Skip to main content

Overview

The Config Server provides centralized, externalized configuration management for all microservices in the Sistema de Ventas architecture. Built with Spring Cloud Config, it serves configuration files from a Git repository, enabling dynamic configuration updates without service restarts.

Key Features

  • Centralized Configuration: Single source of truth for all service configurations
  • Git-Backed Storage: Version-controlled configuration files
  • Environment Profiles: Support for development, staging, and production profiles
  • Dynamic Refresh: Update configurations without restarting services
  • Security: HTTP Basic authentication for configuration access
  • Encryption: Support for encrypted property values

Architecture

Server Configuration

Application Settings

application.yml
server:
  port: 7070
  
spring:
  application:
    name: config-server
  cloud:
    config:
      server:
        git:
          uri: https://github.com/Erick-Franco/Sistema-ventas-ms.git
          searchPaths: config-data
          default-label: main
  security:
    user:
      name: root
      password: 123456
Configuration Details:
  • Port 7070: Default Config Server port
  • Git URI: Remote repository containing configuration files
  • searchPaths: Directory within repository containing config files
  • default-label: Git branch to use (main)
  • Security: HTTP Basic authentication credentials

Implementation

Main Application Class

JeaConfigServerApplication.java
package com.example.jeaconfigserver;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.config.server.EnableConfigServer;

@SpringBootApplication
@EnableConfigServer
public class JeaConfigServerApplication {

    public static void main(String[] args) {
        SpringApplication.run(JeaConfigServerApplication.class, args);
    }
}
The @EnableConfigServer annotation activates the Config Server functionality.

Maven Dependencies

pom.xml
<properties>
    <java.version>17</java.version>
    <spring-cloud.version>2025.0.0-RC1</spring-cloud.version>
</properties>

<dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-config-server</artifactId>
    </dependency>
</dependencies>

<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-dependencies</artifactId>
            <version>${spring-cloud.version}</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>
Spring Security is included to protect configuration endpoints with HTTP Basic authentication.

Configuration Repository Structure

The Git repository contains configuration files for each microservice: 
config-data/
├── jea-auth-service.yml
├── jea-catalogo-service.yml
├── jea-cliente-service.yml
├── jea-compra-service.yml
├── jea-gateway-service.yml
├── jea-pagos-service.yml
├── jea-pedido-service.yml
├── jea-proveedor-service.yml
├── jea-registry-service.yml
└── jea-venta-service.yml

Client Configuration

Connecting to Config Server

Microservices connect using the following pattern:
application.yml (Client)
spring:
  application:
    name: jea-gateway-service
  profiles:
    active: development
  config:
    import: optional:configserver:http://root:123456@localhost:7070
  • application.name: Must match the config file name in Git repository
  • profiles.active: Environment profile (development, production, etc.)
  • config.import: Config Server URL with credentials
  • optional: Service starts even if Config Server is unavailable

Configuration Priority

Config Server follows this priority order (highest to lowest):
  1. {application}-{profile}.yml (e.g., jea-gateway-service-production.yml)
  2. {application}.yml (e.g., jea-gateway-service.yml)
  3. application-{profile}.yml (e.g., application-production.yml)
  4. application.yml

Configuration Examples

Gateway Service Configuration

config-data/jea-gateway-service.yml
server:
  port: 8085

eureka:
  client:
    serviceUrl:
      defaultZone: ${EUREKA_URI:http://localhost:8090/eureka}

spring:
  cloud:
    gateway:
      routes:
        - id: jea-auth-service
          uri: lb://jea-auth-service
          predicates:
            - Path=/auth/**, /usuario/**, /rol/**

Registry Service Configuration

config-data/jea-registry-service.yml
server:
  port: 8090

eureka:
  instance:
    hostname: localhost
  client:
    registerWithEureka: false
    fetchRegistry: false
    serviceUrl:
      defaultZone: http://${eureka.instance.hostname}:${server.port}/eureka/

REST API Endpoints

The Config Server exposes RESTful endpoints for configuration access:

Get Configuration

# Get default profile configuration
curl -u root:123456 http://localhost:7070/jea-gateway-service/default

# Get specific profile configuration
curl -u root:123456 http://localhost:7070/jea-gateway-service/development

# Get configuration from specific branch
curl -u root:123456 http://localhost:7070/jea-gateway-service/development/main

Endpoint Patterns

/{application}/{profile}[/{label}]
/{application}-{profile}.yml
/{label}/{application}-{profile}.yml
/{application}-{profile}.properties
/{label}/{application}-{profile}.properties

Parameters

  • : Service name
  • : Environment profile
  • : Git branch (default: main)

Response Formats

  • JSON (default)
  • YAML
  • Properties

Configuration Refresh

Dynamic Configuration Updates

Services can refresh configuration without restart using Spring Cloud Bus and the /actuator/refresh endpoint.

Enable Refresh in Clients

Client pom.xml
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
Client application.yml
management:
  endpoints:
    web:
      exposure:
        include: refresh

# Trigger refresh on specific service
curl -X POST http://localhost:8085/actuator/refresh

Security

HTTP Basic Authentication

The Config Server uses Spring Security for authentication: 
spring:
  security:
    user:
      name: root
      password: 123456
In production, use strong passwords and consider:
  • Environment variables for credentials
  • OAuth2 authentication
  • Vault integration for secrets
  • HTTPS for encrypted communication

Encrypting Sensitive Values

Config Server supports encryption for sensitive properties:
Example with encryption
spring:
  datasource:
    password: '{cipher}AQA8Jf5DkP7...encrypted-value...'
Generate encrypted values: 
curl -u root:123456 http://localhost:7070/encrypt -d "my-secret-password"

Running the Config Server

Prerequisites

  1. Java 17+ installed
  2. Maven 3.6+ installed
  3. Git repository with configuration files
  4. Network access to Git repository

Startup Commands

# Using Maven
mvn spring-boot:run

# Using JAR
java -jar target/jea-config-server-0.0.1-SNAPSHOT.jar

Verification

# Check server health
curl http://localhost:7070/actuator/health

# Fetch a configuration
curl -u root:123456 http://localhost:7070/jea-gateway-service/default

Git Repository Configuration

Public Repository

spring:
  cloud:
    config:
      server:
        git:
          uri: https://github.com/username/config-repo.git

Private Repository with SSH

spring:
  cloud:
    config:
      server:
        git:
          uri: [email protected]:username/config-repo.git
          ignoreLocalSshSettings: false
          privateKey: |
            -----BEGIN RSA PRIVATE KEY-----
            ...
            -----END RSA PRIVATE KEY-----

Private Repository with HTTPS

spring:
  cloud:
    config:
      server:
        git:
          uri: https://github.com/username/config-repo.git
          username: ${GIT_USERNAME}
          password: ${GIT_TOKEN}

Environment-Specific Configuration

Multiple Profiles

Create profile-specific configuration files: 
config-data/
├── jea-gateway-service.yml          # Default
├── jea-gateway-service-dev.yml      # Development
├── jea-gateway-service-staging.yml  # Staging
└── jea-gateway-service-prod.yml     # Production
Activate profile in client: 
spring:
  profiles:
    active: prod

Environment Variables

Use environment variables for deployment flexibility:
jea-gateway-service.yml
eureka:
  client:
    serviceUrl:
      defaultZone: ${EUREKA_URI:http://localhost:8090/eureka}

spring:
  datasource:
    url: ${DB_URL:jdbc:postgresql://localhost:5432/sales}
    username: ${DB_USER:postgres}
    password: ${DB_PASSWORD:postgres}

Monitoring and Troubleshooting

Health Check

curl http://localhost:7070/actuator/health
Response: 
{
  "status": "UP",
  "components": {
    "configServer": {
      "status": "UP"
    }
  }
}

Common Issues

Error: 404 Not Found when accessing configurationCauses:
  • Application name mismatch
  • Configuration file not in correct directory
  • Git repository not accessible
Solution:
  • Verify spring.application.name matches config file name
  • Check searchPaths configuration
  • Verify Git repository URL and credentials
Error: 401 UnauthorizedCauses:
  • Incorrect username/password
  • Missing credentials in client config
Solution:
spring:
  config:
    import: configserver:http://username:password@localhost:7070
Error: Cannot connect to Git repositoryCauses:
  • Network connectivity
  • Invalid credentials
  • Repository not found
Solution:
  • Test Git access: git clone <repository-url>
  • Verify credentials and permissions
  • Check firewall rules
Error: Client service fails to startCauses:
  • Config Server not running
  • Timeout connecting to Config Server
Solution:
  • Use optional:configserver: prefix for optional config
  • Start Config Server before client services
  • Increase timeout:
spring:
  cloud:
    config:
      request-read-timeout: 10000

Best Practices

1

Version Control All Configurations

Store all configuration in Git for:
  • Change tracking
  • Rollback capability
  • Team collaboration
  • Audit trail
2

Use Environment Variables for Secrets

Never commit sensitive data:
spring:
  datasource:
    password: ${DB_PASSWORD}
Or use encryption:
spring:
  datasource:
    password: '{cipher}ENCRYPTED_VALUE'
3

Implement Proper Security

  • Use HTTPS in production
  • Strong authentication credentials
  • Network isolation
  • Regular security audits
4

Monitor Configuration Access

Enable actuator endpoints:
management:
  endpoints:
    web:
      exposure:
        include: health,info,env
5

Document Configuration Properties

Add comments in YAML files:
# Database connection pool settings
spring:
  datasource:
    hikari:
      maximum-pool-size: 10  # Max connections

High Availability

For production deployments, run multiple Config Server instances:
Client configuration
spring:
  cloud:
    config:
      uri:
        - http://config-server-1:7070
        - http://config-server-2:7070
        - http://config-server-3:7070
      fail-fast: true
      retry:
        max-attempts: 6
        initial-interval: 1000

Performance Optimization

Enable Caching

spring:
  cloud:
    config:
      server:
        git:
          refreshRate: 60
Reduces Git repository polling

Clone on Start

spring:
  cloud:
    config:
      server:
        git:
          cloneOnStart: true
Faster first request response

Shallow Clone

spring:
  cloud:
    config:
      server:
        git:
          clone-on-start: true
          force-pull: true
Reduces clone time

Client-Side Caching

spring:
  cloud:
    config:
      allow-override: true
Cache config locally

Integration Examples

With Vault for Secrets

spring:
  cloud:
    config:
      server:
        vault:
          host: vault.example.com
          port: 8200
          token: ${VAULT_TOKEN}

With Composite Backend

spring:
  cloud:
    config:
      server:
        composite:
          - type: git
            uri: https://github.com/user/config-repo
          - type: vault
            host: localhost
            port: 8200

Build docs developers (and LLMs) love

Get started for freeTalk to us