Prometheus采集Springboot应用

# 导包

        <!-- springboot 监控系统 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
        <!-- 将数据格式转换成prometheus要求 -->
        <dependency>
            <groupId>io.micrometer</groupId>
            <artifactId>micrometer-registry-prometheus</artifactId>
            <scope>runtime</scope>
        </dependency>

1
2
3
4
5
6
7
8
9
10
11

# 编写配置文件

####################### springboot 应用监控配置 #######################
# Actuator 监控端点配置项
management:
  endpoints:
    web:
      base-path: /actuator # Actuator 提供的 API 接口的根目录。默认为 /actuator
      exposure:
        include: '*' # 需要开放的端点。默认值只打开 health, info 两个端点，通过设置 * ，可以开放所有端点
      # 因为 Actuator 的端点默认没有用户认证，这个地方是我自己扩展的认证方式，需要在 prometheus prometheus.yml scrape_configs 配置中配置 basic_auth
      basic-auth: # 接口权限认证用户配置
        username: 'admin'  # 用户名
        password: '$2a$10$D0ySOfXfNmSuXMlqjnjzXOAiexvhex9a2iPOwn9m7Xx3qSwsuevKK'  # 密文密码
  endpoint:
    prometheus:
      enabled: true
    health:
      show-details: always
  metrics:
    export:
      prometheus:
        enabled: true

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

basic-auth 说明：自定义的Actuator用户认证，详情看下面的Actuator 配置用户认证讲解

# 配置监控的应用名称

可以在启动类添加如下代码

    @Bean
    MeterRegistryCustomizer<MeterRegistry> configurer(@Value("${spring.application.name}") String applicationName) {
        return registry -> registry.config().commonTags("application", applicationName);
    }

1
2
3
4

# Actuator 配置用户认证

# 导包

      <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-core</artifactId>
        </dependency>

1
2
3
4

# 注入加解密Bean

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

	@Bean
    public PasswordEncoder bCryptPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }

1
2
3
4
5
6
7

使用 BCrypt 生成加密密码，可以通过以下代码实现：

public static void main(String[] args) {
        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
        String rawPassword = "curry@xu";  // 明文密码
        String encodedPassword = encoder.encode(rawPassword);
        System.out.println("Encoded Password: " + encodedPassword);
    }

1
2
3
4
5
6

# 编写Filter校验用户认证

@Slf4j
@Component
public class ApiMetricsAuthFilter implements Filter {

    @Resource(name = "bCryptPasswordEncoder")
    private PasswordEncoder bCryptPasswordEncoder;

    @Value("${management.endpoints.web.basic-auth.username}")
    private String userName;

    @Value("${management.endpoints.web.basic-auth.password}")
    private String encodedPassword;

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = ServletUtils.getRequest();
        // 获取 Authorization 请求头
        assert request != null;
        String authHeader = request.getHeader("Authorization");
        if (ValidateUtil.isEmpty(authHeader) || !authHeader.startsWith("Basic ")) {
            throw new Exception("对不起，您没有访问该资源的权限！ ");
        }
        // 解码 Base64 编码的用户名和密码
        String base64Credentials = authHeader.substring(6);
        String credentials = new String(Base64.getDecoder().decode(base64Credentials), StandardCharsets.UTF_8);
        final String[] values = credentials.split(":", 2);
        String username = values[0];
        String rawPassword = values[1];
        if (!Objects.equals(username, userName)) {
            throw new Exception("对不起，您没有访问该资源的权限！ ");
        }
        if (!bCryptPasswordEncoder.matches(rawPassword, encodedPassword)) {
            throw new Exception("对不起，您没有访问该资源的权限！ ");
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

# 注入Filter

    @Bean
    public ApiMetricsAuthFilter apiMetricsAuthFilter() {
        return new ApiMetricsAuthFilter();
    }

    @Bean
    public FilterRegistrationBean<ApiMetricsAuthFilter> apiMetricsAuthFilters() {
        FilterRegistrationBean<ApiMetricsAuthFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(apiMetricsAuthFilter());
        // 配置过滤规则 只拦截 actuator 的接口
        filterRegistrationBean.addUrlPatterns("/actuator/*");
        // 设置过滤器名称
        filterRegistrationBean.setName("apiMetricsAuthFilter");
        // 执行次序
        filterRegistrationBean.setOrder(2);
        return filterRegistrationBean;
    }

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

# 配置prometheus

修改 prometheus.yml 如下：

### 下面进行 SpringBoot 应用配置
  - job_name: "applicationName"

    # metrics_path defaults to '/metrics'
    # scheme defaults to 'http'.
    scrape_interval: 5s
    metrics_path: '/actuator/prometheus'
    static_configs:
      - targets: ["ip:port"]
    basic_auth:
      username: 'admin'  # 用户名
      password: 'curry@xu'  # 明文密码

1
2
3
4
5
6
7
8
9
10
11
12

关系如下

最近更新: 2025/07/30, 15:37:56

← Docker安装prometheus Docker安装grafana→