Add bearer token defaults for Kubernetes plugins (#6356)
This commit is contained in:
parent
6881c64431
commit
284c7fc404
|
@ -41,6 +41,8 @@ avoid cardinality issues:
|
|||
# namespace = "default"
|
||||
|
||||
## Use bearer token for authorization. ('bearer_token' takes priority)
|
||||
## If both of these are empty, we'll use the default serviceaccount:
|
||||
## at: /run/secrets/kubernetes.io/serviceaccount/token
|
||||
# bearer_token = "/path/to/bearer/token"
|
||||
## OR
|
||||
# bearer_token_string = "abc_123"
|
||||
|
@ -265,6 +267,7 @@ The persistentvolumeclaim "phase" is saved in the `phase` tag with a correlated
|
|||
| pending | 2 |
|
||||
| unknown | 3 |
|
||||
|
||||
|
||||
### Example Output:
|
||||
|
||||
```
|
||||
|
|
|
@ -19,6 +19,10 @@ import (
|
|||
"github.com/influxdata/telegraf/plugins/inputs"
|
||||
)
|
||||
|
||||
const (
|
||||
defaultServiceAccountPath = "/run/secrets/kubernetes.io/serviceaccount/token"
|
||||
)
|
||||
|
||||
// KubernetesInventory represents the config object for the plugin.
|
||||
type KubernetesInventory struct {
|
||||
URL string `toml:"url"`
|
||||
|
@ -42,6 +46,8 @@ var sampleConfig = `
|
|||
# namespace = "default"
|
||||
|
||||
## Use bearer token for authorization. ('bearer_token' takes priority)
|
||||
## If both of these are empty, we'll use the default serviceaccount:
|
||||
## at: /run/secrets/kubernetes.io/serviceaccount/token
|
||||
# bearer_token = "/path/to/bearer/token"
|
||||
## OR
|
||||
# bearer_token_string = "abc_123"
|
||||
|
@ -77,14 +83,32 @@ func (ki *KubernetesInventory) Description() string {
|
|||
return "Read metrics from the Kubernetes api"
|
||||
}
|
||||
|
||||
// Gather collects kubernetes metrics from a given URL.
|
||||
func (ki *KubernetesInventory) Gather(acc telegraf.Accumulator) (err error) {
|
||||
if ki.client == nil {
|
||||
if ki.client, err = ki.initClient(); err != nil {
|
||||
return err
|
||||
}
|
||||
func (ki *KubernetesInventory) Init() error {
|
||||
// If neither are provided, use the default service account.
|
||||
if ki.BearerToken == "" && ki.BearerTokenString == "" {
|
||||
ki.BearerToken = defaultServiceAccountPath
|
||||
}
|
||||
|
||||
if ki.BearerToken != "" {
|
||||
token, err := ioutil.ReadFile(ki.BearerToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
ki.BearerTokenString = strings.TrimSpace(string(token))
|
||||
}
|
||||
|
||||
var err error
|
||||
ki.client, err = newClient(ki.URL, ki.Namespace, ki.BearerTokenString, ki.ResponseTimeout.Duration, ki.ClientConfig)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Gather collects kubernetes metrics from a given URL.
|
||||
func (ki *KubernetesInventory) Gather(acc telegraf.Accumulator) (err error) {
|
||||
resourceFilter, err := filter.NewIncludeExcludeFilter(ki.ResourceInclude, ki.ResourceExclude)
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -121,18 +145,6 @@ var availableCollectors = map[string]func(ctx context.Context, acc telegraf.Accu
|
|||
"persistentvolumeclaims": collectPersistentVolumeClaims,
|
||||
}
|
||||
|
||||
func (ki *KubernetesInventory) initClient() (*client, error) {
|
||||
if ki.BearerToken != "" {
|
||||
token, err := ioutil.ReadFile(ki.BearerToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
ki.BearerTokenString = strings.TrimSpace(string(token))
|
||||
}
|
||||
|
||||
return newClient(ki.URL, ki.Namespace, ki.BearerTokenString, ki.ResponseTimeout.Duration, ki.ClientConfig)
|
||||
}
|
||||
|
||||
func atoi(s string) int64 {
|
||||
i, err := strconv.ParseInt(s, 10, 64)
|
||||
if err != nil {
|
||||
|
|
|
@ -38,6 +38,8 @@ avoid cardinality issues:
|
|||
url = "http://127.0.0.1:10255"
|
||||
|
||||
## Use bearer token for authorization. ('bearer_token' takes priority)
|
||||
## If both of these are empty, we'll use the default serviceaccount:
|
||||
## at: /run/secrets/kubernetes.io/serviceaccount/token
|
||||
# bearer_token = "/path/to/bearer/token"
|
||||
## OR
|
||||
# bearer_token_string = "abc_123"
|
||||
|
|
|
@ -36,6 +36,8 @@ var sampleConfig = `
|
|||
url = "http://127.0.0.1:10255"
|
||||
|
||||
## Use bearer token for authorization. ('bearer_token' takes priority)
|
||||
## If both of these are empty, we'll use the default serviceaccount:
|
||||
## at: /run/secrets/kubernetes.io/serviceaccount/token
|
||||
# bearer_token = "/path/to/bearer/token"
|
||||
## OR
|
||||
# bearer_token_string = "abc_123"
|
||||
|
@ -53,6 +55,7 @@ var sampleConfig = `
|
|||
|
||||
const (
|
||||
summaryEndpoint = `%s/stats/summary`
|
||||
defaultServiceAccountPath = "/run/secrets/kubernetes.io/serviceaccount/token"
|
||||
)
|
||||
|
||||
func init() {
|
||||
|
@ -71,6 +74,23 @@ func (k *Kubernetes) Description() string {
|
|||
return "Read metrics from the kubernetes kubelet api"
|
||||
}
|
||||
|
||||
func (k *Kubernetes) Init() error {
|
||||
// If neither are provided, use the default service account.
|
||||
if k.BearerToken == "" && k.BearerTokenString == "" {
|
||||
k.BearerToken = defaultServiceAccountPath
|
||||
}
|
||||
|
||||
if k.BearerToken != "" {
|
||||
token, err := ioutil.ReadFile(k.BearerToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
k.BearerTokenString = strings.TrimSpace(string(token))
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
//Gather collects kubernetes metrics from a given URL
|
||||
func (k *Kubernetes) Gather(acc telegraf.Accumulator) error {
|
||||
acc.AddError(k.gatherSummary(k.URL, acc))
|
||||
|
@ -108,15 +128,7 @@ func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) err
|
|||
}
|
||||
}
|
||||
|
||||
if k.BearerToken != "" {
|
||||
token, err := ioutil.ReadFile(k.BearerToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
req.Header.Set("Authorization", "Bearer "+strings.TrimSpace(string(token)))
|
||||
} else if k.BearerTokenString != "" {
|
||||
req.Header.Set("Authorization", "Bearer "+k.BearerTokenString)
|
||||
}
|
||||
req.Header.Add("Accept", "application/json")
|
||||
|
||||
resp, err = k.RoundTripper.RoundTrip(req)
|
||||
|
|
Loading…
Reference in New Issue