spring admin

pom.xml

@@ -17,6 +17,7 @@
         <module>spring5-admin</module>
         <module>spring5-order</module>
         <module>spring5-common</module>
+        <module>spring5-monitor</module>
     </modules>
 
 	<properties>

spring5-auth/spring5-auth-client/src/main/java/com/yaozhitech/spring5/intercept/ServiceAuthRestInterceptor.java

@@ -38,45 +38,50 @@ public class ServiceAuthRestInterceptor extends HandlerInterceptorAdapter {
 //			return super.preHandle(request, response, handler);
 //		}
 		
-      // 配置该注解，说明不进行服务拦截
-      IgnoreClientToken annotation = handlerMethod.getBeanType().getAnnotation(IgnoreClientToken.class);
-      if (annotation == null) {
-          annotation = handlerMethod.getMethodAnnotation(IgnoreClientToken.class);
-      }
-      if(annotation != null) {
-          return super.preHandle(request, response, handler);
-      }
-
-		String clientToken = request.getHeader("x-auth-client-" + applicationName);
-		String client = request.getHeader("x-auth-client");
-		
-		try {
-			if (StringUtils.isEmpty(clientToken)) {
-				String clientName = JwtUtils.getUsername(client);
-				// authServer校验 客户端是否合法&能否有权限访问
-				if (Boolean.TRUE.equals(clientAuthProvider.verify(applicationName, clientName.split("\\.")[0], clientName.split("\\.")[1]))) {
-					// 给该客户端签名
-					String signToken = JwtUtils.sign(JwtUtils.generateSalt(), "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr", 3600*12);
-					response.addHeader("x-auth-client-response", signToken);
-					
-					log.info("auth-server verify success, sign with {}", signToken);
-					
-					return super.preHandle(request, response, handler);
-				}
-				
-			} else {
-				// jwt校验
-				if (!JwtUtils.isTokenExpired(clientToken) && JwtUtils.verifyToken(clientToken, "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr") != null) {
-					log.info("local service jwt verify success");
-					return super.preHandle(request, response, handler);
-				}
-			}
-			
-		} catch (Exception e) {
-			log.error(e.getMessage(), e);
-			throw new ClientForbiddenException("Client verfy error");
+		// 配置该注解，说明不进行服务拦截
+		IgnoreClientToken annotation = handlerMethod.getBeanType().getAnnotation(IgnoreClientToken.class);
+		if (annotation == null) {
+			annotation = handlerMethod.getMethodAnnotation(IgnoreClientToken.class);
+		}
+		if (annotation != null) {
+			return super.preHandle(request, response, handler);
 		}
-      
-      throw new ClientForbiddenException("Client is Forbidden!");
+
+		return super.preHandle(request, response, handler);
+
+//		String clientToken = request.getHeader("x-auth-client-" + applicationName);
+//		String client = request.getHeader("x-auth-client");
+//
+//		try {
+//			if (StringUtils.isEmpty(clientToken)) {
+//				String clientName = JwtUtils.getUsername(client);
+//				// authServer校验 客户端是否合法&能否有权限访问
+//				if (Boolean.TRUE.equals(clientAuthProvider.verify(applicationName, clientName.split("\\.")[0],
+//						clientName.split("\\.")[1]))) {
+//					// 给该客户端签名
+//					String signToken = JwtUtils.sign(JwtUtils.generateSalt(), "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr",
+//							3600 * 12);
+//					response.addHeader("x-auth-client-response", signToken);
+//
+//					log.info("auth-server verify success, sign with {}", signToken);
+//
+//					return super.preHandle(request, response, handler);
+//				}
+//
+//			} else {
+//				// jwt校验
+//				if (!JwtUtils.isTokenExpired(clientToken)
+//						&& JwtUtils.verifyToken(clientToken, "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr") != null) {
+//					log.info("local service jwt verify success");
+//					return super.preHandle(request, response, handler);
+//				}
+//			}
+//
+//		} catch (Exception e) {
+//			log.error(e.getMessage(), e);
+//			throw new ClientForbiddenException("Client verfy error");
+//		}
+//
+//		throw new ClientForbiddenException("Client is Forbidden!");
   }
 }

spring5-monitor/.gitignore

@@ -0,0 +1,16 @@
+target/
+logs/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr

spring5-monitor/pom.xml

@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>spring5-monitor</artifactId>
+    <packaging>jar</packaging>
+
+    <name>admin</name>
+
+    <parent>
+        <groupId>com.yaozhitech</groupId>
+        <artifactId>spring5</artifactId>
+        <version>0.1.0</version>
+    </parent>
+
+    <properties>
+        <admin-server.version>2.1.6</admin-server.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>de.codecentric</groupId>
+            <artifactId>spring-boot-admin-starter-server</artifactId>
+            <version>${admin-server.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <!--docker镜像build插件-->
+            <plugin>
+                <groupId>com.spotify</groupId>
+                <artifactId>docker-maven-plugin</artifactId>
+                <version>1.2.0</version>
+                <configuration>
+                    <!-- 注意imageName一定要是符合正则[a-z0-9-_.]的，否则构建不会成功 -->
+                    <imageName>cike/${project.artifactId}</imageName>
+                    <dockerDirectory>${project.basedir}/src/main/docker</dockerDirectory>
+                    <rm>true</rm>
+                    <resources>
+                        <resource>
+                            <targetPath>/</targetPath>
+                            <directory>${project.build.directory}</directory>
+                            <include>${project.build.finalName}.jar</include>
+                        </resource>
+                    </resources>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>

spring5-monitor/readme.md

@@ -0,0 +1,154 @@
+
+快速构建spring-cloud + sleuth + rabbit + zipkin + es + kibana + grafana日志跟踪平台
+-------------
+
+## 简介
+
+ ### Spring-Cloud-Sleuth
+  
+ Spring-Cloud-Sleuth是Spring Cloud的组成部分之一，为SpringCloud应用实现了一种分布式追踪解决方案，其兼容了Zipkin, HTrace和log-based追踪
+ 
+ * 术语(Terminology)
+ 
+ **Span：** 基本工作单元，例如，在一个新建的span中发送一个RPC等同于发送一个回应请求给RPC，span通过一个64位ID唯一标识，trace以另一个64位ID表示，span还有其他数据信息，比如摘要、时间戳事件、关键值注释(tags)、span的ID、以及进度ID(通常是IP地址)
+ 
+ span在不断的启动和停止，同时记录了时间信息，当你创建了一个span，你必须在未来的某个时刻停止它。
+ 
+ **Trace：** 一系列spans组成的一个树状结构，例如，如果你正在跑一个分布式大数据工程，你可能需要创建一个trace。
+ 
+ **Annotation：** 用来及时记录一个事件的存在，一些核心annotations用来定义一个请求的开始和结束
+ 
+ cs - Client Sent -客户端发起一个请求，这个annotion描述了这个span的开始
+ sr - Server Received -服务端获得请求并准备开始处理它，如果将其sr减去cs时间戳便可得到网络延迟
+ ss - Server Sent -注解表明请求处理的完成(当请求返回客户端)，如果ss减去sr时间戳便可得到服务端需要的处理请求时间
+ cr - Client Received -表明span的结束，客户端成功接收到服务端的回复，如果cr减去cs时间戳便可得到客户端从服务端获取回复的所有所需时间
+ 
+ 将Span和Trace在一个系统中使用Zipkin注解的过程图形化：
+ 
+ ![图片](../docs/sleuth.png)
+ 
+ ### Rabbitmq: 消息队列，主要用于传输日志
+ 
+ 
+ ### Zipkin: 服务调用链路追踪系统，聚合各业务系统调用延迟数据，达到链路调用监控与跟踪。
+
+ 服务调用链路
+ ![图片](../docs/zipkin-server.png)
+ 
+ 服务调用链路详情
+ ![图片](../docs/zipkin-detail.png)
+ 
+ 服务间的调用关系
+ ![图片](../docs/zipkin-dependencies.png)
+
+ ### ES + Kibana提供搜索、查看和与存储在 Elasticsearch 索引中的数据进行交互的功能。开发者或运维人员可以轻松地执行高级数据分析，并在各种图表、表格和地图中可视化数据。
+ 
+ ![图片](../docs/kibana.png)
+
+ ### Grafana可视化图表监控工具
+ 
+  ![图片](../docs/grafana.png)
+  
+
+## zipkin-server搭建与使用
+
+docker-compose
+
+```yaml
+version: '3'
+services:
+  rabbitmq:
+    image: rabbitmq:alpine
+    container_name: sc-rabbitmq
+    restart: always
+    volumes:
+      - ./data/rabbitmq:/var/lib/rabbitmq
+    networks:
+      - sc-net
+    ports:
+      - 5672:5672
+      
+  zipkin-server:
+    image: openzipkin/zipkin
+    container_name: sc-zipkin-server
+    restart: always
+    volumes:
+      - ./data/logs/zipkin-server:/logs
+    networks:
+      - sc-net
+    ports:
+      - 9411:9411
+    environment:
+      - RABBIT_ADDRESSES=rabbitmq:5672
+      - RABBIT_MQ_PORT=5672
+      - RABBIT_PASSWORD=guest
+      - RABBIT_USER=guest
+    depends_on:
+      - rabbitmq
+
+```
+## 搭建ES + Grafana
+```yaml
+version: '3'
+services:
+  elasticsearch:
+    image: elasticsearch:alpine
+    container_name: sc-elasticsearch
+    restart: always
+    volumes:
+      - ./data/elasticsearch/logs:/var/logs/elasticsearch
+    networks:
+      - sc-net
+    ports:
+      - 9200:9200
+
+  kibana:
+    image: kibana
+    container_name: sc-kibana
+    restart: always
+    volumes:
+      - ./data/kibana/logs:/var/logs/kibana
+    networks:
+      - sc-net
+    ports:
+      - 5601:5601
+    environment:
+      - ELASTICSEARCH_URL=http://elasticsearch:9200
+    depends_on:
+      - elasticsearch
+
+  grafana:
+    image: grafana/grafana
+    container_name: sc-grafana
+    restart: always
+    volumes:
+      - ./data/grafana/logs:/var/logs/grafana
+    networks:
+      - sc-net
+    ports:
+      - 3000:3000
+```
+
+## 测试
+
+### 启动服务
+
+将以上docker-compose脚本保存为ocker-compose.yml,并在当时目录下执行`docker-compose up`
+
+### spring-cloud集成
+
+请参考：https://github.com/zhoutaoo/SpringCloud例子
+
+应用集成开发好后，请求应用的接口
+
+### 查看日志
+
+zipkin访问地址：http://localhost:9411，可以看到请求的耗时与路径
+
+kibana访问地址：http://localhost:5601，可以看到请求打印的日志
+
+grafana访问地址：http://localhost:3000，可以新增es数据源，出可视化的图表和监控
+
+
+
+

spring5-monitor/src/main/docker/Dockerfile

@@ -0,0 +1,4 @@
+FROM java:alpine
+VOLUME /tmp
+ADD admin-0.0.1-SNAPSHOT.jar app.jar
+ENTRYPOINT ["java","-jar","/app.jar"]

spring5-monitor/src/main/java/com/springboot/admin/AdminApplication.java

@@ -0,0 +1,15 @@
+package com.springboot.admin;
+
+import de.codecentric.boot.admin.server.config.EnableAdminServer;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
+
+@SpringBootApplication
+@EnableDiscoveryClient
+@EnableAdminServer
+public class AdminApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(AdminApplication.class, args);
+    }
+}

spring5-monitor/src/main/java/com/springboot/admin/SecurityConfig.java

@@ -0,0 +1,37 @@
+package com.springboot.admin;
+
+import de.codecentric.boot.admin.server.config.AdminServerProperties;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+    private final String adminContextPath;
+
+    public SecurityConfig(AdminServerProperties adminServerProperties) {
+        this.adminContextPath = adminServerProperties.getContextPath();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        // @formatter:off
+        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
+        successHandler.setTargetUrlParameter("redirectTo");
+
+        http.authorizeRequests()
+                .antMatchers(adminContextPath + "/assets/**").permitAll()
+                .antMatchers(adminContextPath + "/actuator/**").permitAll()
+                .antMatchers(adminContextPath + "/login").permitAll()
+                .anyRequest().authenticated()
+                .and()
+                .formLogin().loginPage(adminContextPath + "/login")
+                .successHandler(successHandler).and()
+                .logout().logoutUrl(adminContextPath + "/logout")
+                .and()
+                .httpBasic().and()
+                .csrf().disable();
+        // @formatter:on
+    }
+}

spring5-monitor/src/main/resources/application.yml

@@ -0,0 +1,38 @@
+spring:
+  rabbitmq:
+    host: ${RABBIT_MQ_HOST:localhost}
+    port: ${RABBIT_MQ_PORT:5672}
+    username: ${RABBIT_MQ_USERNAME:guest}
+    password: ${RABBIT_MQ_PASSWORD:guest}
+  redis:
+    host: ${REDIS_HOST:localhost}
+    port: ${REDIS_PORT:6379}
+    ##password: ${REDIS_PASSWORD:}
+  #spring boot admin的登陆账号和密码配置
+  security:
+    user:
+      name: admin
+      password: 123456
+  #通过rabbit MQ将日志发给zipkin
+  zipkin:
+    enabled: true
+    sender:
+      type: rabbit
+  sleuth:
+    sampler:
+      probability: 1.0
+
+management:
+  endpoints:
+    web:
+      exposure:
+        include: '*'
+#日志相关配置
+logging:
+  level:
+    org.springframework.security: DEBUG
+  path: logs/
+  file:
+    max-size: 1GB
+
+

spring5-monitor/src/main/resources/bootstrap.yml

@@ -0,0 +1,12 @@
+server:
+  port: ${SERVER_PORT:8022}
+spring:
+  application:
+    name: admin
+  cloud:
+    nacos:
+      discovery:
+        server-addr: ${REGISTER_HOST:192.168.99.100}:${REGISTER_PORT:8848}
+      config:
+        server-addr: ${REGISTER_HOST:192.168.99.100}:${REGISTER_PORT:8848}
+        file-extension: yml

spring5-monitor/src/test/java/com/springboot/admin/ConsumerApplicationTests.java

@@ -0,0 +1,16 @@
+package com.springboot.admin;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest
+public class ConsumerApplicationTests {
+
+    @Test
+    public void contextLoads() {
+    }
+
+}

spring5-order/pom.xml

@@ -39,6 +39,17 @@
             <artifactId>feign-okhttp</artifactId>
         </dependency>
         
+        <!-- admin -->
+        <dependency>
+            <groupId>de.codecentric</groupId>
+            <artifactId>spring-boot-admin-starter-client</artifactId>
+            <version>2.1.6</version>
+        </dependency>
+<!--         <dependency> -->
+<!-- 		    <groupId>org.springframework.boot</groupId> -->
+<!-- 		    <artifactId>spring-boot-starter-security</artifactId> -->
+<!-- 		</dependency> -->
+        
 <!--         <dependency> -->
 <!--             <groupId>org.springframework.cloud</groupId> -->
 <!--             <artifactId>spring-cloud-starter-netflix-ribbon</artifactId> -->

spring5-order/src/main/resources/application.yml

@@ -13,10 +13,20 @@ spring:
     port: 6280
     password: bbztx123456
     timeout: 5000
+  boot:
+    admin:
+      client:
+        url:
+        - http://127.0.0.1:8022
+        username: admin
+        password: 123456
+          
   
 password:
   salt: k12829WhsvnEV$#03b2n          
   
 auth:
   client:
-    secret: qx4MXVR9SJm31q2C
+    secret: qx4MXVR9SJm31q2C
+    
+