These are chat archives for spring-cloud/spring-cloud

18th
Apr 2016
Jose Armesto
@fiunchinho
Apr 18 2016 06:14
so no experience in canary releases?
Andreas Evers
@andreasevers
Apr 18 2016 08:29
Hi, I was wondering if Spring Cloud Eureka could benefit from subnet-filter functionality. I’ve integrated this in our Spring Boot Eureka’s application, but does it make sense to make a PR for this to have the functionality available in the Spring Cloud libraries?
Our usecase is that we have a Eureka per environment, and people keep registering by accident their local microservice under development to the production Eureka. If that microservice has an older version present on production already, calls to that microservice get routed partially to the local microservice which is erroneous of course.
Dave Syer
@dsyer
Apr 18 2016 08:29
I guess that's a step in the right direction.
Wouldn't a better security layer fix it better?
Andreas Evers
@andreasevers
Apr 18 2016 08:30
as in firewalls?
Dave Syer
@dsyer
Apr 18 2016 08:30
As in Spring Security
Don't give the credentials for production to development apps
Firewalls would also work in your case right?
Andreas Evers
@andreasevers
Apr 18 2016 08:31
yeah it would, but people log into the firewall for testing and then allow their local microservice to register…
Dave Syer
@dsyer
Apr 18 2016 08:31
PR welcome of course, but I would prefer to see a Spring Security solution (you can probably do the subnet filter at that layer)
We already support HTTP basic from the client
And the PCF team have OAuth2 working
Andreas Evers
@andreasevers
Apr 18 2016 08:32
but the credentials would be in the bootstrap.yml I suppose?
bootstrap-prod.yml then
Dave Syer
@dsyer
Apr 18 2016 08:33
You need credentials from somewhere, unless it's a physical/network solution
Andreas Evers
@andreasevers
Apr 18 2016 08:33
in case people start their app with the prod profile that would have the same bad result
Dave Syer
@dsyer
Apr 18 2016 08:33
I don't think the physical/network idea is bad at all. I just wonder if there's a Spring Security way to implement it.
Andreas Evers
@andreasevers
Apr 18 2016 08:33
maybe with env variables…
Dave Syer
@dsyer
Apr 18 2016 08:33
env vars are more secure for credentials anyway
or a config server
Andreas Evers
@andreasevers
Apr 18 2016 08:35
yeah we’re using the config server but since you can call the production config with the prod profile, it would again be the same result
so either the subnet filter or env variables :)
Dave Syer
@dsyer
Apr 18 2016 08:35
Make it secure
Andreas Evers
@andreasevers
Apr 18 2016 08:36
I’ll see if we can migrate our implementation to Spring Security, if so I’ll definitely do a PR
Dave Syer
@dsyer
Apr 18 2016 08:38
I suspect that if you can do it with Spring Security it's no longer a Spring Cloud feature. See how it goes.
Andreas Evers
@andreasevers
Apr 18 2016 08:40
Okay! Thanks for the feedback.
Alexandre Thenorio
@ByteFlinger
Apr 18 2016 09:50
Hi. I am wondering what has hapened to spring cloud bus redis. I cannot seem to find it anymore. Has it been removed?
Spencer Gibb
@spencergibb
Apr 18 2016 09:51
It’s not part of the BOM anymore. https://github.com/spring-cloud/spring-cloud-stream-binder-redis The stream team doesn’t deem it worthy of production.
Alexandre Thenorio
@ByteFlinger
Apr 18 2016 09:52
So it is not going to be part of Brixton release then :(
Spencer Gibb
@spencergibb
Apr 18 2016 09:53
Not in the Brixton BOM
Alexandre Thenorio
@ByteFlinger
Apr 18 2016 09:53
Damn. Thanks
Also is spring cloud bus now spring cloud stream or is spring cloud bus making use of stream or what exactly is the way forward
Spencer Gibb
@spencergibb
Apr 18 2016 09:54
bus is built on top of stream now. So when there are new binders, bus can use them.
Alexandre Thenorio
@ByteFlinger
Apr 18 2016 09:54
Good to know. Thanks
Koizumi85
@Koizumi85
Apr 18 2016 16:09
hi together... little question... is it planned, that BRIXTON will work with spring boot 1.4? Or wouldn't this be guaranteed?
Dave Syer
@dsyer
Apr 18 2016 16:09
We haven't started testing yet
The plan is to make it work if at all possible
Koizumi85
@Koizumi85
Apr 18 2016 16:10
would be really nice :)
Dave Syer
@dsyer
Apr 18 2016 16:10
Agree
Koizumi85
@Koizumi85
Apr 18 2016 16:10
the new testing features of 1.4 are absolutely awesome :)
Dave Syer
@dsyer
Apr 18 2016 16:11
Good
Koizumi85
@Koizumi85
Apr 18 2016 16:11
I think i will make some tests on myself on weekend if I can find time for it.
Marcos Barbero
@marcosbarbero
Apr 18 2016 21:14
@spencergibb I’m having a problem with Zuul encoding in the URI.
Shouldn’t this method validate the request.getCharacterEncoding before set WebUtils.DEFAULT_CHARACTER_ENCODING?
Sharif Ghazzawi
@Sghazzawi
Apr 18 2016 21:16
Hey all, I have been trying to integrate a Feign client w/ SalesForce API and I'm running into the following issue. Upon authenticating , the Login endpoint returns a payload that specifies where to make subsequent API calls. Is there a way to dynamically set the URL at runtime to support this?
Marcos Barbero
@marcosbarbero
Apr 18 2016 21:22
@spencergibb something like that
public String buildZuulRequestURI(HttpServletRequest request) {
        RequestContext context = RequestContext.getCurrentContext();
        String uri = request.getRequestURI();
        String contextURI = (String) context.get("requestURI");
        String characterEncoding = request.getCharacterEncoding() != null ? request.getCharacterEncoding() : WebUtils.DEFAULT_CHARACTER_ENCODING;
        if (contextURI != null) {
            try {
                uri = UriUtils.encodePath(contextURI, characterEncoding);
            }
            catch (Exception e) {
                log.debug(
                        "unable to encode uri path from context, falling back to uri from request",
                        e);
            }
        }
        return uri;
    }
Marcos Barbero
@marcosbarbero
Apr 18 2016 21:55
@spencergibb I made a pull request spring-cloud/spring-cloud-netflix#975 If it’s a wrong approach You can close it. Thanks.
Sharif Ghazzawi
@Sghazzawi
Apr 18 2016 22:04
@spencergibb is there a way to use a Feign client w/ a service/URL that is not known until run time?