将 Spring Cloud Config Server 与 vault 后端集成,在 GET 请求上出现 I/O 错误,连接被拒绝
[英]Integrating Spring Cloud Config Server with vault backend giving I/O error on GET request with connection refused
问题描述
I am trying to make spring cloud config server work with vault backend.
我正在尝试使 spring 云配置服务器与 Vault 后端一起工作。 I am not trying to integrate with local copy of vault.我没有尝试与保险库的本地副本集成。 I have enterprise vault which I am trying to connect with.我有我正在尝试连接的企业保险库。 While doing so I am getting在这样做的同时,我得到
org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://mydomain:8200/v1/secret/data/configserver": Connect to mydomain:8200 [mydomain/10.223.213.6] failed: Connection refused: connect; nested exception is org.apache.http.conn.HttpHostConnectException: Connect to mydomain:8200 [mydomain/10.223.213.6] failed: Connection refused: connect
My application.yml is as shown below我的application.yml如下图
server:
port: 8888
spring:
application:
name: configserver
profiles:
active: vault
cloud:
config:
server:
vault:
host: mydomain
scheme: https
skipSslValidation: true
namespace: mynamespace
authentication: token
token: mytoken
kv-version: 2
My POM file is as below我的POM文件如下
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.0</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.project.medical</groupId>
<artifactId>config-server</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>Config-Server</name>
<description>Config-Server Demo Project</description>
<properties>
<java.version>11</java.version>
<spring-cloud.version>2021.0.3</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
Once the project is build I am trying to hit http://localhost:8888/configserver/default构建项目后,我尝试访问 http://localhost:8888/configserver/default
I dont understand how /8200/v1/secret/data is getting concatenated to my domain uri.我不明白 /8200/v1/secret/data 如何连接到我的域 uri。 I have tried to hit the service via postman and pass the "X-Config-Token" in the header but getting same exception.我试图通过邮递员访问服务并在标题中传递“X-Config-Token”但得到相同的异常。 I also removed the vault config dependency from POM after reading the spring documentation.在阅读了 spring 文档后,我还从 POM 中删除了 Vault 配置依赖项。 Any help to guide me in the right direction would be much appreciated.任何能指导我正确方向的帮助将不胜感激。 Thank You!谢谢你!
2 个解决方案
解决方案1
0 2022-06-09 17:20:17
I am not sure to understand correctly your problem.我不确定是否能正确理解您的问题。
But if you want to access within your config server a vault server on another port than the default one (8200).但是,如果您想在配置服务器中访问另一个端口上的保管库服务器,而不是默认端口 (8200)。
According to the spring cloud website here根据这里的spring cloud网站
You can try this config :你可以试试这个配置:
#You can change '8200' to the one you want
spring.cloud.config.server.vault.port=8200
解决方案2
0 已采纳 2022-06-10 16:15:06
Answering my own questions but found the solution to be very straight forward.回答我自己的问题,但发现解决方案非常简单。 Just follow the directions stated here and you should be just fine on your journey to make spring cloud config server work with vault backend.只需按照此处所述的说明进行操作,您就可以顺利地让 Spring Cloud 配置服务器与 Vault 后端一起使用。
In my application.yml just added kvVersion: 1, backend: "Vault directory under which your profile resides", defaultKey: "Profile directory inside which your secrets resdies"
在我的 application.yml 中刚刚添加了 kvVersion:1,后端:“您的配置文件所在的 Vault 目录”,defaultKey:“您的秘密所在的配置文件目录”Passed the cert.jks and its password as environment variables in the java run command.
在 java run 命令中将 cert.jks 及其密码作为环境变量传递。
java -jar spring-cloud-config-service.jar -Djavax.net.ssl.trustStore=C://MyProjects//spring-cloud-config-service//cert.jks -Djavax.net.ssl.trustStorePassword=changeit
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.