root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 4 Packages Projects Releases Wiki Activity
spring-boot/spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/monitoring.adoc

149 lines
5.3 KiB
Plaintext
Raw Normal View History

Split up adoc files Closes gh-23254
2021-04-30 00:11:56 +08:00
[[actuator.monitoring]]
== Monitoring and Management over HTTP
If you are developing a web application, Spring Boot Actuator auto-configures all enabled endpoints to be exposed over HTTP.
The default convention is to use the `id` of the endpoint with a prefix of `/actuator` as the URL path.
For example, `health` is exposed as `/actuator/health`.
TIP: Actuator is supported natively with Spring MVC, Spring WebFlux, and Jersey.
If both Jersey and Spring MVC are available, Spring MVC will be used.
NOTE: Jackson is a required dependency in order to get the correct JSON responses as documented in the API documentation ({spring-boot-actuator-restapi-docs}[HTML] or {spring-boot-actuator-restapi-pdfdocs}[PDF]).
[[actuator.monitoring.customizing-management-server-context-path]]
=== Customizing the Management Endpoint Paths
Sometimes, it is useful to customize the prefix for the management endpoints.
For example, your application might already use `/actuator` for another purpose.
You can use the configprop:management.endpoints.web.base-path[] property to change the prefix for your management endpoint, as shown in the following example:
[source,yaml,indent=0,configprops,configblocks]
----
management:
endpoints:
web:
base-path: "/manage"
----
The preceding `application.properties` example changes the endpoint from `/actuator/\{id}` to `/manage/\{id}` (for example, `/manage/info`).
NOTE: Unless the management port has been configured to <<actuator#actuator.monitoring.customizing-management-server-port,expose endpoints by using a different HTTP port>>, `management.endpoints.web.base-path` is relative to `server.servlet.context-path` (Servlet web applications) or `spring.webflux.base-path` (reactive web applications).
If `management.server.port` is configured, `management.endpoints.web.base-path` is relative to `management.server.base-path`.
If you want to map endpoints to a different path, you can use the configprop:management.endpoints.web.path-mapping[] property.
The following example remaps `/actuator/health` to `/healthcheck`:
[source,yaml,indent=0,configprops,configblocks]
----
management:
endpoints:
web:
base-path: "/"
path-mapping:
health: "healthcheck"
----
[[actuator.monitoring.customizing-management-server-port]]
=== Customizing the Management Server Port
Exposing management endpoints by using the default HTTP port is a sensible choice for cloud-based deployments.
If, however, your application runs inside your own data center, you may prefer to expose endpoints by using a different HTTP port.
You can set the configprop:management.server.port[] property to change the HTTP port, as shown in the following example:
[source,yaml,indent=0,configprops,configblocks]
----
management:
server:
port: 8081
----
NOTE: On Cloud Foundry, applications only receive requests on port 8080 for both HTTP and TCP routing, by default.
If you want to use a custom management port on Cloud Foundry, you will need to explicitly set up the application's routes to forward traffic to the custom port.
[[actuator.monitoring.management-specific-ssl]]
=== Configuring Management-specific SSL
When configured to use a custom port, the management server can also be configured with its own SSL by using the various `management.server.ssl.*` properties.
For example, doing so lets a management server be available over HTTP while the main application uses HTTPS, as shown in the following property settings:
[source,yaml,indent=0,configprops,configblocks]
----
server:
port: 8443
ssl:
enabled: true
key-store: "classpath:store.jks"
key-password: secret
management:
server:
port: 8080
ssl:
enabled: false
----
Alternatively, both the main server and the management server can use SSL but with different key stores, as follows:
[source,yaml,indent=0,configprops,configblocks]
----
server:
port: 8443
ssl:
enabled: true
key-store: "classpath:main.jks"
key-password: "secret"
management:
server:
port: 8080
ssl:
enabled: true
key-store: "classpath:management.jks"
key-password: "secret"
----
[[actuator.monitoring.customizing-management-server-address]]
=== Customizing the Management Server Address
You can customize the address that the management endpoints are available on by setting the configprop:management.server.address[] property.
Doing so can be useful if you want to listen only on an internal or ops-facing network or to listen only for connections from `localhost`.
NOTE: You can listen on a different address only when the port differs from the main server port.
The following example `application.properties` does not allow remote management connections:
[source,yaml,indent=0,configprops,configblocks]
----
management:
server:
port: 8081
address: "127.0.0.1"
----
[[actuator.monitoring.disabling-http-endpoints]]
=== Disabling HTTP Endpoints
If you do not want to expose endpoints over HTTP, you can set the management port to `-1`, as shown in the following example:
[source,yaml,indent=0,configprops,configblocks]
----
management:
server:
port: -1
----
This can be achieved using the configprop:management.endpoints.web.exposure.exclude[] property as well, as shown in the following example:
[source,yaml,indent=0,configprops,configblocks]
----
management:
endpoints:
web:
exposure:
exclude: "*"
----