I am able to discover all services in my namespace and display them on spring boot admin but some of the clients have username/pass protection on some of the actuator endpoints. How can I get this information to spring boot admin via the kubernetes service discovery?
Asked
Active
Viewed 187 times
2 Answers
0
I was able to pass the client username and password by adding a tag in kubernetes service discovery of user.name and user.password for each client.
This isn't secure though because anyone with read access can read the metadata.
Is there a way to set a global user name and password for all clients?
Matt Savage
- 43
- 3
0
This configuration will define a default user for the actuator. This default user and password is passed to each actuator call:
spring:
boot:
admin:
# AdminServerProperties used by basicAuthHttpHeadersProvider
instance-auth:
default-user-name: myactuatoruser
default-password: myactuatorpw
Remark:
You need at least spring-boot-admin:2.2.3. Check for the appearance of these properties the ConfigurationClass AdminServerProperties.
Otherwise you might define your own HttpHeaderProvider. This is a copy of the 2.2.3 spring-boot-admin Code:
@Bean
@ConditionalOnMissingBean
public BasicAuthHttpHeaderProvider basicAuthHttpHeadersProvider(AdminServerProperties adminServerProperties) {
AdminServerProperties.InstanceAuthProperties instanceAuth = adminServerProperties.getInstanceAuth();
if (instanceAuth.isEnabled()) {
return new BasicAuthHttpHeaderProvider(instanceAuth.getDefaultUserName(),
instanceAuth.getDefaultPassword(), instanceAuth.getServiceMap());
}
else {
return new BasicAuthHttpHeaderProvider();
}
}
Matthias M
- 12,906
- 17
- 87
- 116