To facilitate the use of Dubbo, the official Dubbo team provides the Dubbo Admin console to manage Dubbo applications.
Dubbo Admin by default has the permission to query and invoke the entire cluster, so it must be used more cautiously in a production environment. Additionally, to reduce the risk of arbitrary access to Dubbo Admin, a simple authentication mechanism is provided. To make Dubbo Admin more secure, please refer to the following documentation.
Dubbo Admin by default provides a login mechanism based on username and password, and uses JWT Token for authentication during requests. To make it beginner-friendly, Dubbo Admin includes a default username, password, and JWT Secret Token.
Because Dubbo Admin is publicly distributed, the default username, password, and JWT Secret Token are also public. In your production environment, please be sure to replace the default username, password, and JWT Secret Token.
For users who package and deploy directly based on Java code, you can modify the following configurations in dubbo-admin-server/src/main/resources/application.properties:
admin.root.user.name=root
admin.root.user.password=root
admin.check.signSecret=86295dd0c4ef69a1036b0b0c15158d77
For users deploying via Docker, you can modify the following configurations in /dubbo/dubbo-admin/properties:
admin.root.user.name=root
admin.root.user.password=root
admin.check.signSecret=86295dd0c4ef69a1036b0b0c15158d77
For users deploying via Kubernetes, you can modify the following configurations in the ConfigMap:
admin.root.user.name=root
admin.root.user.password=root
admin.check.signSecret=86295dd0c4ef69a1036b0b0c15158d77
For users deploying via Helm, you can specify the following configurations:
properties:
admin.root.user.name: root
admin.root.user.password: root
admin.check.signSecret: 86295dd0c4ef69a1036b0b0c15158d77