Vert.x Config
Vert.x Config provides a way to configure your Vert.x application. It:
-
offers multiple configuration syntaxes (JSON, properties, Yaml (extension), Hocon (extension)…
-
offers multiple configuration stores such as files, directories, HTTP, git (extension), Redis (extension), system properties and environment properties.
-
lets you define the processing order and overloading
-
supports runtime reconfiguration
Concepts
The library is structured around:
-
a*Config Retriever instantiated and used by the Vert.x application. It configures a set of configuration store Configuration store** defines a location from where the configuration data is read and also a format (JSON by default)
The configuration is retrieved as a JSON Object.
Using the Config Retriever
To use the Config Retriever, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
----
Once done, you first need to instantiate the ConfigRetriever
:
ConfigRetriever retriever = ConfigRetriever.create(vertx);
By default, the Config Retriever is configured with the following stores (in this order):
-
The Vert.x verticle
config()
-
The system properties
-
The environment variables
-
A
conf/config.json
file. This path can be overridden using thevertx-config-path
system property orVERTX_CONFIG_PATH
environment variable.
You can configure your own stores:
ConfigStoreOptions httpStore = new ConfigStoreOptions()
.setType("http")
.setConfig(new JsonObject()
.put("host", "localhost").put("port", 8080).put("path", "/conf"));
ConfigStoreOptions fileStore = new ConfigStoreOptions()
.setType("file")
.setConfig(new JsonObject().put("path", "my-config.json"));
ConfigStoreOptions sysPropsStore = new ConfigStoreOptions().setType("sys");
ConfigRetrieverOptions options = new ConfigRetrieverOptions()
.addStore(httpStore).addStore(fileStore).addStore(sysPropsStore);
ConfigRetriever retriever = ConfigRetriever.create(vertx, options);
More details about the overloading rules and available stores are available below. Each store can be marked as
optional
. If a failure is caught while retrieving (or processing) the configuration from an optional store, the failure
is logged, but the processing does not fail. Instead, an empty JSON object is returned ({}
). To mark a store as
optional, use the optional
attribute:
ConfigStoreOptions fileStore = new ConfigStoreOptions()
.setType("file")
.setOptional(true)
.setConfig(new JsonObject().put("path", "my-config.json"));
ConfigStoreOptions sysPropsStore = new ConfigStoreOptions().setType("sys");
ConfigRetrieverOptions options = new ConfigRetrieverOptions().addStore(fileStore).addStore(sysPropsStore);
ConfigRetriever retriever = ConfigRetriever.create(vertx, options);
Once you have the instance of the Config Retriever, retrieve the configuration as follows:
retriever.getConfig(ar -> {
if (ar.failed()) {
// Failed to retrieve the configuration
} else {
JsonObject config = ar.result();
}
});
Overloading rules
The declaration order of the configuration store is important as it defines the overloading. For conflicting key, configuration stores arriving last overloads the value provided by the previous configuration stores. Let’s take an example. We have 2 configuration stores:
-
A
provides{a:value, b:1}
-
B
provides{a:value2, c:2}
Declared in this order (A, B), the resulting configuration would be:
{a:value2, b:1, c:2}
.
If you declare them in the reverse order (B, A), you will get: {a:value, b:1, c:2}
.
Using the retrieve configuration
The retrieve configuration allows:
-
configuring verticles,
-
configure ports, clients, locations and so on,
-
configuring Vert.x itself
This section gives a few examples of usage.
Configuring a single verticle
The following example can be placed in the start
method of a verticle. It retrieves the configuration (using the
default stores), and configure an HTTP server with the content of the configuration.
ConfigRetriever retriever = ConfigRetriever.create(vertx);
retriever.getConfig(json -> {
JsonObject result = json.result();
vertx.createHttpServer()
.requestHandler(req -> result.getString("message"))
.listen(result.getInteger("port"));
});
Configuring a set of verticles
The following example configures 2 verticles using the configurations contained in the verticles.json
file:
ConfigRetriever retriever = ConfigRetriever.create(vertx, new ConfigRetrieverOptions()
.addStore(new ConfigStoreOptions().setType("file").setConfig(new JsonObject().put("path", "verticles.json"))));
retriever.getConfig(json -> {
JsonObject a = json.result().getJsonObject("a");
JsonObject b = json.result().getJsonObject("b");
vertx.deployVerticle(GreetingVerticle.class.getName(), new DeploymentOptions().setConfig(a));
vertx.deployVerticle(GreetingVerticle.class.getName(), new DeploymentOptions().setConfig(b));
});
Configuring Vert.x itself
You can also configure Vert.x directly. For this, you need a temporary Vert.x instance used to retrieve the configuration. Then the actual instance is created:
Vertx vertx = Vertx.vertx();
// Create the config retriever
ConfigRetriever retriever = ConfigRetriever.create(vertx, new ConfigRetrieverOptions()
.addStore(new ConfigStoreOptions().setType("file").setConfig(new JsonObject().put("path", "vertx.json"))));
// Retrieve the configuration
retriever.getConfig(json -> {
JsonObject result = json.result();
// Close the vert.x instance, we don't need it anymore.
vertx.close();
// Create a new Vert.x instance using the retrieve configuration
VertxOptions options = new VertxOptions(result);
Vertx newVertx = Vertx.vertx(options);
// Deploy your verticle
newVertx.deployVerticle(GreetingVerticle.class.getName(), new DeploymentOptions().setConfig(result.getJsonObject("a")));
});
Propagating configuration changes to the event bus
Vert.x Config notifies you when the configuration changes. If you want to react to this event, you need to implement the reaction yourself. For instance, you can un-deploy and redeploy verticle or send the new configuration on the event bus. The following example shows this latter case. It sends the new configuration on the event bus. Interested verticles can listen for this address and update themselves:
ConfigRetriever retriever = ConfigRetriever.create(vertx, new ConfigRetrieverOptions()
.addStore(new ConfigStoreOptions().setType("file").setConfig(new JsonObject().put("path", "verticles.json"))));
retriever.getConfig(json -> {
//...
});
retriever.listen(change -> {
JsonObject json = change.getNewConfiguration();
vertx.eventBus().publish("new-configuration", json);
});
Available configuration stores
The Config Retriever provides a set of configuration stores and formats. More are available as extensions, and you can also implement your own.
Structure of the configuration
Each declared data store must specify the type
. It can also define the format
. If
not set JSON is used.
Some configurations tore requires additional configuration (such a path…). This
configuration is passed as a Json Object using setConfig
File
This configuration store just read the configuration from a file. It supports all supported formats.
ConfigStoreOptions file = new ConfigStoreOptions()
.setType("file")
.setFormat("properties")
.setConfig(new JsonObject().put("path", "path-to-file.properties"));
The path
configuration is required.
JSON
The JSON configuration store serves the given JSON config as it is.
ConfigStoreOptions json = new ConfigStoreOptions()
.setType("json")
.setConfig(new JsonObject().put("key", "value"));
The only supported format for this configuration store is JSON.
Environment Variables
This configuration store transforms environment variables to a JSON Object contributed to the global configuration.
ConfigStoreOptions json = new ConfigStoreOptions()
.setType("env");
This configuration store does not support the format
configuration. By default, the retrieved value is
transformed into JSON compatible structures (number, string, boolean, JSON object and JSON array). To avoid this
conversion, configure the raw-data
attribute:
ConfigStoreOptions json = new ConfigStoreOptions()
.setType("env")
.setConfig(new JsonObject().put("raw-data", true));
You can configure the raw-data
attribute (false
by default). If raw-data
is true
no attempts to convert
values is made, and you’ll be able to get raw values using config.getString(key)
. It is useful when manipulating
large integers.
If you want to select the set of keys to import, use the keys
attributes. It filters out all non selected keys. Keys
must be listed individually:
ConfigStoreOptions json = new ConfigStoreOptions()
.setType("env")
.setConfig(new JsonObject().put("keys", new JsonArray().add("SERVICE1_HOST").add("SERVICE2_HOST")));
System Properties
This configuration store transforms system properties to a JSON Object contributed to the global configuration.
ConfigStoreOptions json = new ConfigStoreOptions()
.setType("sys")
.setConfig(new JsonObject().put("cache", "false"));
This configuration store does not support the format
configuration.
You can configure the cache
attribute (true
by default) let you decide whether or
not it caches the system properties on the first access and does not reload them.
You can also configure the raw-data
attribute (false
by default). If raw-data
is true
no attempts to convert
values is made, and you’ll be able to get raw values using config.getString(key)
. It is useful when manipulating
large integers.
HTTP
This configuration store retrieves the configuration from an HTTP location. It can use any supported format.
ConfigStoreOptions http = new ConfigStoreOptions()
.setType("http")
.setConfig(new JsonObject()
.put("host", "localhost")
.put("port", 8080)
.put("path", "/A"));
It creates a Vert.x HTTP Client with the store configuration (see next snippet). To
ease the configuration; you can also configure the host
, port
and path
with the
host
, port
and path
properties.
ConfigStoreOptions http = new ConfigStoreOptions()
.setType("http")
.setConfig(new JsonObject()
.put("defaultHost", "localhost")
.put("defaultPort", 8080)
.put("ssl", true)
.put("path", "/A"));
Event Bus
This event bus configuration store receives the configuration from the event bus. This stores let you distribute your configuration among your local and distributed components.
ConfigStoreOptions eb = new ConfigStoreOptions()
.setType("event-bus")
.setConfig(new JsonObject()
.put("address", "address-getting-the-conf")
);
This configuration store supports any format.
Directory
This configuration store is similar to the file
configuration store, but instead of
reading a single file, read several files from a directory.
This configuration store configuration requires:
-
a
path
- the root directory in which files are located -
at least one
fileset
- an object to select the files -
for properties file, you can indicate if you want to disable the type conversion using the
raw-data
attribute
Each fileset
contains:
* a pattern
: a Ant-style pattern to select files. The pattern is applied on the
relative path of the files from the current working directory.
* an optional format
indicating the format of the files (each fileset can use a
different format, BUT files in a fileset must share the same format).
ConfigStoreOptions dir = new ConfigStoreOptions()
.setType("directory")
.setConfig(new JsonObject().put("path", "config")
.put("filesets", new JsonArray()
.add(new JsonObject().put("pattern", "dir/*json"))
.add(new JsonObject().put("pattern", "dir/*.properties")
.put("format", "properties"))
));
ConfigStoreOptions dirWithRawData = new ConfigStoreOptions()
.setType("directory")
.setConfig(new JsonObject().put("path", "config")
.put("filesets", new JsonArray()
.add(new JsonObject().put("pattern", "dir/*json"))
.add(new JsonObject().put("pattern", "dir/*.properties")
.put("format", "properties").put("raw-data", true))
));
Properties file and raw data
Vert.x Config can read properties file. When reading such a file, you can pass the raw-data
attribute to
indicate to Vert.x to not attempt to convert values. It is useful when manipulating large integers. Values can be
retrieved using config.getString(key)
.
ConfigStoreOptions propertyWithRawData = new ConfigStoreOptions()
.setFormat("properties")
.setType("file")
.setConfig(new JsonObject().put("path", "raw.properties").put("raw-data", true)
);
Some properties configuration maybe is hierarchical in nature.
When reading such a file, you can pass the hierarchical
attribute to
indicate to Vert.x to convert the configuration to a json object while maintaining this hierarchy,
in contrast to the previous method with a flat structure.
Example:
server.host=localhost server.port=8080 multiple.values=1,2,3
Get values:
ConfigStoreOptions propertyWitHierarchical = new ConfigStoreOptions()
.setFormat("properties")
.setType("file")
.setConfig(new JsonObject().put("path", "hierarchical.properties").put("hierarchical", true)
);
ConfigRetrieverOptions options = new ConfigRetrieverOptions()
.addStore(propertyWitHierarchical);
ConfigRetriever configRetriever = ConfigRetriever.create(Vertx.vertx(), options);
configRetriever.configStream().handler(config -> {
String host = config.getJsonObject("server").getString("host");
Integer port = config.getJsonObject("server").getInteger("port");
JsonArray multiple = config.getJsonObject("multiple").getJsonArray("values");
for (int i = 0; i < multiple.size(); i++) {
Integer value = multiple.getInteger(i);
}
});
Listening for configuration changes
The Configuration Retriever periodically retrieve the configuration, and if the outcome is different from the current one, your application can be reconfigured. By default, the configuration is reloaded every 5 seconds.
ConfigRetrieverOptions options = new ConfigRetrieverOptions()
.setScanPeriod(2000)
.addStore(store1)
.addStore(store2);
ConfigRetriever retriever = ConfigRetriever.create(Vertx.vertx(), options);
retriever.getConfig(json -> {
// Initial retrieval of the configuration
});
retriever.listen(change -> {
// Previous configuration
JsonObject previous = change.getPreviousConfiguration();
// New configuration
JsonObject conf = change.getNewConfiguration();
});
Retrieving the last retrieved configuration
You can retrieve the last retrieved configuration without "waiting" to be retrieved using:
JsonObject last = retriever.getCachedConfig();
Reading configuration as a stream
The ConfigRetriever
provide a way to access the stream of configuration.
It’s a ReadStream
of JsonObject
. By registering the right
set of handlers you are notified:
-
when a new configuration is retrieved
-
when an error occur while retrieving a configuration
-
when the configuration retriever is closed (the
endHandler
is called).
ConfigRetrieverOptions options = new ConfigRetrieverOptions()
.setScanPeriod(2000)
.addStore(store1)
.addStore(store2);
ConfigRetriever retriever = ConfigRetriever.create(Vertx.vertx(), options);
retriever.configStream()
.endHandler(v -> {
// retriever closed
})
.exceptionHandler(t -> {
// an error has been caught while retrieving the configuration
})
.handler(conf -> {
// the configuration
});
Processing the configuration
You can configure a processor that can validate and update the configuration. This is done using the
setConfigurationProcessor
method.
The prcessing must not return null
. It takes the retrieved configuration and returns the processed one. If the processor
does not update the configuration, it must return the input configuration. If the processor can throw an exception (for
example for validation purpose).
Retrieving the configuration as a Future
The ConfigRetriever
provide a way to retrieve the configuration as a
Future
:
Future<JsonObject> future = ConfigRetriever.getConfigAsFuture(retriever);
future.setHandler(ar -> {
if (ar.failed()) {
// Failed to retrieve the configuration
} else {
JsonObject config = ar.result();
}
});
Extending the Config Retriever
You can extend the configuration by implementing:
-
the
ConfigProcessor
SPI to add support for a format -
the
ConfigStoreFactory
SPI to add support for configuration store (place from where the configuration data is retrieved)
Additional formats
Besides of the out of the box format supported by this library, Vert.x Config provides additional formats you can use in your application.
Hocon Configuration Format
The Hocon Configuration Format extends the Vert.x Configuration Retriever and provides the support for the HOCON(https://github.com/typesafehub/config/blob/master/HOCON.md) format.
It supports includes, json, properties, macros…
Using the Hocon Configuration Format
To use the Hocon Configuration Format, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-hocon</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-hocon:3.9.3'
Configuring the store to use HOCON
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this format:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("file")
.setFormat("hocon")
.setConfig(new JsonObject()
.put("path", "my-config.conf")
);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
You just need to set format
to hocon
.
Yaml Configuration Format
The Yaml Configuration Format extends the Vert.x Configuration Retriever and provides the support for the Yaml Configuration Format format.
Using the Yaml Configuration Format
To use the Yaml Configuration Format, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-yaml</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-yaml:3.9.3'
Configuring the store to use YAML
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this format:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("file")
.setFormat("yaml")
.setConfig(new JsonObject()
.put("path", "my-config.yaml")
);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
You just need to set format
to yaml
.
Additional stores
Besides of the out of the box stores supported by this library, Vert.x Config provides additional stores you can use in your application.
Git Configuration Store
The Git Configuration Store is an extension to the Vert.x Configuration Retriever to retrieve configuration from a Git repository.
Using the Git Configuration Store
To use the Git Configuration, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-git</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-git:3.9.3'
Configuring the store
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this store:
ConfigStoreOptions git = new ConfigStoreOptions()
.setType("git")
.setConfig(new JsonObject()
.put("url", "https://github.com/cescoffier/vertx-config-test.git")
.put("path", "local")
.put("filesets",
new JsonArray().add(new JsonObject().put("pattern", "*.json"))));
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(git));
The configuration requires:
-
the
url
of the repository -
the
path
where the repository is cloned (local directory) -
the
user
for private repository (no authentication by default) -
the
password
of the user -
the
idRsaKeyPath
for private repository and requires ssh uri -
at least
fileset
indicating the set of files to read (same behavior as the directory configuration store).
You can also configure the branch
(master
by default) to use and the name of the
remote
repository (origin
by default).
How does it works
If the local path
does not exist, the configuration store clones the repository into
this directory. Then it reads the file matching the different file sets.
It the local path
exist, it tried to update it (it switches branch if needed)). If the
update failed the configuration retrieval fails.
Periodically, the repositories is updated to check if the configuration has been updated.
Kubernetes ConfigMap Store
The Kubernetes ConfigMap Store extends the Vert.x Configuration Retriever and provides support Kubernetes Config Map and Secrets. So, configuration is retrieved by reading the config map or the secrets.
Using the Kubernetes ConfigMap Store
To use the Kubernetes ConfigMap Store, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-kubernetes-configmap</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-kubernetes-configmap:3.9.3'
Configuring the store
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this store:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("configmap")
.setConfig(new JsonObject()
.put("namespace", "my-project-namespace")
.put("name", "configmap-name")
);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
You need to configure the store to find the right configmap. this is done with:
-
namespace
- the project namespace,default
by default. If theKUBERNETES_NAMESPACE
ENV variable is set, it uses this value. -
name
- the name of the config map -
optional
- whether or not the config map is optional (true
by default)
If the config map is composed by several element, you can use the key
parameter to tell
which key
is read
The application must have the permissions to read the config map.
To read data from a secret, just configure the secret
property to true
:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("configmap")
.setConfig(new JsonObject()
.put("namespace", "my-project-namespace")
.put("name", "my-secret")
.put("secret", true)
);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
If the config map is not available, an empty JSON object is passed as configuration chunk. To disable this
behavior and explicitly fail, you can set the optional
configuration to false
.
Redis Configuration Store
The Redis Configuration Store extends the Vert.x Configuration Retriever and provides the way to retrieve configuration from a Redis server.
Using the Redis Configuration Store
To use the Redis Configuration Store, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-redis</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-redis:3.9.3'
Configuring the store
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this store:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("redis")
.setConfig(new JsonObject()
.put("host", "localhost")
.put("port", 6379)
.put("key", "my-configuration")
);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
The store configuration is used to create an instance of
RedisClient
. check the documentation of the Vert.x Redis Client
for further details.
In addition, you can set the key
instructing the store in which field the configuration
is stored. configuration
is used by default.
The created Redis client retrieves the configuration using the HGETALL
configuration.
Zookeeper Configuration Store
The Zookeeper Configuration Store extends the Vert.x Configuration Retriever and provides the way to retrieve configuration from a Zookeeper server. It uses Apache Curator as client.
Using the Zookeeper Configuration Store
To use the Redis Configuration Store, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-zookeeper</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-zookeeper:3.9.3'
Configuring the store
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this store:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("zookeeper")
.setConfig(new JsonObject()
.put("connection", "localhost:2181")
.put("path", "/path/to/my/conf")
);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
The store configuration is used to configure the Apache Curator client and the path of the Zookeeper node containing the configuration. Notice that the format of the configuration can be JSON, or any supported format.
The configuration requires the configuration
attribute indicating the connection string of the Zookeeper
server, and the path
attribute indicating the path of the node containing the configuration.
In addition you can configure:
-
maxRetries
: the number of connection attempt, 3 by default -
baseSleepTimeBetweenRetries
: the amount of milliseconds to wait between retries (exponential backoff strategy). 1000 ms by default.
Consul Configuration Store
The Consul Configuration Store extends the Vert.x Configuration Retriever and provides the way to retrieve configuration from a Consul.
Using the Consul Configuration Store
To use the Consul Configuration Store, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-consul</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-consul:3.9.3'
Configuring the store
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this store:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("consul")
.setConfig(new JsonObject()
.put("host", "localhost")
.put("port", 8500)
.put("prefix", "foo")
);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
The store configuration is used to create an instance of
ConsulClient
. Check the documentation of the Vert.x Consul Client
for further details. And this is the parameters specific to the Consul Configuration Store:
prefix
-
A prefix that will not be taken into account when building the configuration tree. Defaults to empty.
delimiter
-
Symbol that used to split keys in the Consul storage to obtain levels in the configuration tree. Defaults to "/".
Spring Config Server Store
The Spring Config Server Store extends the Vert.x Configuration Retriever and provides the a way to retrieve configuration from a Spring Server.
Using the Spring Config Server Store
To use the Spring Config Server Store, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-spring-config-server</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-spring-config-server:3.9.3'
Configuring the store
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this store:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("spring-config-server")
.setConfig(new JsonObject().put("url", "http://localhost:8888/foo/development"));
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
Configurable attributes are:
-
url
- theurl
to retrieve the configuration (mandatory), supports two type of formats:-
/{application}/{environment}
which produces response with separated propertySources -
/{application}-{environment}.json
which produces response as JSON with unique fields and resolved Spring placeholders
-
-
timeout
- the timeout (in milliseconds) to retrieve the configuration, 3000 by default -
user
- theuser
(no authentication by default) -
password
- thepassword
-
httpClientConfiguration
- the configuration of the underlying HTTP client
Vault Config Store
The Vault Store extends the Vert.x Configuration Retriever and provides support for Vault (https://www.vaultproject.io/). So, configuration (secrets) is retrieved from Vault.
The secrets engines supported by this store are Vault Key/Value version 1 and version 2 engines (https://www.vaultproject.io/docs/secrets/kv/index.html). Other secrets engine are not supported.
Using the Vault Config Store
To use the Vault Config Store, add the following dependency to the dependencies section of your build descriptor:
-
Maven (in your
pom.xml
):
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config-vault</artifactId>
<version>3.9.3</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-config</artifactId>
<version>3.9.3</version>
</dependency>
-
Gradle (in your
build.gradle
file):
compile 'io.vertx:vertx-config:3.9.3'
compile 'io.vertx:vertx-config-vault:3.9.3'
Configuring the store
Once added to your classpath or dependencies, you need to configure the
ConfigRetriever
to use this store:
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("vault")
.setConfig(config);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
To use the Vault config store, set the type
to vault
. The configuration is provided as Json. It configures the
access to Vault, authentication and the path of the secret to retrieve:
JsonObject vault_config = new JsonObject()
.put("host", "127.0.0.1") // The host name
.put("port", 8200) // The port
.put("ssl", true); // Whether or not SSL is used (disabled by default)
// Certificates
PemKeyCertOptions certs = new PemKeyCertOptions()
.addCertPath("target/vault/config/ssl/client-cert.pem")
.addKeyPath("target/vault/config/ssl/client-privatekey.pem");
vault_config.put("pemKeyCertOptions", certs.toJson());
// Truststore
JksOptions jks = new JksOptions()
.setPath("target/vault/config/ssl/truststore.jks");
vault_config.put("trustStoreOptions", jks.toJson());
// Path to the secret to read.
vault_config.put("path", "secret/my-secret");
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("vault")
.setConfig(vault_config);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));}
The vault_config
object can contain the HTTP client / Web client configuration such as trust stores, timeout,
certificates, port and host. The path
and host
entries are mandatory. The path
indicates the secret to
retrieve. The host
is the hostname of the Vault server. By default the port 8200 is used. SSL is disabled by
default, but you should enable it for production settings.
Then, you need to use one of the following method to configure the token to use or the authentication mechanism.
Using an existing token
If you know the token to use, set the token
entry in the configuration:
JsonObject vault_config = new JsonObject();
// ...
// Path to the secret to read.
vault_config.put("path", "secret/my-secret");
// The token
vault_config.put("token", token);
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("vault")
.setConfig(vault_config);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
You can use the root token, but it’s not recommended. When the token is revoked, the access to the secret is blocked. If the token is renewable, the token is renewed when it expires.
Generating a token
If you have a token allowing you to generate new token, you can request the token generation:
JsonObject vault_config = new JsonObject();
// ...
// Path to the secret to read.
vault_config.put("path", "secret/my-secret");
// Configure the token generation
// Configure the token request (https://www.vaultproject.io/docs/auth/token.html)
JsonObject tokenRequest = new JsonObject()
.put("ttl", "1h")
.put("noDefault", true)
// The token to use to request the generation (parts of the tokenRequest object)
.put("token", token);
vault_config.put("auth-backend", "token") // Indicate the auth backend to use
.put("renew-window", 5000L) // Renew error margin in ms
.put("token-request", tokenRequest); // Pass the token generation configuration
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("vault")
.setConfig(vault_config);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
When using this approach, no token must be provided in the root configuration, the the token use to request the
generation is passed in the nested JSON structure. If the generated token is renewable, it will be
renewed automatically upon expiration. The renew-window
is the time window to add to the token validity to renew
it. If the generated token is revoked, the access to the secret is blocked.
Using certificates
You can use TLS certificates as authentication mechanism. So, you don’t need to know a token, the token is generated automatically.
JsonObject vault_config = new JsonObject();
// ...
PemKeyCertOptions certs = new PemKeyCertOptions()
.addCertPath("target/vault/config/ssl/client-cert.pem")
.addKeyPath("target/vault/config/ssl/client-privatekey.pem");
vault_config.put("pemKeyCertOptions", certs.toJson());
PemTrustOptions trust = new PemTrustOptions()
.addCertPath("target/vault/config/ssl/cert.pem");
vault_config.put("pemTrustStoreOptions", trust.toJson());
JksOptions jks = new JksOptions()
.setPath("target/vault/config/ssl/truststore.jks");
vault_config.put("trustStoreOptions", jks.toJson());
vault_config.put("auth-backend", "cert");
// Path to the secret to read.
vault_config.put("path", "secret/my-secret");
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("vault")
.setConfig(vault_config);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
Check out the HTTP client and Web client configuration to pass the certificates. If the generated token is renewable, it will be renewed. If not, the store attempts to authenticate again.
Using AppRole
AppRole
is used when your application is known by Vault and you have the appRoleId
and secretId
. You don’t
need a token, the token being generated automatically:
JsonObject vault_config = new JsonObject();
// ...
vault_config
.put("auth-backend", "approle") // Set the auth-backend to approle
.put("approle", new JsonObject() // Configure the role id and secret it
.put("role-id", appRoleId).put("secret-id", secretId)
);
// Path to the secret to read.
vault_config.put("path", "secret/my-secret");
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("vault")
.setConfig(vault_config);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
If the generated token is renewable, it will be renewed. If not, the store attempts to authenticate again.
Using username and password
The userpass
auth backend is used when the user / app is authenticated using a username/password. You don’t need a
token as the token is generated during the authentication process:
JsonObject vault_config = new JsonObject();
// ...
vault_config
.put("auth-backend", "userpass") // Set the auth-backend to userpass
.put("user-credentials", new JsonObject()
.put("username", username).put("password", password)
);
// Path to the secret to read.
vault_config.put("path", "secret/my-secret");
ConfigStoreOptions store = new ConfigStoreOptions()
.setType("vault")
.setConfig(vault_config);
ConfigRetriever retriever = ConfigRetriever.create(vertx,
new ConfigRetrieverOptions().addStore(store));
If the generated token is renewable, it will be renewed. If not, the store attempts to authenticate again.