Sunday, July 26, 2020

SBA (Spring Boot Admin Server) - Monitoring and Management of Microservice

Configuring SpringBootAdmin(SBA) Server to Monitor and Manage microservices


Suppose you have multiple microservices applications and you want to manage& monitor that such as if a service goes down, an email should trigger or you will get the notification on Slack, Hipchat, or any other. You want to monitor the application health status as well. SBA(Spring Boot Admin server) is the central point where we can achieve it.

The article shows how to set up and use the Spring Boot Admin Server. The sample code of the guide can be found over on GitHub.

What is Spring Boot Admin

Spring Boot Admin server is a web application that is used to manage and monitor your spring boot applications. Each application is considered as a client and registered to the admin server. It is a Codecentric's community project whose UI is just a Vue.js application on the top of the Spring boot actuators endpoints.


Setting Up SBA

  1. Setting up Spring Boot Admin Server

First of all, we need to set up the admin server. To do this, just setup a simple spring boot project (using start.spring.io) .  Spring boot admin server is capable of running as serlet or webflux application.  So we need to add the starter accordingly.In this example, we are using  Servlet web starter.
  • Add spring boot admin starter to your dependencies
pom.xml
<dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-starter-server</artifactId>
    <version>2.3.0-SNAPSHOT</version>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>
  • Pull the spring boot admin server configuration via adding  @EnableAdminServer to your configuration.
@Configuration
@EnableAutoConfiguration
@EnableAdminServer
public class SpringBootAdminApplication {
    public static void main(String[] args) {
        SpringApplication.run(SpringBootAdminApplication.class, args);
    }
}
  1. Setting up Clients(Enable MicroserServices to register)
To register our microservice with Spring boot admin server, we need to add the following dependency to pom.xml .
  • Add spring-boot-admin-starter-client to your dependencies:
  1. pom.xml
    <dependency>
        <groupId>de.codecentric</groupId>
        <artifactId>spring-boot-admin-starter-client</artifactId>
        <version>2.3.0-SNAPSHOT</version>
    </dependency>
  • Enable the SBA Client by configuring the URL of the Spring Boot Admin Server:

application.properties
spring.boot.admin.client.url=http://localhost:8080 
management.endpoints.web.exposure.include=*  
The URL of the Spring Boot Admin Server to register at.
As with Spring Boot 2, most of the endpoints aren’t exposed via HTTP by default, we expose all of them. For production, you should carefully choose which endpoints to expose.
You should carefully consider which monitoring endpoints you want to expose as they can expose sensitive data.

SBA Dashboard



Security
The spring boot admin server exposes the sensitive data(metric endpoints) of the registered client.  Currently these are not secured and can be accessed by anyone.

To prevent this we can use spring security. 
By default spring-boot-admin-server-ui provides a login page and a logout button.
Sever :
First we will focus on securing the server application. We need to add the starter dependency of spring security and dependency of admin server login module.




pom.xml
<dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-server-ui-login</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

Now the security has been enabled and login interface has been added to the admin application.
Then add spring security configuration to secure the application.


@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http
            .formLogin()
            .loginPage("/login")
            .permitAll();
        http
            .logout().logoutUrl("/logout").permitAll();
        http.csrf()
            .ignoringAntMatchers("/actuator/**", "/instances/**", "/logout");
        http
            .authorizeRequests()
            .antMatchers("/**/*.css", "/assets/**", "/third-party/**", "/logout", "/login")
            .permitAll();
        http
            .authorizeRequests()
            .anyRequest()
            .authenticated();
        http.httpBasic(); // Activate Http basic Auth for the server
    }
}

You will also need to add an initial user to access the pages.Add the following to application.properties:
application.properties
spring.security.user.name=admin 
spring.security.user.password=test

Clients :

To make client registerable, we need to provide these credentials in the application.properties file:
application.properties
spring.boot.admin.client.username=admin
spring.boot.admin.client.password=test
  1. Notifications(Mail, Slack, Hipchat, Let's Chat, MSTems, etc)
Spring boot admin(SBA) supports sending notifications from the admin server if something happens with our registered client state such as client service goes down etc. It supports the following notifications platforms :
  • Email
  • PagerDuty
  • OpdGenie
  • Hipchat
  • Slack
  • Let's chat
  • Microsoft Teams
  • Telegram
  • Discord
For example, we will integrate Slack and test if the Admin Server correctly sends notification about service is DOWN.
For that, you just need to let the admin server know about the slack channel.
spring.boot.admin.notify.slack.webhook-url=https://hooks.slack.com/services/<Channel_WebHook>
spring.boot.admin.notify.slack.channel=test
Now, we restart the admin server and simply shut down one of our client service. We receive a slack notification correctly.


Conclusion
In this article we discussed the simple steps that has to do , in order to monitor and manage the microservices with SBA server.Also you learnt, each spring boot application has to declare itself as a client and provide admin server url in configuration. After this admin server UI displays useful information about each of the client applications.
The sample code of this guide can be found over GitHub.

SpringBootAdmin resources

No comments:

Post a Comment