Add bearer token defaults for Kubernetes plugins (#6356)
This commit is contained in:
		
							parent
							
								
									6881c64431
								
							
						
					
					
						commit
						284c7fc404
					
				|  | @ -41,6 +41,8 @@ avoid cardinality issues: | |||
|   # namespace = "default" | ||||
| 
 | ||||
|   ## Use bearer token for authorization. ('bearer_token' takes priority) | ||||
|   ## If both of these are empty, we'll use the default serviceaccount: | ||||
|   ## at: /run/secrets/kubernetes.io/serviceaccount/token | ||||
|   # bearer_token = "/path/to/bearer/token" | ||||
|   ## OR | ||||
|   # bearer_token_string = "abc_123" | ||||
|  | @ -265,6 +267,7 @@ The persistentvolumeclaim "phase" is saved in the `phase` tag with a correlated | |||
| | pending   | 2                         | | ||||
| | unknown   | 3                         | | ||||
| 
 | ||||
| 
 | ||||
| ### Example Output: | ||||
| 
 | ||||
| ``` | ||||
|  |  | |||
|  | @ -19,6 +19,10 @@ import ( | |||
| 	"github.com/influxdata/telegraf/plugins/inputs" | ||||
| ) | ||||
| 
 | ||||
| const ( | ||||
| 	defaultServiceAccountPath = "/run/secrets/kubernetes.io/serviceaccount/token" | ||||
| ) | ||||
| 
 | ||||
| // KubernetesInventory represents the config object for the plugin.
 | ||||
| type KubernetesInventory struct { | ||||
| 	URL               string            `toml:"url"` | ||||
|  | @ -42,6 +46,8 @@ var sampleConfig = ` | |||
|   # namespace = "default" | ||||
| 
 | ||||
|   ## Use bearer token for authorization. ('bearer_token' takes priority) | ||||
|   ## If both of these are empty, we'll use the default serviceaccount: | ||||
|   ## at: /run/secrets/kubernetes.io/serviceaccount/token | ||||
|   # bearer_token = "/path/to/bearer/token" | ||||
|   ## OR | ||||
|   # bearer_token_string = "abc_123" | ||||
|  | @ -77,14 +83,32 @@ func (ki *KubernetesInventory) Description() string { | |||
| 	return "Read metrics from the Kubernetes api" | ||||
| } | ||||
| 
 | ||||
| // Gather collects kubernetes metrics from a given URL.
 | ||||
| func (ki *KubernetesInventory) Gather(acc telegraf.Accumulator) (err error) { | ||||
| 	if ki.client == nil { | ||||
| 		if ki.client, err = ki.initClient(); err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| func (ki *KubernetesInventory) Init() error { | ||||
| 	// If neither are provided, use the default service account.
 | ||||
| 	if ki.BearerToken == "" && ki.BearerTokenString == "" { | ||||
| 		ki.BearerToken = defaultServiceAccountPath | ||||
| 	} | ||||
| 
 | ||||
| 	if ki.BearerToken != "" { | ||||
| 		token, err := ioutil.ReadFile(ki.BearerToken) | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		ki.BearerTokenString = strings.TrimSpace(string(token)) | ||||
| 	} | ||||
| 
 | ||||
| 	var err error | ||||
| 	ki.client, err = newClient(ki.URL, ki.Namespace, ki.BearerTokenString, ki.ResponseTimeout.Duration, ki.ClientConfig) | ||||
| 
 | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 
 | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| // Gather collects kubernetes metrics from a given URL.
 | ||||
| func (ki *KubernetesInventory) Gather(acc telegraf.Accumulator) (err error) { | ||||
| 	resourceFilter, err := filter.NewIncludeExcludeFilter(ki.ResourceInclude, ki.ResourceExclude) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
|  | @ -121,18 +145,6 @@ var availableCollectors = map[string]func(ctx context.Context, acc telegraf.Accu | |||
| 	"persistentvolumeclaims": collectPersistentVolumeClaims, | ||||
| } | ||||
| 
 | ||||
| func (ki *KubernetesInventory) initClient() (*client, error) { | ||||
| 	if ki.BearerToken != "" { | ||||
| 		token, err := ioutil.ReadFile(ki.BearerToken) | ||||
| 		if err != nil { | ||||
| 			return nil, err | ||||
| 		} | ||||
| 		ki.BearerTokenString = strings.TrimSpace(string(token)) | ||||
| 	} | ||||
| 
 | ||||
| 	return newClient(ki.URL, ki.Namespace, ki.BearerTokenString, ki.ResponseTimeout.Duration, ki.ClientConfig) | ||||
| } | ||||
| 
 | ||||
| func atoi(s string) int64 { | ||||
| 	i, err := strconv.ParseInt(s, 10, 64) | ||||
| 	if err != nil { | ||||
|  |  | |||
|  | @ -38,6 +38,8 @@ avoid cardinality issues: | |||
|   url = "http://127.0.0.1:10255" | ||||
| 
 | ||||
|   ## Use bearer token for authorization. ('bearer_token' takes priority) | ||||
|   ## If both of these are empty, we'll use the default serviceaccount: | ||||
|   ## at: /run/secrets/kubernetes.io/serviceaccount/token | ||||
|   # bearer_token = "/path/to/bearer/token" | ||||
|   ## OR | ||||
|   # bearer_token_string = "abc_123" | ||||
|  |  | |||
|  | @ -36,6 +36,8 @@ var sampleConfig = ` | |||
|   url = "http://127.0.0.1:10255" | ||||
| 
 | ||||
|   ## Use bearer token for authorization. ('bearer_token' takes priority) | ||||
|   ## If both of these are empty, we'll use the default serviceaccount: | ||||
|   ## at: /run/secrets/kubernetes.io/serviceaccount/token | ||||
|   # bearer_token = "/path/to/bearer/token" | ||||
|   ## OR | ||||
|   # bearer_token_string = "abc_123" | ||||
|  | @ -52,7 +54,8 @@ var sampleConfig = ` | |||
| ` | ||||
| 
 | ||||
| const ( | ||||
| 	summaryEndpoint = `%s/stats/summary` | ||||
| 	summaryEndpoint           = `%s/stats/summary` | ||||
| 	defaultServiceAccountPath = "/run/secrets/kubernetes.io/serviceaccount/token" | ||||
| ) | ||||
| 
 | ||||
| func init() { | ||||
|  | @ -71,6 +74,23 @@ func (k *Kubernetes) Description() string { | |||
| 	return "Read metrics from the kubernetes kubelet api" | ||||
| } | ||||
| 
 | ||||
| func (k *Kubernetes) Init() error { | ||||
| 	// If neither are provided, use the default service account.
 | ||||
| 	if k.BearerToken == "" && k.BearerTokenString == "" { | ||||
| 		k.BearerToken = defaultServiceAccountPath | ||||
| 	} | ||||
| 
 | ||||
| 	if k.BearerToken != "" { | ||||
| 		token, err := ioutil.ReadFile(k.BearerToken) | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		k.BearerTokenString = strings.TrimSpace(string(token)) | ||||
| 	} | ||||
| 
 | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| //Gather collects kubernetes metrics from a given URL
 | ||||
| func (k *Kubernetes) Gather(acc telegraf.Accumulator) error { | ||||
| 	acc.AddError(k.gatherSummary(k.URL, acc)) | ||||
|  | @ -108,15 +128,7 @@ func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) err | |||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	if k.BearerToken != "" { | ||||
| 		token, err := ioutil.ReadFile(k.BearerToken) | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		req.Header.Set("Authorization", "Bearer "+strings.TrimSpace(string(token))) | ||||
| 	} else if k.BearerTokenString != "" { | ||||
| 		req.Header.Set("Authorization", "Bearer "+k.BearerTokenString) | ||||
| 	} | ||||
| 	req.Header.Set("Authorization", "Bearer "+k.BearerTokenString) | ||||
| 	req.Header.Add("Accept", "application/json") | ||||
| 
 | ||||
| 	resp, err = k.RoundTripper.RoundTrip(req) | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue