Support passing bearer token directly in k8s input (#5295)

This commit is contained in:
Greg 2019-01-15 16:26:18 -07:00 committed by Daniel Nelson
parent d759b46345
commit 50ba5c15a4
2 changed files with 56 additions and 53 deletions

View File

@ -29,8 +29,10 @@ avoid cardinality issues:
## URL for the kubelet ## URL for the kubelet
url = "http://127.0.0.1:10255" url = "http://127.0.0.1:10255"
## Use bearer token for authorization ## Use bearer token for authorization. ('bearer_token' takes priority)
# bearer_token = /path/to/bearer/token # bearer_token = "/path/to/bearer/token"
## OR
# bearer_token_string = "abc_123"
## Set response_timeout (default 5 seconds) ## Set response_timeout (default 5 seconds)
# response_timeout = "5s" # response_timeout = "5s"
@ -54,45 +56,45 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
- tags: - tags:
- node_name - node_name
- fields: - fields:
- cpu_usage_nanocores - cpu_usage_nanocores
- cpu_usage_core_nanoseconds - cpu_usage_core_nanoseconds
- memory_available_bytes - memory_available_bytes
- memory_usage_bytes - memory_usage_bytes
- memory_working_set_bytes - memory_working_set_bytes
- memory_rss_bytes - memory_rss_bytes
- memory_page_faults - memory_page_faults
- memory_major_page_faults - memory_major_page_faults
- network_rx_bytes - network_rx_bytes
- network_rx_errors - network_rx_errors
- network_tx_bytes - network_tx_bytes
- network_tx_errors - network_tx_errors
- fs_available_bytes - fs_available_bytes
- fs_capacity_bytes - fs_capacity_bytes
- fs_used_bytes - fs_used_bytes
- runtime_image_fs_available_bytes - runtime_image_fs_available_bytes
- runtime_image_fs_capacity_bytes - runtime_image_fs_capacity_bytes
- runtime_image_fs_used_bytes - runtime_image_fs_used_bytes
- kubernetes_pod_container + kubernetes_pod_container
- tags: - tags:
- container_name - container_name
- namespace - namespace
- node_name - node_name
- pod_name - pod_name
- fields: - fields:
- cpu_usage_nanocores - cpu_usage_nanocores
- cpu_usage_core_nanoseconds - cpu_usage_core_nanoseconds
- memory_usage_bytes - memory_usage_bytes
- memory_working_set_bytes - memory_working_set_bytes
- memory_rss_bytes - memory_rss_bytes
- memory_page_faults - memory_page_faults
- memory_major_page_faults - memory_major_page_faults
- rootfs_available_bytes - rootfs_available_bytes
- rootfs_capacity_bytes - rootfs_capacity_bytes
- rootfs_used_bytes - rootfs_used_bytes
- logsfs_avaialble_bytes - logsfs_avaialble_bytes
- logsfs_capacity_bytes - logsfs_capacity_bytes
- logsfs_used_bytes - logsfs_used_bytes
- kubernetes_pod_volume - kubernetes_pod_volume
- tags: - tags:
@ -105,7 +107,7 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
- capacity_bytes - capacity_bytes
- used_bytes - used_bytes
- kubernetes_pod_network + kubernetes_pod_network
- tags: - tags:
- namespace - namespace
- node_name - node_name
@ -119,9 +121,11 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
### Example Output ### Example Output
``` ```
kubernetes_pod_container,host=ip-10-0-0-0.ec2.internal,container_name=deis-controller,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr cpu_usage_core_nanoseconds=2432835i,cpu_usage_nanocores=0i,logsfs_avaialble_bytes=121128271872i,logsfs_capacity_bytes=153567944704i,logsfs_used_bytes=20787200i,memory_major_page_faults=0i,memory_page_faults=175i,memory_rss_bytes=0i,memory_usage_bytes=0i,memory_working_set_bytes=0i,rootfs_available_bytes=121128271872i,rootfs_capacity_bytes=153567944704i,rootfs_used_bytes=1110016i 1476477530000000000 kubernetes_node
kubernetes_pod_volume,host=ip-10-0-0-0.ec2.internal,name=default-token-f7wts,namespace=kube-system,node_name=ip-10-0-0-0.ec2.internal,pod_name=kubernetes-dashboard-v1.1.1-t4x4t available_bytes=8415240192i,capacity_bytes=8415252480i,used_bytes=12288i 1476477530000000000 kubernetes_pod_container,container_name=deis-controller,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr cpu_usage_core_nanoseconds=2432835i,cpu_usage_nanocores=0i,logsfs_avaialble_bytes=121128271872i,logsfs_capacity_bytes=153567944704i,logsfs_used_bytes=20787200i,memory_major_page_faults=0i,memory_page_faults=175i,memory_rss_bytes=0i,memory_usage_bytes=0i,memory_working_set_bytes=0i,rootfs_available_bytes=121128271872i,rootfs_capacity_bytes=153567944704i,rootfs_used_bytes=1110016i 1476477530000000000
kubernetes_pod_network,host=ip-10-0-0-0.ec2.internal,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr rx_bytes=120671099i,rx_errors=0i,tx_bytes=102451983i,tx_errors=0i 1476477530000000000 kubernetes_pod_network,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr rx_bytes=120671099i,rx_errors=0i,tx_bytes=102451983i,tx_errors=0i 1476477530000000000
kubernetes_pod_volume,volume_name=default-token-f7wts,namespace=default,node_name=ip-172-17-0-1.internal,pod_name=storage-7 available_bytes=8415240192i,capacity_bytes=8415252480i,used_bytes=12288i 1546910783000000000
kubernetes_system_container
``` ```
[metric filtering]: https://github.com/influxdata/telegraf/blob/master/docs/CONFIGURATION.md#metric-filtering [metric filtering]: https://github.com/influxdata/telegraf/blob/master/docs/CONFIGURATION.md#metric-filtering

View File

@ -6,7 +6,7 @@ import (
"io/ioutil" "io/ioutil"
"net/http" "net/http"
"net/url" "net/url"
"sync" "strings"
"time" "time"
"github.com/influxdata/telegraf" "github.com/influxdata/telegraf"
@ -20,7 +20,8 @@ type Kubernetes struct {
URL string URL string
// Bearer Token authorization file path // Bearer Token authorization file path
BearerToken string `toml:"bearer_token"` BearerToken string `toml:"bearer_token"`
BearerTokenString string `toml:"bearer_token_string"`
// HTTP Timeout specified as a string - 3s, 1m, 1h // HTTP Timeout specified as a string - 3s, 1m, 1h
ResponseTimeout internal.Duration ResponseTimeout internal.Duration
@ -32,10 +33,12 @@ type Kubernetes struct {
var sampleConfig = ` var sampleConfig = `
## URL for the kubelet ## URL for the kubelet
url = "http://1.1.1.1:10255" url = "http://127.0.0.1:10255"
## Use bearer token for authorization ## Use bearer token for authorization. ('bearer_token' takes priority)
# bearer_token = /path/to/bearer/token # bearer_token = "/path/to/bearer/token"
## OR
# bearer_token_string = "abc_123"
## Set response_timeout (default 5 seconds) ## Set response_timeout (default 5 seconds)
# response_timeout = "5s" # response_timeout = "5s"
@ -70,13 +73,7 @@ func (k *Kubernetes) Description() string {
//Gather collects kubernetes metrics from a given URL //Gather collects kubernetes metrics from a given URL
func (k *Kubernetes) Gather(acc telegraf.Accumulator) error { func (k *Kubernetes) Gather(acc telegraf.Accumulator) error {
var wg sync.WaitGroup acc.AddError(k.gatherSummary(k.URL, acc))
wg.Add(1)
go func(k *Kubernetes) {
defer wg.Done()
acc.AddError(k.gatherSummary(k.URL, acc))
}(k)
wg.Wait()
return nil return nil
} }
@ -92,7 +89,6 @@ func buildURL(endpoint string, base string) (*url.URL, error) {
func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) error { func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) error {
url := fmt.Sprintf("%s/stats/summary", baseURL) url := fmt.Sprintf("%s/stats/summary", baseURL)
var req, err = http.NewRequest("GET", url, nil) var req, err = http.NewRequest("GET", url, nil)
var token []byte
var resp *http.Response var resp *http.Response
tlsCfg, err := k.ClientConfig.TLSConfig() tlsCfg, err := k.ClientConfig.TLSConfig()
@ -113,12 +109,15 @@ func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) err
} }
if k.BearerToken != "" { if k.BearerToken != "" {
token, err = ioutil.ReadFile(k.BearerToken) token, err := ioutil.ReadFile(k.BearerToken)
if err != nil { if err != nil {
return err return err
} }
req.Header.Set("Authorization", "Bearer "+string(token)) req.Header.Set("Authorization", "Bearer "+strings.TrimSpace(string(token)))
} else if k.BearerTokenString != "" {
req.Header.Set("Authorization", "Bearer "+k.BearerTokenString)
} }
req.Header.Add("Accept", "application/json")
resp, err = k.RoundTripper.RoundTrip(req) resp, err = k.RoundTripper.RoundTrip(req)
if err != nil { if err != nil {