微服务发展到现在，应用已经比较广泛了，本篇文章会带领你搭建一个微服务监控服务，并附详细的代码。搭建完成后可以方便的看到服务的日志、JVM 内存占用、当前活跃的线程名字和线程数量等各种方便调试和分析的关键数据。

　　客户端

　　此处客户端是指需要被 Spring Boot Admin 监控的业务服务

　　配置 pom 文件，引入 actuator 依赖：<depency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-actuator</artifactId></depency>配置 yml 文件，开放所有监控端点：management: points: web: exposure: include: "*" point: health: show-details: always开放所有端点有很大的风险性，所以必须引入安全认证框架，引入 spring security ：<depency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId></depency>微服务的业务接口不需要做安全认证，所以添加配置类，放行 actuator 外的其他接口：@Configurationpublic class ActuatorSecurityConfig exts WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity httpSecurity) throws Exception { httpSecurity.httpBasic() .and() .authorizeRequests() .antMatchers("/actuator/**").authenticated() .anyRequest().permitAll() .and() .csrf().disable(); }}引入安全认证后，管理端将同样无法访问监控端点，所以客户端需要将账号密码等元数据注册到注册中心：spring: security: user: name: admin password: df973sdf cloud: nacos: discovery: metadata: user.name: ${spring.security.user.name} user.password: ${spring.security.user.password}管理端

　　引入依赖：<depency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-starter-server</artifactId></depency>完整的依赖如下（使用 nacos 注册中心，引入安全框架）：

　　<depency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId></depency><depency> <groupId>com.alibaba.cloud</groupId> <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId></depency><depency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-starter-server</artifactId></depency><depency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-mail</artifactId></depency><depency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId></depency>添加配置类，开启密码登录：@Configurationpublic class AdminSecurityConfig exts WebSecurityConfigurerAdapter { private final String adminContextPath; public AdminSecurityConfig(AdminServerProperties adminServerProperties) { this.adminContextPath = adminServerProperties.getContextPath(); } @Override protected void configure(HttpSecurity http) throws Exception { SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); successHandler.setTargetUrlParameter("redirectTo"); successHandler.setDefaultTargetUrl(adminContextPath + "/"); http.authorizeRequests() //1.配置所有静态资源和登录页可以公开访问 .antMatchers(adminContextPath + "/assets/**").permitAll() .antMatchers(adminContextPath + "/login").permitAll() .anyRequest().authenticated() //2.配置登录和登出路径 .and() .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler) .and() .logout().logoutUrl(adminContextPath + "/logout") //3.开启http basic，admin-client注册时需要使用 .and() .httpBasic() //4.开启基于cookie的csrf保护 .and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) //5.忽略这些路径的csrf保护以便admin-client注册 .ignoringAntMatchers( adminContextPath + "/instances", adminContextPath + "/actuator/**" ); }}配置账号密码，并忽略管理端：spring: security: user: name: admin password: m234sd boot: # 不显示admin-security-server的监控信息 admin: discovery: ignored-services: ${spring.application.name}至此，运行客户端和管理端，即可登录管理端查看效果。