Public | Automated Build

Last pushed: 2 months ago
Short Description
A docker image of Spring Cloud Config Server
Full Description

Spring Cloud Config Server

A docker image of Spring Cloud Config Server.




Usage

docker run -it --name=spring-cloud-config-server \
      -p 8888:8888 \
      -v </path/to/config>:/config \
      hyness/spring-cloud-config-server

Parameters

  • -p 8888 Server port
  • -v /config Mounted configuration

Configuring Spring Cloud Config Server

Spring Cloud Config Server is a normal Spring Boot application, it can be configured through all the ways a Spring Boot application can be configured. You may use environment variables or you can mount configuration in the provided volume. The configuration file must be named application and may be a properties or yaml file. See the Spring Boot documentation for further information on how to use and configure Spring Boot.

Configuration examples

# Using a mounted config Directory
docker run -it -p 8888:8888 \
      -v /path/to/config/dir:/config \
      hyness/spring-cloud-config-server

# Using a mounted application.yml
docker run -it -p 8888:8888 \
      -v /path/to/application.yml:/config/application.yml \
      hyness/spring-cloud-config-server

# Configure through environment variables without a configuration file
docker run -it -p 8888:8888 \
      -e SPRING_CLOUD_CONFIG_SERVER_GIT_URI=https://github.com/spring-cloud-samples/config-repo \
      hyness/spring-cloud-config-server

# Configure through command line arguments without a configuration file
docker run -it -p 8888:8888 \
      hyness/spring-cloud-config-server \
      --spring.cloud.config.server.git.uri=https://github.com/spring-cloud-samples/config-repo

Verify Samples Above

$ curl http://localhost:8888/foo/development

Required Backend Configuration

Spring Cloud Config Server requires that you configure a backend to serve your configuration files. There are currently 3 backends to choose from...

Git

# Github example
docker run -it -p 8888:8888 \
      -e SPRING_CLOUD_CONFIG_SERVER_GIT_URI=https://github.com/spring-cloud-samples/config-repo \
      hyness/spring-cloud-config-server

# Local git repo example
docker run -it -p 8888:8888 \
      -v /path/to/config/files/dir:/config \
      -e SPRING_CLOUD_CONFIG_SERVER_GIT_URI=file:/config/my-local-git-repo \
      hyness/spring-cloud-config-server

Filesystem

docker run -it -p 8888:8888 \
      -v /path/to/config/files/dir:/config \
      -e SPRING_PROFILES_ACTIVE=native \
      hyness/spring-cloud-config-server

Vault

docker run -it -p 8888:8888 \
      -e SPRING_PROFILES_ACTIVE=vault \
      hyness/spring-cloud-config-server
Docker Pull Command
Owner
hyness

Comments (8)
petromir
4 months ago

Sorry, my mistake! It was configuration issue related to ENCRYPT_KEY environment variable.

hyness
4 months ago

@petromir

This image does include full strength encryption. The following class shows the maximum key length...

package org.hyness.jce;

import java.security.NoSuchAlgorithmException;

import javax.crypto.Cipher;

public class JceTest {
    public static void main(String[] args) throws NoSuchAlgorithmException {
        System.out.printf("Key length: %d%n", Cipher.getMaxAllowedKeyLength("AES/CBC/PKCS5Padding"));
    }
}

The default length is 128, but this image has 2147483647. See the link below for more info...
https://stackoverflow.com/questions/7953567/checking-if-unlimited-cryptography-is-available

petromir
4 months ago

According to https://cloud.spring.io/spring-cloud-config/spring-cloud-config.html#_encryption_and_decryption you need JCE installed if the ecryption capabilities are desired.

maven:alpine doesn't contain JCE, but anapsix/alpine-java:8_server-jre_unlimited does.

Could you please switch to the latter?

hyness
8 months ago

I hadn't previously used native file system configuration before, but I tested it and it's definitely picking up native files from the /config volume.

I ran the container as follows

$ docker run --rm -it -p 8888:8888 -e SPRING_PROFILES_ACTIVE=native \
-v ~/Documents/workspace/spring-cloud-config-server/config:/config \
hyness/spring-cloud-config-server

To verify its not using the remote git, I ran the following curl against the config directory with only my application .yml

$ curl http://localhost:8888/foo/development
{"name":"foo","profiles":["development"],"label":null,"version":null,"state":null,"propertySources":[{"name":"file:config/application.yml","source":{"info.component":"Config Server","spring.application.name":"configserver","spring.jmx.default_domain":"cloud.config.server","spring.cloud.config.server.git.uri":"https://github.com/spring-cloud-samples/config-repo","management.context_path":"/admin"}}]}

Now, I placed the foo.properties and foo.development.properties into my /config volume

$ curl http://localhost:8888/foo/development
{"name":"foo","profiles":["development"],"label":null,"version":null,"state":null,"propertySources":[{"name":"file:config/foo-development.properties","source":{"bar":"spam","foo":"from foo development"}},{"name":"file:./config/foo-development.properties","source":{"bar":"spam","foo":"from foo development"}},{"name":"file:config/foo.properties","source":{"democonfigclient.message":"hello spring io","foo":"from foo props"}},{"name":"file:config/application.yml","source":{"info.component":"Config Server","spring.application.name":"configserver","spring.jmx.default_domain":"cloud.config.server","spring.cloud.config.server.git.uri":"https://github.com/spring-cloud-samples/config-repo","management.context_path":"/admin"}},{"name":"file:./config/foo.properties","source":{"democonfigclient.message":"hello spring io","foo":"from foo props"}}]}

As far as I can tell, this seems to be working as expected.

marcellodesales
8 months ago

Your suport for File-system configuration is broken... The "/config" directory is set as a volume somewhere and I can't load my local directory.

In order to pass this, I needed to create a volume somewhere and add https://cloud.spring.io/spring-cloud-config/spring-cloud-config.html#_file_system_backend

-e SPRING_CLOUD_CONFIG_SERVER_NATIVE_SEARCH_LOCATIONS: file:/config2
-e SPRING_PROFILES_ACTIVE: native

  • v /home/mdesales/dev/github/company/servicesplatform-tools/spring-cloud-config-onboarding-config:/config2

This is the only way to get the configs loaded... The paths are the same and they are referred to as "config2" in their paths.

$ curl localhost:8888/config_onboarding/dev | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  3706    0  3706    0     0  41807      0 --:--:-- --:--:-- --:--:-- 42113
{
  "name": "config_onboarding",
  "profiles": [
    "dev"
  ],
  "label": null,
  "version": null,
  "state": null,
  "propertySources": [
    {
      "name": "file:/config2/config_onboarding-dev.yml",
      "source": {
        "jsk.servlet.lastmile.audience": "https://sp-service-30-dev-qydc.platform.company.net",
        "jsk.servlet.lastmile.enabled": false
      }
    },
...
...
marcellodesales
8 months ago

@Alzamabar,

Your users should be providing a personal token, without a password, to be able to fetch the properties from the config server...

-e SPRING_CLOUD_CONFIG_SERVER_GIT_URI: https://github.company.com/servicesplatform-tools/spring-cloud-config-publisher-config
-e SPRING_CLOUD_CONFIG_SERVER_GIT_USERNAME: f4d24eed3909ad8766e29fd2500e80cb33d153a8
-e SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD: ""

Make sure to provide the PASSWORD as an empty value or else it will fail to fetch.

hyness
9 months ago

I'm not sure I understand your comment. I don't understand what you mean by securing the service for logging to github. Can you open an issue on the github source repository with more details? Thanks.

alzamabar
9 months ago

What about securing the Spring Cloud service with credentials for both logging to GITHUB and for clients to access it?