为服务设置 Spring Cloud 配置服务器实例Set up a Spring Cloud Config Server instance for your service

本文介绍如何将 Spring Cloud 配置服务器实例连接到 Azure Spring Cloud 服务。This article shows you how to connect a Spring Cloud Config Server instance to your Azure Spring Cloud service.

Spring Cloud Config 为分布式系统中的外部化配置提供服务器和客户端支持。Spring Cloud Config provides server and client-side support for an externalized configuration in a distributed system. 使用配置服务器实例可在一个中心位置管理所有环境中应用程序的外部属性。With the Config Server instance, you have a central place to manage external properties for applications across all environments. 有关详细信息,请参阅 Spring Cloud 配置服务器引用For more information, see Spring Cloud Config Server reference.

先决条件Prerequisites

限制Restriction

在后端上使用配置服务器时存在一些限制。There are some restrictions when you use Config Server with a Git back end. 某些属性将自动注入到应用程序环境,以访问“配置服务器”和“服务发现”。Some properties are automatically injected into your application environment to access Config Server and Service Discovery. 如果你同时从配置服务器文件配置了这些属性,可能会遇到冲突和意外的行为。If you also configure those properties from your Config Server files, you might experience conflicts and unexpected behavior. 属性包括:The properties include:

eureka.client.service-url.defaultZone
eureka.client.tls.keystore
server.port
spring.cloud.config.tls.keystore
spring.application.name
spring.jmx.enabled

注意

我们强烈建议 不要 将上述属性放入配置服务器应用程序文件中。We strongly recommend that you do not put the above properties in your Config Server application files.

创建配置服务器文件Create your Config Server files

Azure Spring Cloud 支持使用 Azure DevOps、GitHub、GitLab 和 Bitbucket 来存储配置服务器文件。Azure Spring Cloud supports Azure DevOps, GitHub, GitLab, and Bitbucket for storing your Config Server files. 准备好存储库后,请按照以下说明创建配置文件,并将其存储到这些位置。When you have your repository ready, create the configuration files with the following instructions and store them there.

此外,一些可配置属性仅适用于某些类型。Additionally, some configurable properties are available only for certain types. 以下小节列出了每个存储库类型的属性。The following subsections list the properties for each repository type.

公共存储库Public repository

使用公共存储库时,可配置属性的受限程度更严重。When you use a public repository, your configurable properties are more limited.

下表列出了用于设置公共 Git 存储库的所有可配置属性:All configurable properties that are used to set up the public Git repository are listed in the following table:

备注

使用连字符 (-) 分隔单词是目前唯一受支持的命名约定。Using a hyphen (-) to separate words is the only naming convention that's currently supported. 例如,可使用“default-label”,但不能使用“defaultLabel” 。For example, you can use default-label, but not defaultLabel.

propertiesProperty 必选Required FeatureFeature
uri Yes 用作配置服务器后端的 Git 存储库的 URI 以“http://”、“https://”、“git@”或“ssh://”开头 。The URI of the Git repository that's used as the Config Server back end begins with http://, https://, git@, or ssh://.
default-label No Git 存储库的默认标签应为存储库的分支名称、标记名称或 commit-id 。The default label of the Git repository, should be the branch name, tag name, or commit-id of the repository.
search-paths No 用于搜索 Git 存储库子目录的字符串数组。An array of strings that are used to search subdirectories of the Git repository.

使用 SSH 身份验证的专用存储库Private repository with SSH authentication

下表列出了用于设置使用 SSH 的专用 Git 存储库的所有可配置属性:All configurable properties used to set up private Git repository with SSH are listed in the following table:

备注

使用连字符 (-) 分隔单词是目前唯一受支持的命名约定。Using a hyphen (-) to separate words is the only naming convention that's currently supported. 例如,可使用“default-label”,但不能使用“defaultLabel” 。For example, you can use default-label, but not defaultLabel.

propertiesProperty 必选Required FeatureFeature
uri Yes 用作配置服务器后端的 Git 存储库的 URI 应以“http://”、“https://”、“git@”或“ssh://”开头 。The URI of the Git repository used as the Config Server back end, should be started with http://, https://, git@, or ssh://.
default-label No Git 存储库的默认标签应为存储库的分支名称、标记名称或 commit-id 。The default label of the Git repository, should be the branch name, tag name, or commit-id of the repository.
search-paths No 用于搜索 Git 存储库子目录的字符串数组。An array of strings used to search subdirectories of the Git repository.
private-key No 用于访问 Git 存储库的 SSH 私钥,如果 URI 以“git@”或“ssh://”开头,则此私钥是必需的 。The SSH private key to access the Git repository, required when the URI starts with git@ or ssh://.
host-key No Git 存储库服务器的主机密钥,不应包含 host-key-algorithm 涵盖的算法前缀。The host key of the Git repository server, should not include the algorithm prefix as covered by host-key-algorithm.
host-key-algorithm No 主机密钥算法应为 ssh-dss、ssh-rsa、ecdsa-sha2-nistp256、ecdsa-sha2-nistp384 或 ecdsa-sha2-nistp521 。The host key algorithm, should be ssh-dss, ssh-rsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, or ecdsa-sha2-nistp521. 仅当存在 host-key 时,才是必需的。Required only if host-key exists.
strict-host-key-checking No 指示在利用专用 host-key 时配置服务器实例是否无法启动。Indicates whether the Config Server instance will fail to start when leveraging the private host-key. 应为 true(默认值)或 false 。Should be true (default value) or false.

备注

如果未指定,Config Server 会采用 master(om Git 本身)作为默认标签。Config Server takes master (om Git itself) as default label if not specified. 但 GitHub 最近已将默认分支从 master 更改为 mainBut GitHub has changed the default branch from master to main recently. 为了避免 Azure Spring Cloud Config Server 故障,在使用 GitHub 设置 Config Server 时,请注意默认标签,尤其是对于新创建的存储库。To avoid Azure Spring Cloud Config Server failure, please pay attention for the default label when setting up Config Server with GitHub, especially for new created repositories.


使用基本身份验证的专用存储库Private repository with basic authentication

下面列出了用于设置使用基本身份验证的专用 Git 存储库的所有可配置属性。All configurable properties used to set up private Git repository with basic authentication are listed below.

备注

使用连字符 (-) 分隔单词是目前唯一受支持的命名约定。Using a hyphen (-) to separate words is the only naming convention that's currently supported. 例如,可使用“default-label”,但不能使用“defaultLabel” 。For example, use default-label, not defaultLabel.

propertiesProperty 必选Required FeatureFeature
uri Yes 用作配置服务器后端的 Git 存储库的 URI 应以“http://”、“https://”、“git@”或“ssh://”开头 。The URI of the Git repository that's used as the Config Server back end should be started with http://, https://, git@, or ssh://.
default-label No Git 存储库的默认标签应为存储库的分支名称、标记名称或 commit-id 。The default label of the Git repository, should be the branch name, tag name, or commit-id of the repository.
search-paths No 用于搜索 Git 存储库子目录的字符串数组。An array of strings used to search subdirectories of the Git repository.
username No 用于访问 Git 存储库服务器的用户名,如果 Git 存储库服务器支持 Http Basic Authentication,则此用户名是必需的。The username that's used to access the Git repository server, required when the Git repository server supports Http Basic Authentication.
password No 用于访问 Git 存储库服务器的密码,如果 Git 存储库服务器支持 Http Basic Authentication,则此密码是必需的。The password used to access the Git repository server, required when the Git repository server supports Http Basic Authentication.

备注

许多 Git 存储库服务器都支持对 HTTP 基本身份验证使用令牌,而不支持使用密码。Many Git repository servers support the use of tokens rather than passwords for HTTP Basic Authentication. 某些存储库(如 GitHub)允许令牌无限期保留。Some repositories, such as GitHub, allow tokens to persist indefinitely. 但是,某些 Git 存储库服务器(包括 Azure DevOps)会在数小时内强制令牌过期。However, some Git repository servers, including Azure DevOps, force tokens to expire in a few hours. 导致令牌过期的存储库不应在 Azure Spring Cloud 中使用基于令牌的身份验证。Repositories that cause tokens to expire should not use token-based authentication with Azure Spring Cloud.

带模式的 Git 存储库Git repositories with pattern

下面列出了用于设置带模式的 Git 存储库的所有可配置属性。All configurable properties used to set up Git repositories with pattern are listed below.

备注

使用连字符 (-) 分隔单词是目前唯一受支持的命名约定。Using a hyphen (-) to separate words is the only naming convention that's currently supported. 例如,可使用“default-label”,但不能使用“defaultLabel” 。For example, use default-label, not defaultLabel.

propertiesProperty 必选Required FeatureFeature
repos No 包含具有给定名称的 Git 存储库的设置的图。A map consisting of the settings for a Git repository with a given name.
repos."uri" repos 上选择“是”Yes on repos 用作配置服务器后端的 Git 存储库的 URI 应以“http://”、“https://”、“git@”或“ssh://”开头 。The URI of the Git repository that's used as the Config Server back end should be started with http://, https://, git@, or ssh://.
repos."name" repos 上选择“是”Yes on repos 用于标识 Git 存储库的名称,仅当 repos 存在时才是必需的。A name to identify on the Git repository, required only if repos exists. 例如,team-A、team-B 。For example, team-A, team-B.
repos."pattern" No 用于匹配应用程序名称的字符串数组。An array of strings used to match an application name. 对于每个模式,使用带有通配符的 {application}/{profile} 格式。For each pattern, use the {application}/{profile} format with wildcards.
repos."default-label" No Git 存储库的默认标签应为存储库的分支名称、标记名称或 commit-id 。The default label of the Git repository, should be the branch name, tag name, or commit-id of the repository.
repos."search-paths"repos."search-paths" No 用于搜索 Git 存储库子目录的字符串数组。An array of strings used to search subdirectories of the Git repository.
repos."username" No 用于访问 Git 存储库服务器的用户名,如果 Git 存储库服务器支持 Http Basic Authentication,则此用户名是必需的。The username that's used to access the Git repository server, required when the Git repository server supports Http Basic Authentication.
repos."password" No 用于访问 Git 存储库服务器的密码,如果 Git 存储库服务器支持 Http Basic Authentication,则此密码是必需的。The password used to access the Git repository server, required when the Git repository server supports Http Basic Authentication.
repos."private-key" No 用于访问 Git 存储库的 SSH 私钥,如果 URI 以“git@”或“ssh://”开头,则此私钥是必需的 。The SSH private key to access Git repository, required when the URI starts with git@ or ssh://.
repos."host-key" No Git 存储库服务器的主机密钥,不应包含 host-key-algorithm 涵盖的算法前缀。The host key of the Git repository server, should not include the algorithm prefix as covered by host-key-algorithm.
repos."host-key-algorithm" No 主机密钥算法应为 ssh-dss、ssh-rsa、ecdsa-sha2-nistp256、ecdsa-sha2-nistp384 或 ecdsa-sha2-nistp521 。The host key algorithm, should be ssh-dss, ssh-rsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, or ecdsa-sha2-nistp521. 仅当存在 host-key 时,才是必需的。Required only if host-key exists.
repos."strict-host-key-checking" No 指示在利用专用 host-key 时配置服务器实例是否无法启动。Indicates whether the Config Server instance will fail to start when leveraging the private host-key. 应为 true(默认值)或 false 。Should be true (default value) or false.

将配置服务器存储库附加到 Azure Spring CloudAttach your Config Server repository to Azure Spring Cloud

将配置文件保存到存储库后,需要将 Azure Spring Cloud 连接到该存储库。Now that your configuration files are saved in a repository, you need to connect Azure Spring Cloud to it.

  1. 登录 Azure 门户Sign in to the Azure portal.

  2. 转到 Azure Spring Cloud 的“概览”页。Go to your Azure Spring Cloud Overview page.

  3. 在左侧导航窗格中选择“Config Server”。Select Config Server in the left navigation pane.

  4. 在“默认存储库”部分,将“URI”设置为“https://github.com/Azure-Samples/piggymetrics-config” 。In the Default repository section, set URI to "https://github.com/Azure-Samples/piggymetrics-config".

  5. 单击 “验证”Click Validate.

    导航到配置服务器

  6. 完成验证后,请单击“应用”以保存更改。When validation is complete, click Apply to save your changes.

    正在验证配置服务器

  7. 更新配置可能需要几分钟。Updating the configuration can take a few minutes.

    正在更新配置服务器

  8. 配置完成后,会收到通知。You should get a notification when the configuration is complete.

将存储库信息直接输入到 Azure 门户Enter repository information directly to the Azure portal

默认存储库Default repository

  • 公共存储库:在“默认存储库”部分的“Uri”框中粘贴存储库 URI 。Public repository: In the Default repository section, in the Uri box, paste the repository URI. 将“标签”设置为“配置” 。确保“身份验证”设置为“公共”,然后选择“应用”以完成操作 。Set the Label to config. Ensure that the Authentication setting is Public, and then select Apply to finish.

  • 专用存储库:Azure Spring Cloud 支持基本的基于密码/令牌的身份验证和 SSH。Private repository: Azure Spring Cloud supports basic password/token-based authentication and SSH.

    • 基本身份验证:在“默认存储库”部分的“Uri”框中,粘贴存储库 URI,然后选择“身份验证”(“铅笔”图标)按钮 。Basic Authentication: In the Default repository section, in the Uri box, paste the repository URI, and then select the Authentication ("pencil" icon) button. 在“编辑身份验证”窗格的“身份验证类型”下拉列表中选择“HTTP 基本”,然后输入你的用户名和密码/令牌以授权访问 Azure Spring Cloud 。In the Edit Authentication pane, in the Authentication type drop-down list, select HTTP Basic, and then enter your username and password/token to grant access to Azure Spring Cloud. 选择“确定”,然后选择“应用”完成配置服务器实例的设置 。Select OK, and then select Apply to finish setting up your Config Server instance.

    “编辑身份验证”窗格基本身份验证

    注意

    一些 Git 存储库服务器(例如 GitHub)将个人令牌或访问令牌(例如密码)用于基本身份验证 。Some Git repository servers, such as GitHub, use a personal-token or an access-token, such as a password, for Basic Authentication. 你可以在 Azure Spring Cloud 中使用这种类型的令牌作为密码,因为它将永不过期。You can use that kind of token as a password in Azure Spring Cloud, because it will never expire. 但对于其他 Git 存储库服务器(例如 BitBucket 和 Azure DevOps),访问令牌将在一到两小时后过期。But for other Git repository servers, such as Bitbucket and Azure DevOps, the access-token expires in one or two hours. 这意味着,在将这些存储库服务器与 Azure Spring Cloud 一起使用时,此选项是不可行的。This means that the option isn't viable when you use those repository servers with Azure Spring Cloud.

    • SSH:在“默认存储库”部分的“Uri”框中,粘贴存储库 URI,然后选择“身份验证”(“铅笔”图标)按钮 。SSH: In the Default repository section, in the Uri box, paste the repository URI, and then select the Authentication ("pencil" icon) button. 在“编辑身份验证”窗格中的“身份验证类型”下拉列表中,选择“SSH”,然后输入“私钥” 。In the Edit Authentication pane, in the Authentication type drop-down list, select SSH, and then enter your Private key. (可选)指定“主机密钥”和“主机密钥算法” 。Optionally, specify your Host key and Host key algorithm. 请确保在配置服务器存储库中包含公钥。Be sure to include your public key in your Config Server repository. 选择“确定”,然后选择“应用”完成配置服务器实例的设置 。Select OK, and then select Apply to finish setting up your Config Server instance.

    “编辑身份验证”窗格 ssh 身份验证

模式存储库Pattern repository

如果要使用可选的“模式存储库”来配置服务,请使用与“默认存储库”相同的方式指定“URI”和“身份验证”。If you want to use an optional Pattern repository to configure your service, specify the URI and Authentication the same way as the Default repository. 请确保为模式包含“名称”,然后选择“应用”以将其附加到实例 。Be sure to include a Name for your pattern, and then select Apply to attach it to your instance.

将存储库信息输入 YAML 文件Enter repository information into a YAML file

如果已使用存储库设置编写 YAML 文件,则可以将该文件直接从本地计算机导入到 Azure Spring Cloud。If you have written a YAML file with your repository settings, you can import the file directly from your local machine to Azure Spring Cloud. 使用基本身份验证的专用存储库的简单 YAML 文件如下所示:A simple YAML file for a private repository with basic authentication would look like this:

spring:
    cloud:
        config:
            server:
                git:
                    uri: https://github.com/azure-spring-cloud-samples/config-server-repository.git
                    username: <username>
                    password: <password/token>

单击“导入设置”按钮,然后从项目目录中选择 YAML 文件。Select the Import settings button, and then select the YAML file from your project directory. 选择“导入”,然后将弹出“通知”中的 async 操作 。Select Import, and then an async operation from your Notifications will pop up. 1-2 分钟后,它应报告成功。After 1-2 minutes, it should report success.

“配置服务器通知”窗格

YAML 文件中的信息应显示在 Azure 门户中。The information from your YAML file should be displayed in the Azure portal. 选择“应用”以完成操作。Select Apply to finish.

使用 Azure Repos 进行 Azure Spring Cloud 配置Using Azure Repos for Azure Spring Cloud Configuration

Azure Spring Cloud 可以访问公开、由 SSH 保护的,或使用 HTTP 基本身份验证保护的 Git 存储库。Azure Spring Cloud can access Git repositories that are public, secured by SSH, or secured using HTTP basic authentication. 我们将使用最后一个选项,因为它更易于使用 Azure Repos 进行创建和管理。We will use that last option, as it is easier to create and manage with Azure Repos.

获取存储库 URL 和凭据Get repo url and credentials

  1. 在项目的 Azure Repos 门户中,单击“克隆”按钮:In the Azure Repos portal for your project, click the "Clone" button:

    克隆按钮

  2. 从文本框中复制克隆 URL。Copy the clone URL from the textbox. 此 URL 通常采用以下格式:This URL will typically be in the form:

    https://<organization name>@dev.azure.com/<organization name>/<project name>/_git/<repository name>
    

    删除 https:// 后和 dev.azure.com 之前的所有内容,包括 @Remove everything after https:// and before dev.azure.com, including the @. 生成的 URL 格式应为:The resulting URL should be in the form:

    https://dev.azure.com/<organization name>/<project name>/_git/<repository name>
    

    保存此 URL 以便在下一部分中使用。Save this URL for use in the next section.

  3. 单击“生成 Git 凭据”。Click "Generate Git Credentials". 将显示用户名和密码。A username and password will appear. 保存这些内容以便在下一部分中使用。Save these for use in the next section.

配置 Azure Spring Cloud 以访问 Git 存储库Configure Azure Spring Cloud to access the Git repository

  1. 登录 Azure 门户Sign in to the Azure portal.

  2. 转到 Azure Spring Cloud 的“概览”页。Go to your Azure Spring Cloud Overview page.

  3. 选择要配置的服务。Select the service to configure.

  4. 在服务页的左窗格中的“设置”下,选择“配置服务器”选项卡 。配置之前创建的存储库:In the left pane of the service page, under Settings, select the Config Server tab. Configure the repository we previously created:

    • 添加从上一部分中保存的存储库 URLAdd the repository URL that you have saved from the previous section
    • 单击 Authentication,然后选择 HTTP BasicClick on Authentication and select HTTP Basic
    • “用户名”是上一部分中保存的用户名The username is the username saved from the previous section
    • “密码”是从上一部分保存的密码The password is the password saved from the previous section
    • 单击“应用”并等待操作成功Click on "Apply" and wait for the operation to succeed

    Spring Cloud Config Server

删除配置Delete your configuration

可以选择“配置服务器”选项卡中显示的“重置”按钮,以彻底清除现有的设置 。You can select the Reset button that appears in the Config Server tab to erase your existing settings completely. 如果你希望将配置服务器实例连接到另一个源(例如,从 GitHub 移到 Azure DevOps),请删除配置服务器设置。Delete the config server settings if you want to connect your Config Server instance to another source, such as moving from GitHub to Azure DevOps.

后续步骤Next steps

本文介绍了如何启用和配置 Spring Cloud Config Server 实例。In this article, you learned how to enable and configure your Spring Cloud Config Server instance. 若要详细了解如何管理应用程序,请参阅在 Azure Spring Cloud 中缩放应用程序To learn more about managing your application, see Scale an application in Azure Spring Cloud.