Monitoring and Management Over HTTP

如果您正在开发 Web 应用程序,Spring Boot Actuator 会自动配置所有已启用的 endpoin,以在 HTTP 中公开。默认约定是将 endpoin 的 id`用作 URL 路径的前缀 `/actuator。例如,`health`作为 `/actuator/health`公开。

If you are developing a web application, Spring Boot Actuator auto-configures all enabled endpoints to be exposed over HTTP. The default convention is to use the id of the endpoint with a prefix of /actuator as the URL path. For example, health is exposed as /actuator/health.

在 Spring MVC、Spring WebFlux 和 Jersey 中本地支持 Actuator。如果 Jersey 和 Spring MVC 均可用,则使用 Spring MVC。

Actuator is supported natively with Spring MVC, Spring WebFlux, and Jersey. If both Jersey and Spring MVC are available, Spring MVC is used.

Jackson 是一个必需的依赖项,以便获取 API documentation中记录的正确的 JSON 响应。

Jackson is a required dependency in order to get the correct JSON responses as documented in the API documentation.

Customizing the Management Endpoint Paths

有时自定义管理 endpoin 的前缀是很有用的。例如,您的应用程序可能已出于其他目的使用了 /actuator。您可以使用 configprop:management.endpoints.web.base-path[] 属性来更改管理 endpoin 的前缀,如下例所示:

Sometimes, it is useful to customize the prefix for the management endpoints. For example, your application might already use /actuator for another purpose. You can use the configprop:management.endpoints.web.base-path[] property to change the prefix for your management endpoint, as the following example shows:

management:
  endpoints:
    web:
      base-path: "/manage"

前面的 application.properties`示例将 endpoin 从 `/actuator/{id}`更改为 `/manage/{id}(例如,/manage/info)。

The preceding application.properties example changes the endpoint from /actuator/{id} to /manage/{id} (for example, /manage/info).

如果管理端口未配置为 expose endpoints by using a different HTTP port,那么 management.endpoints.web.base-path 相对于 server.servlet.context-path(对于 servlet Web 应用程序)或 spring.webflux.base-path(对于反应式 Web 应用程序)。如果配置了 management.server.port,则 management.endpoints.web.base-path 相对于 management.server.base-path

Unless the management port has been configured to expose endpoints by using a different HTTP port, management.endpoints.web.base-path is relative to server.servlet.context-path (for servlet web applications) or spring.webflux.base-path (for reactive web applications). If management.server.port is configured, management.endpoints.web.base-path is relative to management.server.base-path.

如果您想将端点映射到不同的路径,则可以使用 configprop:management.endpoints.web.path-mapping[] 属性。

If you want to map endpoints to a different path, you can use the configprop:management.endpoints.web.path-mapping[] property.

以下示例将 /actuator/health 重新映射到 /healthcheck

The following example remaps /actuator/health to /healthcheck:

management:
  endpoints:
    web:
      base-path: "/"
      path-mapping:
        health: "healthcheck"

Customizing the Management Server Port

通过使用默认 HTTP 端口来公开管理端点对于基于云的部署来说是一个明智的选择。但是,如果您的应用程序在自己的数据中心内运行,则您可能更希望通过使用不同的 HTTP 端口来公开端点。

Exposing management endpoints by using the default HTTP port is a sensible choice for cloud-based deployments. If, however, your application runs inside your own data center, you may prefer to expose endpoints by using a different HTTP port.

您可以设置 configprop:management.server.port[] 属性来更改 HTTP 端口,如下面的示例所示:

You can set the configprop:management.server.port[] property to change the HTTP port, as the following example shows:

management:
  server:
    port: 8081

在 Cloud Foundry 上,默认情况下,应用程序只在端口 8080 上接收用于 HTTP 和 TCP 路由的请求。如果您想在 Cloud Foundry 上使用自定义管理端口,则需要显式设置应用程序的路由以便将流量转发到自定义端口。

On Cloud Foundry, by default, applications receive requests only on port 8080 for both HTTP and TCP routing. If you want to use a custom management port on Cloud Foundry, you need to explicitly set up the application’s routes to forward traffic to the custom port.

Configuring Management-specific SSL

在配置为使用自定义端口时,您还可以通过使用各种 management.server.ssl.* 属性为管理服务器配置它自己的 SSL。例如,这样做可以让一个管理服务器通过 HTTP 来使用,而主应用程序使用 HTTPS,如下面的属性设置所示:

When configured to use a custom port, you can also configure the management server with its own SSL by using the various management.server.ssl.* properties. For example, doing so lets a management server be available over HTTP while the main application uses HTTPS, as the following property settings show:

server:
  port: 8443
  ssl:
    enabled: true
    key-store: "classpath:store.jks"
    key-password: "secret"
management:
  server:
    port: 8080
    ssl:
      enabled: false

或者,主服务器和管理服务器都可以使用 SSL,但使用不同的密钥存储,如下所示:

Alternatively, both the main server and the management server can use SSL but with different key stores, as follows:

server:
  port: 8443
  ssl:
    enabled: true
    key-store: "classpath:main.jks"
    key-password: "secret"
management:
  server:
    port: 8080
    ssl:
      enabled: true
      key-store: "classpath:management.jks"
      key-password: "secret"

Customizing the Management Server Address

您可以通过设置 configprop:management.server.address[] 属性来自定义管理端点可用的地址。如果您只想侦听内部网络或 OPS 面向网络或只侦听来自 localhost 的连接,这样做就很有用。

You can customize the address on which the management endpoints are available by setting the configprop:management.server.address[] property. Doing so can be useful if you want to listen only on an internal or ops-facing network or to listen only for connections from localhost.

您只能在端口与主服务器端口不同时才侦听不同的地址。

You can listen on a different address only when the port differs from the main server port.

以下示例 application.properties 不允许远程管理连接:

The following example application.properties does not allow remote management connections:

management:
  server:
    port: 8081
    address: "127.0.0.1"

Disabling HTTP Endpoints

如果您不想通过 HTTP 公开端点,则可以将管理端口设置为 -1,如下面的示例所示:

If you do not want to expose endpoints over HTTP, you can set the management port to -1, as the following example shows:

management:
  server:
    port: -1

您还可以通过使用 configprop:management.endpoints.web.exposure.exclude[] 属性来实现这一点,如下面的示例所示:

You can also achieve this by using the configprop:management.endpoints.web.exposure.exclude[] property, as the following example shows:

management:
  endpoints:
    web:
      exposure:
        exclude: "*"