Events
Mar 17, 11 PM - Mar 21, 11 PM
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowThis browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
The Admin for Spring managed component offers an administrative interface for Spring Boot web applications that expose actuator endpoints. As a managed component in Azure Container Apps, you can easily bind your container app to Admin for Spring for seamless integration and management.
This tutorial shows you how to create an Admin for Spring Java component and bind it to your container app so that you can monitor and manage your Spring applications with ease.
In this tutorial, you learn how to:
If you want to integrate Admin for Spring with Eureka Server for Spring, see Integrate Admin for Spring with Eureka Server for Spring in Container Apps instead.
Important
This tutorial uses services that can affect your Azure bill. If you decide to follow along, make sure you delete the resources featured in this article to avoid unexpected billing.
When you run the Admin for Spring component in Container Apps, be aware of the following details:
Item | Explanation |
---|---|
Scope | Components run in the same environment as the connected container app. |
Scaling | Component can’t scale. The scaling properties minReplicas and maxReplicas are both set to 1 . |
Resources | The container resource allocation for components is fixed. The number of the CPU cores is 0.5, and the memory size is 1 Gi. |
Pricing | Component billing falls under consumption-based pricing. Resources consumed by managed components are billed at the active/idle rates. You can delete components that are no longer in use to stop billing. |
Binding | Container apps connect to a component via a binding. The bindings inject configurations into container app environment variables. After a binding is established, the container app can read the configuration values from environment variables and connect to the component. |
Before you begin to work with the Admin for Spring component, you first need to create the required resources.
The following commands help you create your resource group and container app environment.
Create variables to support your application configuration. These values are provided for you for the purposes of this lesson.
export LOCATION=eastus
export RESOURCE_GROUP=my-resource-group
export ENVIRONMENT=my-environment
export JAVA_COMPONENT_NAME=admin
export APP_NAME=sample-admin-client
export IMAGE="mcr.microsoft.com/javacomponents/samples/sample-admin-for-spring-client:latest"
Variable | Description |
---|---|
LOCATION |
The Azure region location where you create your container app and Java component. |
ENVIRONMENT |
The container app environment name for your demo application. |
RESOURCE_GROUP |
The Azure resource group name for your demo application. |
JAVA_COMPONENT_NAME |
The name of the Java component created for your container app. In this case, you create an Admin for Spring Java component. |
IMAGE |
The container image used in your container app. |
Sign in to Azure with the Azure CLI.
az login
Create a resource group.
az group create \
--name $RESOURCE_GROUP \
--location $LOCATION \
--query "properties.provisioningState"
When you use the --query
parameter, the response filters down to a simple success or failure message.
Create your container app environment.
az containerapp env create \
--name $ENVIRONMENT \
--resource-group $RESOURCE_GROUP \
--location $LOCATION
Now that you have an existing environment, you can create your container app and bind it to a Java component instance of an Admin for Spring component.
Create the Admin for Spring Java component.
az containerapp env java-component admin-for-spring create \
--environment $ENVIRONMENT \
--resource-group $RESOURCE_GROUP \
--name $JAVA_COMPONENT_NAME \
--min-replicas 1 \
--max-replicas 1
Update the Admin for Spring Java component.
az containerapp env java-component admin-for-spring update \
--environment $ENVIRONMENT \
--resource-group $RESOURCE_GROUP \
--name $JAVA_COMPONENT_NAME \
--min-replicas 2 \
--max-replicas 2
Create the container app and bind it to the Admin for Spring component.
az containerapp create \
--name $APP_NAME \
--resource-group $RESOURCE_GROUP \
--environment $ENVIRONMENT \
--image $IMAGE \
--min-replicas 1 \
--max-replicas 1 \
--ingress external \
--target-port 8080 \
--bind $JAVA_COMPONENT_NAME
The bind operation binds the container app to the Admin for Spring Java component. The container app can now read the configuration values from environment variables, primarily the SPRING_BOOT_ADMIN_CLIENT_URL
property, and connect to the Admin for Spring component.
The binding also injects the following property:
"SPRING_BOOT_ADMIN_CLIENT_INSTANCE_PREFER-IP": "true",
This property indicates that the Admin for Spring component client should prefer the IP address of the container app instance when you connect to the Admin for Spring server.
To remove a binding from a container app, use the --unbind
option.
az containerapp update \
--name $APP_NAME \
--unbind $JAVA_COMPONENT_NAME \
--resource-group $RESOURCE_GROUP
Important
To view the dashboard, you need to have at least the Microsoft.App/managedEnvironments/write
role assigned to your account on the managed environment resource. You can explicitly assign the Owner
or Contributor
role on the resource. You can also follow the steps to create a custom role definition and assign it to your account.
Note
The dashboard isn't available in Azure China 21Vianet.
Create the custom role definition.
az role definition create --role-definition '{
"Name": "<ROLE_NAME>",
"IsCustom": true,
"Description": "Can access managed Java Component dashboards in managed environments",
"Actions": [
"Microsoft.App/managedEnvironments/write"
],
"AssignableScopes": ["/subscriptions/<SUBSCRIPTION_ID>"]
}'
Make sure to replace the placeholders in between the <>
brackets with your values.
Assign the custom role to your account on the managed environment resource.
Get the resource ID of the managed environment:
export ENVIRONMENT_ID=$(az containerapp env show \
--name $ENVIRONMENT --resource-group $RESOURCE_GROUP \
--query id \
--output tsv)
Assign the role to your account.
Before you run this command, replace the placeholder - as indicated by the <>
brackets - with your user or service principal ID or role name.
az role assignment create \
--assignee <USER_OR_SERVICE_PRINCIPAL_ID> \
--role "<ROLE_NAME>" \
--scope $ENVIRONMENT_ID
Note
The <USER_OR_SERVICE_PRINCIPAL_ID>
value should be the identity that you use to access the Azure portal. The <ROLE_NAME>
value is the name that you assigned in step 1.
Get the URL of the Admin for Spring dashboard.
az containerapp env java-component admin-for-spring show \
--environment $ENVIRONMENT \
--resource-group $RESOURCE_GROUP \
--name $JAVA_COMPONENT_NAME \
--query properties.ingress.fqdn \
--output tsv
This command returns the URL that you can use to access the Admin for Spring dashboard. With the dashboard, you can also see your container app, as shown in the following screenshot.
The resources created in this tutorial have an effect on your Azure bill. If you aren't going to use these services long term, run the following command to remove everything you created in this tutorial.
az group delete --resource-group $RESOURCE_GROUP
When you use the admin component in your own container app, you need to add the following dependency in your pom.xml file. Replace the version number with the latest version available on the Maven Repository.
<dependency>
<groupId>de.codecentric</groupId>
<version>3.3.2</version>
<artifactId>spring-boot-admin-starter-client</artifactId>
</dependency>
Starting with Spring Boot 2, endpoints other than health
and info
aren't exposed by default. You can expose them by adding the following configuration in your application.properties file.
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
The following list details the admin component properties you can configure for your app. For more information, see Spring Boot Admin.
Property name | Description | Default value |
---|---|---|
spring.boot.admin.server.enabled |
Enables the Spring Boot Admin Server. | true |
spring.boot.admin.context-path |
The path prefix where the Admin Server's statics assets and API are served. Relative to the Dispatcher-Servlet. | |
spring.boot.admin.monitor.status-interval |
Time interval in milliseconds to check the status of instances. | 10,000ms |
spring.boot.admin.monitor.status-lifetime |
Lifetime of status in milliseconds. The status isn't updated as long as the last status isn't expired. | 10,000 ms |
spring.boot.admin.monitor.info-interval |
Time interval in milliseconds to check the info of instances. | 1m |
spring.boot.admin.monitor.info-lifetime |
Lifetime of info in minutes. The info isn't updated as long as the last info isn't expired. | 1m |
spring.boot.admin.monitor.default-timeout |
Default timeout when making requests. Individual values for specific endpoints can be overridden using spring.boot.admin.monitor.timeout.* . |
10,000 |
spring.boot.admin.monitor.timeout.* |
Key-value pairs with the timeout per endpointId . |
Defaults to default-timeout value. |
spring.boot.admin.monitor.default-retries |
Default number of retries for failed requests. Requests that modify data (PUT , POST , PATCH , DELETE ) are never retried. Individual values for specific endpoints can be overridden using spring.boot.admin.monitor.retries.* . |
0 |
spring.boot.admin.monitor.retries.* |
Key-value pairs with the number of retries per endpointId . Requests that modify data (PUT , POST , PATCH , DELETE ) are never retried. |
Defaults to default-retries value. |
spring.boot.admin.metadata-keys-to-sanitize |
Metadata values for the keys matching these regex patterns used to sanitize in all JSON output. Starting from Spring Boot 3, all actuator values are masked by default. For more information about how to configure the unsanitization process, see Sanitize Sensitive Values. | ".*password$", ".*secret$", ".*key$", ".*token$", ".*credentials.*", ".*vcap_services$" |
spring.boot.admin.probed-endpoints |
For Spring Boot 1.x client applications, Spring Boot Admin probes for the specified endpoints using an OPTIONS request. If the path differs from the ID, you can specify this value as id:path - for example, health:ping . |
"health", "env", "metrics", "httptrace:trace", "threaddump:dump", "jolokia", "info", "logfile", "refresh", "flyway", "liquibase", "heapdump", "loggers", "auditevents" |
spring.boot.admin.instance-proxy.ignored-headers |
Headers not to forwarded when making requests to clients. | "Cookie", "Set-Cookie", "Authorization" |
spring.boot.admin.ui.title |
The displayed page title. | "Spring Boot Admin" |
spring.boot.admin.ui.poll-timer.cache |
Polling duration in milliseconds to fetch new cache data. | 2500 |
spring.boot.admin.ui.poll-timer.datasource |
Polling duration in milliseconds to fetch new data source data. | 2500 |
spring.boot.admin.ui.poll-timer.gc |
Polling duration in milliseconds to fetch new gc data. | 2500 |
spring.boot.admin.ui.poll-timer.process |
Polling duration in milliseconds to fetch new process data. | 2500 |
spring.boot.admin.ui.poll-timer.memory |
Polling duration in milliseconds to fetch new memory data. | 2500 |
spring.boot.admin.ui.poll-timer.threads |
Polling duration in milliseconds to fetch new threads data. | 2500 |
spring.boot.admin.ui.poll-timer.logfile |
Polling duration in milliseconds to fetch new logfile data. | 1000 |
spring.boot.admin.ui.enable-toasts |
Enables or disables toast notifications. | false |
spring.boot.admin.ui.title |
Browser's window title value. | "" |
spring.boot.admin.ui.brand |
HTML code rendered in the navigation header and defaults to the Spring Boot Admin label. By default, the Spring Boot Admin logo is followed by its name. | "" |
management.scheme |
Value that is substituted in the service URL used for accessing the actuator endpoints. | |
management.address |
Value that is substituted in the service URL used for accessing the actuator endpoints. | |
management.port |
Value that is substituted in the service URL used for accessing the actuator endpoints. | |
management.context-path |
Value that is appended to the service URL used for accessing the actuator endpoints. | ${spring.boot.admin.discovery.converter.management-context-path} |
health.path |
Value that is appended to the service URL used for health checking. Ignored by the EurekaServiceInstanceConverter . |
${spring.boot.admin.discovery.converter.health-endpoint} |
spring.boot.admin.discovery.enabled |
Enables the DiscoveryClient support for the admin server. |
true |
spring.boot.admin.discovery.converter.management-context-path |
Value that is appended to the service-url of the discovered service when the management-url value is converted by the DefaultServiceInstanceConverter . |
/actuator |
spring.boot.admin.discovery.converter.health-endpoint-path |
Value that is appended to the management-url of the discovered service when the health-url value is converted by the DefaultServiceInstanceConverter . |
"health" |
spring.boot.admin.discovery.ignored-services |
Services that are ignored when using discovery and not registered as application. Supports simple patterns such as "foo*" , "*bar" , and "foo*bar*" . |
|
spring.boot.admin.discovery.services |
Services included when using discovery and registered as application. Supports simple patterns such as "foo*" , "*bar" , and "foo*bar*" . |
"*" |
spring.boot.admin.discovery.ignored-instances-metadata |
Services ignored if they contain at least one metadata item that matches patterns in this list. Supports patterns such as "discoverable=false" . |
|
spring.boot.admin.discovery.instances-metadata |
Services included if they contain at least one metadata item that matches patterns in list. Supports patterns such as "discoverable=true" . |
logging.*
namespace should be forbidden. For example, writing log files by using logging.file
should be forbidden.Integrate the managed Admin for Spring with Eureka Server for Spring
Events
Mar 17, 11 PM - Mar 21, 11 PM
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowTraining
Module
Deploy a Spring Boot app to Azure Container Apps - Training
In this module, you learn how to deploy a Spring Boot app to Azure Container Apps. You deploy a Spring Boot application to Azure Container Apps and maintain it using the built-in Java stack.
Certification
Microsoft Certified: Azure Administrator Associate - Certifications
Demonstrate key skills to configure, manage, secure, and administer key professional functions in Microsoft Azure.
Documentation
Connect to a managed Config Server for Spring in Azure Container Apps
Learn how to connect a Config Server for Spring to your container app.
Java on Azure Container Apps overview
Learn about the tools and resources needed to run Java applications on Azure Container Apps.
How to turn on Java features in Azure Container Apps
How to turn on Java features to use Java-optimized supports in Azure Container Apps