当前位置:   article > 正文

Eureka2.0集群 高可用的认证服务实现与搭建

security eureka2.0

        Springboot-2.0.2.RELEASE Eureka认证后,服务注册失败问题。

        随着近几年微服务架构和Docker容器概念的火爆,也会让Spring Cloud在未来越来越“云”化的软件开发风格中立有一席之地,尤其是在目前五花八门的分布式解决方案中提供了标准化的、全站式的技术方案,意义可能会堪比当年Servlet规范的诞生,有效推进服务端软件系统技术水平的进步。

        SpringCloud Eureka是SpringCloud Netflix服务套件中的一部分,它基于Netflix Eureka做了二次封装,主要负责完成微服务架构中的服务治理功能。今天就来讲讲Eureka的高可用实现与搭建

MAVEN相关配置

  1. <parent>
  2. <groupId>org.springframework.boot</groupId>
  3. <artifactId>spring-boot-starter-parent</artifactId>
  4. <version>2.0.2.RELEASE</version>
  5. <relativePath/> <!-- lookup parent from repository -->
  6. </parent>
  7. <properties>
  8. <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  9. <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
  10. <java.version>1.8</java.version>
  11. <spring-cloud.version>Finchley.BUILD-SNAPSHOT</spring-cloud.version>
  12. </properties>
  13. <dependencies>
  14. <dependency>
  15. <groupId>org.springframework.cloud</groupId>
  16. <artifactId>spring-cloud-starter-netflix-eureka-server</artifactId>
  17. </dependency>
  18. <!-- 用于服务注入验证 -->
  19. <dependency>
  20. <groupId>org.springframework.boot</groupId>
  21. <artifactId>spring-boot-starter-security</artifactId>
  22. </dependency>
  23. </dependencies>

如果找不到包版本配置文件中加

  1. <dependencyManagement>
  2. <dependencies>
  3. <dependency>
  4. <groupId>org.springframework.cloud</groupId>
  5. <artifactId>spring-cloud-dependencies</artifactId>
  6. <version>${spring-cloud.version}</version>
  7. <type>pom</type>
  8. <scope>import</scope>
  9. </dependency>
  10. </dependencies>
  11. </dependencyManagement>

application.yml 相关配置

  1. spring:
  2. application:
  3. name: EUREKA
  4. --- #注意这里是三个"减号"
  5. spring:
  6. profiles: eureka1
  7. security:
  8. user:
  9. name: admin
  10. password: 123123
  11. server:
  12. port: 8001
  13. eureka:
  14. instance:
  15. hostname: eureka1
  16. client:
  17. serviceUrl:
  18. defaultZone: http://admin:123123@eureka2:8002/eureka/,http://admin:123123@eureka3:8003/eureka/
  19. fetch-registry: true
  20. register-with-eureka: true
  21. ---
  22. spring:
  23. profiles: eureka2
  24. security:
  25. user:
  26. name: admin
  27. password: 123123
  28. server:
  29. port: 8002
  30. eureka:
  31. instance:
  32. hostname: eureka2
  33. client:
  34. serviceUrl:
  35. defaultZone: http://admin:123123@eureka1:8001/eureka/,http://admin:123123@eureka3:8003/eureka/
  36. fetch-registry: true
  37. register-with-eureka: true
  38. ---
  39. spring:
  40. profiles: eureka3
  41. security:
  42. user:
  43. name: admin
  44. password: 123123
  45. server:
  46. port: 8003
  47. eureka:
  48. instance:
  49. hostname: eureka3
  50. client:
  51. serviceUrl:
  52. defaultZone: http://admin:123123@eureka1:8001/eureka/,http://admin:123123@eureka2:8002/eureka/
  53. fetch-registry: true
  54. register-with-eureka: true

从上面的配置可以看出我们配置了3个Euerka服务,端口号分别是8001和8002与8003。
验证的用户名和密码是:admin:123123

启动类代码

  1. import org.springframework.boot.SpringApplication;
  2. import org.springframework.boot.autoconfigure.SpringBootApplication;
  3. import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;
  4. @SpringBootApplication
  5. @EnableEurekaServer
  6. public class EurekaApplication {
  7. public static void main(String[] args) {
  8. SpringApplication.run(EurekaApplication.class, args);
  9. }
  10. }

到这代码就基本完了,本地已经可以运行了。

启动前先在hosts文件添加内容如下:

127.0.0.1 eureka1
127.0.0.1 eureka2
127.0.0.1 eureka3

先本地运行一下:run configurations

分别启动3个配置eureka1,eureka2,eureka3,启动后到浏览器输入:http://eureka1:8001/ 输入你的用户名和密码。

敲黑板: 页面中Instances currently registered with Eureka下面并没得注入的别的服务,各种搜索引擎各种收,没得个所以然,去掉Spring Security后问题解决,可以知道问题是Spring Security引起的,查看源码发现CSRF保护默认是开启的,可以禁用掉即可。

老版本代码

  1. security:
  2. basic:
  3. enabled: true
  4. user:
  5. name: admin
  6. password: 123123

新版本解决方案

添加一个配置类禁用csrf如下:(但是你会发现,注入服务确不需要密码了,说明失去了验证。)

  1. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  2. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
  3. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
  4. @EnableWebSecurity
  5. public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  6. @Override
  7. protected void configure(HttpSecurity http) throws Exception {
  8. http.csrf().disable();
  9. }
  10. }

完整的代码如下:

  1. @EnableWebSecurity
  2. public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  3. @Override
  4. protected void configure(HttpSecurity http) throws Exception {
  5. http.csrf().disable().authorizeRequests().anyRequest().authenticated().and().httpBasic();
  6. }
  7. }

完美的结果

再次启动三个eureka服务,如果一切都正确的话,结果入图下:

在Centos上运行的脚本

启动脚本:

  1. #!/bin/sh
  2. #启动服务
  3. APP_NAME=eureka-0.0.1-SNAPSHOT
  4. rm -f tpid
  5. nohup java -jar /data/apps/eureka/$APP_NAME --spring.profiles.active=eureka1> /data/apps/eureka/eureka1.log
  6. nohup java -jar /data/apps/eureka/$APP_NAME --spring.profiles.active=eureka2> /data/apps/eureka/eureka2.log
  7. nohup java -jar /data/apps/eureka/$APP_NAME --spring.profiles.active=eureka3> /data/apps/eureka/eureka3.log
  8. echo $! > tpid
  9. echo Start Success!

停止脚本:

  1. #!/bin/sh
  2. #停止服务
  3. APP_NAME=eureka-0.0.1-SNAPSHOT
  4. tpid=`ps -ef|grep $APP_NAME|grep -v grep|grep -v kill|awk '{print $2}'`
  5. if [ ${tpid} ]; then
  6. echo 'Stop Process...'
  7. kill -15 $tpid
  8. fi
  9. sleep 5
  10. tpid=`ps -ef|grep $APP_NAME|grep -v grep|grep -v kill|awk '{print $2}'`
  11. if [ ${tpid} ]; then
  12. echo 'Kill Process!'
  13. kill -9 $tpid
  14. else
  15. echo 'Stop Success!'
  16. fi

后面的脚本我自己没验证,我也不怎么会写脚本,如果那个大神提供更好的脚本,小编感激不尽

源码地址:https://gitee.com/bianxin.com/earn_knife/tree/master/eureka

欢迎加入技术讨论群:340697945      

转载于:https://my.oschina.net/bianxin/blog/1819947

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/我家小花儿/article/detail/794198
推荐阅读
相关标签
  

闽ICP备14008679号