From 3ef4dff4ec60511da5a9dc920e103641036a1b65 Mon Sep 17 00:00:00 2001 From: Leszek Charkiewicz Date: Wed, 6 Jun 2018 02:12:30 +0200 Subject: [PATCH] Add SSL/TLS support to Redis input (#4236) --- Godeps | 2 +- plugins/inputs/redis/README.md | 7 +++++++ plugins/inputs/redis/redis.go | 23 +++++++++++++++++++---- 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/Godeps b/Godeps index 4096d93af..5bc29b200 100644 --- a/Godeps +++ b/Godeps @@ -28,7 +28,7 @@ github.com/golang/snappy 7db9049039a047d955fe8c19b83c8ff5abd765c7 github.com/go-ole/go-ole be49f7c07711fcb603cff39e1de7c67926dc0ba7 github.com/google/go-cmp f94e52cad91c65a63acc1e75d4be223ea22e99bc github.com/gorilla/mux 53c1911da2b537f792e7cafcb446b05ffe33b996 -github.com/go-redis/redis 73b70592cdaa9e6abdfcfbf97b4a90d80728c836 +github.com/go-redis/redis 83fb42932f6145ce52df09860384a4653d2d332a github.com/go-sql-driver/mysql 2e00b5cd70399450106cec6431c2e2ce3cae5034 github.com/hailocab/go-hostpool e80d13ce29ede4452c43dea11e79b9bc8a15b478 github.com/hashicorp/consul 5174058f0d2bda63fa5198ab96c33d9a909c58ed diff --git a/plugins/inputs/redis/README.md b/plugins/inputs/redis/README.md index c68f6624e..da4e8b71a 100644 --- a/plugins/inputs/redis/README.md +++ b/plugins/inputs/redis/README.md @@ -14,6 +14,13 @@ ## If no servers are specified, then localhost is used as the host. ## If no port is specified, 6379 is used servers = ["tcp://localhost:6379"] + + ## Optional TLS Config + # tls_ca = "/etc/telegraf/ca.pem" + # tls_cert = "/etc/telegraf/cert.pem" + # tls_key = "/etc/telegraf/key.pem" + ## Use TLS but skip chain & host verification + # insecure_skip_verify = true ``` ### Measurements & Fields: diff --git a/plugins/inputs/redis/redis.go b/plugins/inputs/redis/redis.go index 5c5238f5d..766463cfd 100644 --- a/plugins/inputs/redis/redis.go +++ b/plugins/inputs/redis/redis.go @@ -13,11 +13,13 @@ import ( "github.com/go-redis/redis" "github.com/influxdata/telegraf" + "github.com/influxdata/telegraf/internal/tls" "github.com/influxdata/telegraf/plugins/inputs" ) type Redis struct { Servers []string + tls.ClientConfig clients []Client initialized bool @@ -56,6 +58,13 @@ var sampleConfig = ` ## If no servers are specified, then localhost is used as the host. ## If no port is specified, 6379 is used servers = ["tcp://localhost:6379"] + + ## Optional TLS Config + # tls_ca = "/etc/telegraf/ca.pem" + # tls_cert = "/etc/telegraf/cert.pem" + # tls_key = "/etc/telegraf/key.pem" + ## Use TLS but skip chain & host verification + # insecure_skip_verify = true ` func (r *Redis) SampleConfig() string { @@ -109,12 +118,18 @@ func (r *Redis) init(acc telegraf.Accumulator) error { address = u.Host } + tlsConfig, err := r.ClientConfig.TLSConfig() + if err != nil { + return err + } + client := redis.NewClient( &redis.Options{ - Addr: address, - Password: password, - Network: u.Scheme, - PoolSize: 1, + Addr: address, + Password: password, + Network: u.Scheme, + PoolSize: 1, + TLSConfig: tlsConfig, }, )