans

Displays a complete list of all the Spring beans in your application.

显示一个应用中所有Spring Beans的完整列表

true

configprops

Displays a collated list of all @ConfigurationProperties.

显示一个所有@ConfigurationProperties的整理列表

true

dump

Performs a thread dump.

执行一个线程转储

true

env

Exposes properties from Spring’s ConfigurableEnvironment.

暴露来自Spring ConfigurableEnvironment的属性

true

flyway

Shows any Flyway database migrations that have been applied.

显示已应用的所有Flyway数据库迁移。

true

health

Shows application health information (when the application is secure, a simple ‘status’ when accessed over an unauthenticated connection or full message details when authenticated).

显示应用程序运行状况信息(应用程序安全时,通过未经身份验证的连接访问时的简单'状态'或通过身份验证时的完整邮件详细信息)。

false

info

Displays arbitrary application info.

显示任意的应用信息。

false

loggers

Shows and modifies the configuration of loggers in the application.

显示和修改应用程序中的记录器配置。

true

liquibase

Shows any Liquibase database migrations that have been applied.

显示已经应用的任何Liquibase数据库迁移。

true

metrics

Shows ‘metrics’ information for the current application.

显示当前应用程序的“指标”信息。

true

mappings

Displays a collated list of all @RequestMapping paths.

显示所有@RequestMapping路径的整理列表。

true

shutdown

Allows the application to be gracefully shutdown (not enabled by default).

允许应用程序正常关机(默认情况下不启用)。

true

trace

Displays trace information (by default the last 100 HTTP requests).

显示跟踪信息(默认最后100个HTTP请求)。

true



 



  • Accessing sensitive endpoints【访问敏感端点】



 



By default all sensitive HTTP endpoints are secured such that only users that have an ACTUATOR role may access them. 

Security is enforced using the standard HttpServletRequest.isUserInRole method.

(默认情况下,所有敏感的HTTP端点都是安全的,只有具有ACTUATOR角色的用户 可以访问它们。

安全性是使用标准HttpServletRequest.isUserInRole方法强制执行的 。)



Use.security.roles property if.


If you are deploying applications behind a firewall, you may prefer that all your actuator endpoints can be accessed without requiring authentication. 

You can do this by changing the management.security.enabled property:

application.properties. 

management.security.enabled=false

 



Bydefault,. Take care not to accidentally expose sensitive information 

  1. if.security.enabled property.

(默认情况下,执行器端点暴露在提供常规HTTP通信的相同端口上。注意不要在更改management.security.enabled属性时意外暴露敏感信息。)


If you’re deploying applications publicly, you may want to add ‘Spring Security’ to handle user authentication. 

When ‘Spring Security’ is added, by default ‘basic’ authentication will be used with the username user and a generated password (which is printed on the console when the application starts).

(如果您公开部署应用程序,则可能需要添加“Spring Security”来处理用户身份验证。

当添加“Spring Security”时,默认情况下,“基本”身份验证将与用户名user和生成的密码一起使用(在应用程序启动时在控制台上打印)。)



Generated.Searchfor‘Usingdefault’.生成的密码在应用程序启动时被记录。搜索“使用默认安全密码”。


You can use Spring properties to change the username and password and to change the security role(s) required to access the endpoints. 

For example, you might set the following in your application.properties:

security.user.name=admin
security.user.password=secret
management.security.roles=SUPERUSER

If your application has custom security configuration and you want all your actuator endpoints to be accessible without authentication, you need to explicitly configure that in your security configuration. Along with that, you need to change the management.security.enabledproperty to false.

(如果您的应用程序具有自定义安全配置,并且您希望所有执行器端点无需身份验证即可访问,则需要在安全配置中明确配置该端点。与此同时,你需要改变management.security.enabled 属性false。)

If your custom security configuration secures your actuator endpoints, you also need to ensure that the authenticated user has the roles specified under management.security.roles.

(如果您的自定义安全配置保护您的执行器端点,则还需要确保经过身份验证的用户具有在下指定的角色management.security.roles。)



If’t have a use casefor, and you have secured the actuator endpoints with custom 

  1. security,.security.enabled to false. 

ThisSpringBoot.(如果您没有用于向未经验证的用户公开基本健康信息的用例,并且已经使用自定义安全保护了执行器端点,则可以设置management.security.enabled 为false。这将通知Spring Boot跳过额外的角色检查。)