带有Zookeeper或HashiCorp Vault后端的Spring Cloud Config Server

Question

My question relates to using either Zookeeper or Hashicorp's Vault as a back-end data store to Spring's Cloud Config Server.

We're currently running a number of Spring Boot micro-services that rely on a Spring Config Server to serve each service's configuration. This works well and we have no issues with it.

Initially, config server ran on the native profile and had the config files embedded in the application. This doesn't work as each time we make a configuration change to any of the applications we needed to redeploy config-server.

Using GIT is obviously more robust and we were in the process of switching to a standalone GIT backend when we were asked to look into using Zookeeper or Vault instead.

Which brings me the question:- is it at all possible to use Vault/Zookeeper as the back-end data store for Config Server without needing each application to talk to Vault/Zookeeper directly?

Thanks

Answer 1

Yes, it's possible to use a different backend (like Vault or SVN, called EnvironmentRepository ) in Spring Cloud Config without touching your clients.

See the reference docs on more details.

Answer 2

To update this:

We switched out the Zookeeper backend for Consul instead as we were able to use SSL for the connection between Vault and Consul. This isn't currently available when using Zookeeper as the storage backend.

We now have a working configuration stack comprising of Consul, Vault and Spring Cloud Config Server with SSL enabled between all three. Additionally, Consul and Vault are both running in a clustered mode with replication between all nodes in the cluster.

Working well thus far.