如何解决我的Spring云网关在使用docker-compose
我有一个示例项目,该项目由启动Eureka服务器,Spring Cloud网关和Keycloak的注册表模块组成。 问题是通过运行Keycloak,使用docker-compose注册表和网关作为普通应用程序运行,一切正常,也就是说,当我想查看eureka仪表板时,我重定向到Keycloak进行身份验证,然后重定向到仪表板,但是当我使用docker-compose和其他人一起执行网关时,情况并非如此:
Caused by: java.lang.IllegalArgumentException: Unable to resolve Configuration with the provided Issuer of "http://127.0.0.1:8090/auth/realms/dev"
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://127.0.0.1:8090/auth/realms/dev/.well-known/openid-configuration": Connection refused
虽然我可以通过将链接粘贴到浏览器中来获取配置。 我希望这是我对docker-compose的错误配置,如果您能给我一些想法,我将不胜感激。
网关application.yml
spring:
application:
name: gateway
cloud:
gateway:
routes:
- id: firstService
uri: lb://first-microservice
predicates:
- Path=/first/**
filters:
- TokenRelay=
- RemoveRequestHeader=Cookie
- id: secondService
uri: lb://second-microservice
predicates:
- Path=/second/**
# filters:
# - StripPrefix=1
filters:
- TokenRelay=
- RemoveRequestHeader=Cookie
- id: registry
uri: lb://registry
predicates:
- Path=/registry/**
filters:
- StripPrefix=1
- id: eureka
uri: lb://registry
predicates:
- Path=/eureka/**
autoconfigure:
# TODO: remove when fixed https://github.com/spring-projects/spring-security/issues/6314
exclude: org.springframework.boot.actuate.autoconfigure.security.reactive.ReactiveManagementWebSecurityAutoConfiguration
security:
oauth2:
client:
registration:
keycloak:
client-id: backend
client-secret: '2baa28ce-9607-44a3-a42c-a0bb2102a66d'
provider:
keycloak:
issuer-uri: ${ISSUER_URI:http://127.0.0.1:8090/auth/realms/dev}
user-name-attribute: preferred_username
server:
port: 8079
info:
app:
name: ${spring.application.name}
eureka:
client:
registerWithEureka: true
serviceUrl:
defaultZone: ${EUREKA_SERVER:http://localhost:8761/eureka}
healthcheck:
enabled: true
docker-compose.yml
version: '3'
volumes:
postgres_data:
driver: local # is already local by default
keycloak-data-volume:
driver: local # is already local by default
# external: true
services:
postgres:
image: postgres
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
networks:
- net
keycloak:
image: jboss/keycloak:11.0.0
environment:
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_SCHEMA: public
DB_PASSWORD: password
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: Pa55w0rd
volumes:
- keycloak-data-volume:/var/lib/keycloak/data
command: ["-Djboss.socket.binding.port-offset=10"]
expose:
- 8090
ports:
- 8090:8090
depends_on:
- postgres
networks:
- net
registry:
image: sample-cloud-registry:latest
container_name: registry
expose:
- 8761
networks:
- net
environment:
- EUREKA_SERVER=http://registry:8761/eureka/
gateway:
image: sample-cloud-gateway:latest
container_name: gateway
expose:
- 8079
ports:
- 127.0.0.1:8080:8079
networks:
- net
restart: always
depends_on:
- registry
- keycloak
environment:
- ISSUER_URI=http://127.0.0.1:8090/auth/realms/dev
- EUREKA_SERVER=http://registry:8761/eureka/
networks:
net:
解决方法
我设法解决了问题,这是我的更改:
在使用Eureka时,我将ISSUER_URI = http://127.0.0.1:8090 / auth / realms / dev更改为使用keycloak容器的主机名,因此结果是:
- ISSUER_URI=http://keycloak:8090/auth/realms/dev
您需要注意,上一行中的端口号是容器端口,不一定是主机端口。 然后,您需要在etc下的已知主机中添加密钥斗篷,以使登录页面可通过浏览器访问:
127.0.0.1 keycloak
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。