[英]Spring Cloud Config Server with Zookeeper or HashiCorp Vault Backend
My question relates to using either Zookeeper or Hashicorp's Vault as a back-end data store to Spring's Cloud Config Server. 我的问题与将Zookeeper或Hashicorp的Vault用作Spring的Cloud Config Server的后端数据存储有关。
We're currently running a number of Spring Boot micro-services that rely on a Spring Config Server to serve each service's configuration. 当前,我们正在运行许多Spring Boot微服务,这些服务依赖于Spring Config Server来服务每个服务的配置。 This works well and we have no issues with it.
这很好用,我们没有问题。
Initially, config server ran on the native profile and had the config files embedded in the application. 最初,配置服务器在本机配置文件上运行,并将配置文件嵌入到应用程序中。 This doesn't work as each time we make a configuration change to any of the applications we needed to redeploy config-server.
这不起作用,因为每次我们对重新部署config-server所需的任何应用程序进行配置更改时。
Using GIT is obviously more robust and we were in the process of switching to a standalone GIT backend when we were asked to look into using Zookeeper or Vault instead. 使用GIT显然更加健壮,当我们被要求研究使用Zookeeper或Vault时,我们正在切换到独立的GIT后端。
Which brings me the question:- is it at all possible to use Vault/Zookeeper as the back-end data store for Config Server without needing each application to talk to Vault/Zookeeper directly? 这给我带来了一个问题:-是否可以将Vault / Zookeeper用作Config Server的后端数据存储,而无需每个应用程序直接与Vault / Zookeeper进行对话?
Thanks 谢谢
Yes, it's possible to use a different backend (like Vault or SVN, called EnvironmentRepository
) in Spring Cloud Config without touching your clients. 是的,可以在Spring Cloud Config中使用其他后端(例如Vault或SVN,称为
EnvironmentRepository
),而无需接触客户端。
See the reference docs on more details. 有关更多详细信息,请参见参考文档 。
To update this: 更新此:
We switched out the Zookeeper backend for Consul instead as we were able to use SSL for the connection between Vault and Consul. 我们改用Consul的Zookeeper后端,因为我们能够使用SSL进行保险柜和Consul之间的连接。 This isn't currently available when using Zookeeper as the storage backend.
当使用Zookeeper作为存储后端时,当前不可用。
We now have a working configuration stack comprising of Consul, Vault and Spring Cloud Config Server with SSL enabled between all three. 现在,我们有了一个有效的配置堆栈,其中包括Consul,Vault和Spring Cloud Config Server,并且在这三个之间都启用了SSL。 Additionally, Consul and Vault are both running in a clustered mode with replication between all nodes in the cluster.
此外,Consul和Vault都以集群模式运行,并且在集群中的所有节点之间进行复制。
Working well thus far. 到目前为止运作良好。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.