1

我正在设置一个使用 VAULT 存储机密的 Spring Boot 云配置服务器。

保险柜身份验证机制设置为 AWS_IAM。我的类路径中也有 aws-java-sdk。还配置了 Aws cli。

当我向配置服务器发出请求时,除了第一个请求之外,我能够从 VAULT 获取秘密

对配置服务器的第一个请求失败,因为它试图安排任务在到期后更新保险库令牌(来自保险库响应)

application.properties 中的配置

       spring.profiles.active=保险库
       spring.cloud.config.server.vault.kv-version=2
       spring.cloud.config.server.vault.authentication=aws_iam

错误日志是

    2020-02-07 18:47:17.089 调试 19328 --- [nio-8088-exec-3] osvaAwsIamAuthentication:登录成功 ********************** ******************************************
    2020-02-07 18:47:17.091 INFO 19328 --- [nio-8088-exec-3] osvaLifecycleAwareSessionManager:调度令牌更新
    2020-02-07 18:47:17.100 调试 19328 --- [nio-8088-exec-3] osweb.servlet.DispatcherServlet:未能完成请求:java.lang.IllegalStateException:未初始化 ThreadPoolTask​​Scheduler
    2020-02-07 18:47:17.107 错误 19328 --- [nio-8088-exec-3] oaccC[.[.[/].[dispatcherServlet]:Servlet.service() 用于 servlet [dispatcherServlet] path [] 抛出异常 [请求处理失败;嵌套异常是 java.lang.IllegalStateException: ThreadPoolTask​​Scheduler not initialized] 根本原因

    java.lang.IllegalStateException:未初始化 ThreadPoolTask​​Scheduler
        在 org.springframework.util.Assert.state(Assert.java:73) ~[spring-core-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.scheduling.concurrent.ThreadPoolTask​​Scheduler.getScheduledExecutor(ThreadPoolTask​​Scheduler.java:155) ~[spring-context-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.scheduling.concurrent.ThreadPoolTask​​Scheduler.schedule(ThreadPoolTask​​Scheduler.java:307) ~[spring-context-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.vault.authentication.LifecycleAwareSessionManager.lambda$scheduleRenewal$3(LifecycleAwareSessionManager.java:369) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 java.util.Optional.ifPresent(Optional.java:159) ~[na:1.8.0_201]
        在 org.springframework.vault.authentication.LifecycleAwareSessionManager.scheduleRenewal(LifecycleAwareSessionManager.java:369) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.authentication.LifecycleAwareSessionManager.doGetSessionToken(LifecycleAwareSessionManager.java:318) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.authentication.LifecycleAwareSessionManager.getSessionToken(LifecycleAwareSessionManager.java:277) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.core.VaultTemplate.lambda$getSessionInterceptor$1(VaultTemplate.java:276) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.vault.client.VaultClients.lambda$createRestTemplate$0(VaultClients.java:128) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:742) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.client.RestTemplate.execute(RestTemplate.java:677) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:615) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.vault.core.VaultKeyValueAccessor.lambda$doRead$1(VaultKeyValueAccessor.java:133) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.core.VaultKeyValueAccessor.lambda$doRead$2(VaultKeyValueAccessor.java:168) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.core.VaultTemplate.doWithSession(VaultTemplate.java:466) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:165) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:132) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.core.VaultKeyValueAccessor.doRead(VaultKeyValueAccessor.java:109) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.vault.core.VaultKeyValue2Template.get(VaultKeyValue2Template.java:53) ~[spring-vault-core-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.vault.SpringVaultEnvironmentRepository.read(SpringVaultEnvironmentRepository.java:51) ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.AbstractVaultEnvironmentRepository.findOne(AbstractVaultEnvironmentRepository.java:88) ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.EnvironmentRepository.findOne(EnvironmentRepository.java:31) ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.EnvironmentRepository$$FastClassBySpringCGLIB$$6ae93c63.invoke() ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:769) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:747) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.validation.beanvalidation.MethodValidationInterceptor.invoke(MethodValidationInterceptor.java:120) ~[spring-context-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:747) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:689) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.cloud.config.server.environment.vault.SpringVaultEnvironmentRepository$$EnhancerBySpringCGLIB$$4d24df30.findOne() ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.CompositeEnvironmentRepository.findOne(CompositeEnvironmentRepository.java:58) ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.EnvironmentEncryptorEnvironmentRepository.findOne(EnvironmentEncryptorEnvironmentRepository.java:61) ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.EnvironmentController.getEnvironment(EnvironmentController.java:144) ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.cloud.config.server.environment.EnvironmentController.defaultLabel(EnvironmentController.java:108) ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_201]
        在 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_201]
        在 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_201]
        在 java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_201]
        在 org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) ~[spring-core-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:747) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:689) ~[spring-aop-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.cloud.config.server.environment.EnvironmentController$$EnhancerBySpringCGLIB$$fb6d1754.defaultLabel() ~[spring-cloud-config-server-2.2.1.RELEASE.jar:2.2.1.RELEASE]
        在 sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_201]
        在 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_201]
        在 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_201]
        在 java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_201]
        在 org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:106) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:888) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 javax.servlet.http.HttpServlet.service(HttpServlet.java:634) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 javax.servlet.http.HttpServlet.service(HttpServlet.java:741) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108) ~[spring-boot-actuator-2.2.4.RELEASE.jar:2.2.4.RELEASE]
        在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.3.RELEASE.jar:5.2.3.RELEASE]
        在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:860) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1598) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_201]
        在 java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_201]
        在 org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.30.jar:9.0.30]
        在 java.lang.Thread.run(Thread.java:748) [na:1.8.0_201]
4

1 回答 1

0

这是 spring-cloud-config 的一个错误。看到这个问题。它应该在 Ilford.M1 中修复。除了更新版本之外,没有其他修复方法。根据此评论

这是一个错误: SpringVaultClientConfiguration 不是 @Configuration 类。Spring Vault 仍然假定 CGlib 代理,而 Spring Cloud Config Vault 支持未使用 @Configuration 注释

我的旧答案供参考。那是错的

在我今天解决之前,我们遇到了同样的问题。看来,即使您能够击中保险库,spring 也默认为NativeEnvironmentRepository. 只需提供您自己的 bean 类型即可VaultEnvironmentRepository解决问题。

@Bean
public VaultEnvironmentRepository vaultEnvironmentRepository(
        ObjectProvider<HttpServletRequest> objectProvider, 
        EnvironmentWatch environmentWatch,
        RestTemplate restTemplate,
        VaultEnvironmentProperties vaultEnvironmentProperties
) {
    return new VaultEnvironmentRepository(objectProvider, environmentWatch, restTemplate, vaultEnvironmentProperties);
}

@Bean
public RestTemplate restTemplate() {
    return new RestTemplate();
}
于 2020-03-16T01:21:22.610 回答