In this tutorial, you will learn to create a Docker image for your Spring Cloud Config Server, which uses Symmetric or Asymmetric encryption to protect sensitive information.
To learn how to create Spring Cloud Config that uses Symmetric encryption, read Spring Cloud Config – Symmetric Encryption and Decryption(Includes Video tutorial). And to learn how to create Spring Cloud Config server that uses Asymmetric encryption read Spring Cloud Config – Asymmetric Encryption and Decryption(Includes Video tutorial).
To learn more about building and running RESTful Microservices with Spring Boot and Spring Cloud, check out my online video course: Spring Boot Microservices and Spring Cloud.
Creating Docker File
FROM openjdk:8-jdk-alpine MAINTAINER appsdeveloperblog.com VOLUME /tmp COPY UnlimitedJCEPolicyJDK8/* /usr/lib/jvm/java-1.8-openjdk/jre/lib/security/ ADD target/ConfigServer-0.0.1-SNAPSHOT.jar ConfigServer.jar ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/ConfigServer.jar"]
- For Java 8 only, when creating a Docker image for Spring Cloud Config server that uses encryption, it is important to include Unlimited JCE Policy jar files so that they can be added to JDK. In the above Docker file, I use the COPY command to include files from “UnlimitedJCEPolicyJDK8” folder that I have downloaded from the Oracle website.
Including JKS File
If your Spring Cloud Config server uses Asymmetric Encryption with the JKS file, include the JKS file in the /src/main/resources folder of your Spring Cloud Config server Spring Boot application.
Configure classpath for JKS file in bootstrap.properties
When configuring the location of the JKS file in a bootstrap.properties, use classpath as it is in the example below:
encrypt.key-store.location=classpath:apiEncryptionKey.jks encrypt.key-store.password=1q2w3e4r encrypt.key-store.alias=apiEncryptionKey
If your Spring Cloud Config Server uses Spring Cloud Bus and RabbitMQ, and the RabbitMQ server is running in a Docker container, then in the application.properties file of your Config Server, configure spring.rabbitmq.host to point to an IP address of the RabbitMQ server running in the Docker image.
spring.rabbitmq.host=192.168.1.2 spring.rabbitmq.port=5672 spring.rabbitmq.username=guest spring.rabbitmq.password=guest
Note: To learn which IP address to use:
- Run your RabbitMQ server in a Docker container,
- Then run docker ps command to learn the Container Id of your RabbitMQ Docker Image,
- Then use docker inspect <Container Id> to get detailed information about your Docker container. Find your RabbitMQ Server’s IP address and use it for spring.rabbitmq.host as shown in the property file above.
Build and Run Config Server in Docker Container
docker build --tag=my-config-server --rm=true .
docker run -d -p 8012:8012 my-config-server
Note: Port number 8012 is the port number on which my Spring Cloud Config server Spring Boot application is configured to run. This port number is configured in the application.properties Spring Cloud Config Spring Boot application.
Spring Cloud Video Course
To learn more about how to build and run RESTful Microservices with Spring Boot and Spring Cloud, check out my online video course: Spring Boot Microservices and Spring Cloud.