将Vault与Spring Cloud Config Server集成时,无法从Vault读取属性
将Vault与Spring Cloud Config Server集成时,无法从Vault读取属性
提问于 2019-09-08 14:30:09
我正在尝试将Spring boot配置服务器与git和vault一起使用,我的所有spring boot客户端应用程序都将通过传递vault配置令牌来通过配置服务器检索vault属性。
我使用的是spring boot 2.1.8.RELEASE,下面是我的spring boot配置服务器的POM.xml文件。
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.8.RELEASE</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
<groupId>com.ps.psc</groupId>
<artifactId>psc-config-server</artifactId>
<version>0.0.1</version>
<name>psc-config-server</name>
<description>Spring configuration server</description>
<properties>
<java.version>1.8</java.version>
<spring-cloud.version>Greenwich.SR2</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-bus-amqp</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-vault-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-monitor</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
bootstrap.yml文件
spring:
profiles:
active:
- git
- vault
cloud:
config:
enabled: true
server:
git:
order: 2
username: ********
password: ********
uri: https://*******@bitbucket.org/krushna/configuration.git
search-paths:
- payment*
vault:
host: 127.0.0.1
port: 8200
scheme: http
order: 1
skip-ssl-validation: true
kv-version: 1
vault:
authentication: TOKEN
token: s.PB5cAJ9WhOuWamIOuFVkzpbl
scheme: http
host: 127.0.0.1
port: 8200
config:
order: 1我的application.yml文件
server:
port: 7000
spring:
application:
name: configserver通过以上配置,我的配置服务器只能从GIT中读取属性,而不能从vault中读取。
在vault中,我编写了如下属性。
vault write secret/payment password=test@123如果我像下面这样进行curl调用
curl -X "GET" "http://127.0.0.1:7000/payment/default" -H "X-Config-Token: s.PB5cAJ9WhOuWamIOuFVkzpbl"我只是从git获取属性,回复如下。
{
"name": "payment",
"profiles": ["default"],
"label": null,
"version": "e9b941d22f6b7cd3083a731d168f78fa4ec0fc42",
"state": null,
"propertySources": [{
"name": "https://******@bitbucket.org/krushna/configuration.git/application.properties",
"source": {
"foofromGit": "bar"
}
}]
}我在这里做什么?我已经尝试了多个选项,比如不同的KV版本,只配置spring cloude config vault等。
编辑:
我已经使用了如下的vault conf。
backend "file" {
path = "vault"
}
listener "tcp" {
tls_disable = 1
}然后做卷曲到拱顶,我现在可以读取值了。
curl -X GET -H "X-Vault-Token:s.PB5cAJ9WhOuWamIOuFVkzpbl" http://127.0.0.1:8200/v1/secret/payment/响应:
{
"request_id": "35c8793e-3530-81c1-7917-3e922ef4065b",
"lease_id": "",
"renewable": false,
"lease_duration": 2764800,
"data": {
"password": "test@123"
},
"wrap_info": null,
"warnings": null,
"auth": null
}回答 1
Stack Overflow用户
回答已采纳
发布于 2019-09-08 19:03:46
我可以通过将git和spring cloude config vault配置细节从bootstrap.yml移动到application.yml来修复这个问题,如下所示。
bootstrap.yml
spring:
application:
name: configserver
cloud:
vault:
authentication: TOKEN
token: s.jyFarEyroi5pJNOxPnhT4f3D
scheme: http
host: 127.0.0.1
port: 8200
config:
order: 1Application.yml
server:
port: 7000
spring:
profiles:
active: git, vault
cloud:
config:
server:
git:
uri: https://krushna@bitbucket.org/krushna/configuration.git
search-paths:
- payment*
vault:
port: 8200
host: 127.0.01
skip-ssl-validation: true
scheme: http我仍然不清楚这是如何解决问题的?,我只知道bootstrap将首先加载,我正在从vault读取git凭据,然后application.yml获得了spring cloud config vault和git的其他详细信息。
任何关于这方面的解释都将受到欢迎
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/57839666
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号