Support passing bearer token directly in k8s input (#5295)

2019-01-15 16:26:18 -07:00 · 2019-01-15 16:26:18 -07:00 · 50ba5c15a4
parent d759b46345
commit 50ba5c15a4
2 changed files with 56 additions and 53 deletions
--- a/plugins/inputs/kubernetes/README.md
+++ b/plugins/inputs/kubernetes/README.md
@ -29,8 +29,10 @@ avoid cardinality issues:
  ## URL for the kubelet
  url = "http://127.0.0.1:10255"
-  ## Use bearer token for authorization
+  ## Use bearer token for authorization. ('bearer_token' takes priority)
-  # bearer_token = /path/to/bearer/token
+  # bearer_token = "/path/to/bearer/token"
  ## OR
  # bearer_token_string = "abc_123"
  ## Set response_timeout (default 5 seconds)
  # response_timeout = "5s"
@ -54,45 +56,45 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
  - tags:
    - node_name
  - fields:
-	- cpu_usage_nanocores
+    - cpu_usage_nanocores
-	- cpu_usage_core_nanoseconds
+    - cpu_usage_core_nanoseconds
-	- memory_available_bytes
+    - memory_available_bytes
-	- memory_usage_bytes
+    - memory_usage_bytes
-	- memory_working_set_bytes
+    - memory_working_set_bytes
-	- memory_rss_bytes
+    - memory_rss_bytes
-	- memory_page_faults
+    - memory_page_faults
-	- memory_major_page_faults
+    - memory_major_page_faults
-	- network_rx_bytes
+    - network_rx_bytes
-	- network_rx_errors
+    - network_rx_errors
-	- network_tx_bytes
+    - network_tx_bytes
-	- network_tx_errors
+    - network_tx_errors
-	- fs_available_bytes
+    - fs_available_bytes
-	- fs_capacity_bytes
+    - fs_capacity_bytes
-	- fs_used_bytes
+    - fs_used_bytes
-	- runtime_image_fs_available_bytes
+    - runtime_image_fs_available_bytes
-	- runtime_image_fs_capacity_bytes
+    - runtime_image_fs_capacity_bytes
-	- runtime_image_fs_used_bytes
+    - runtime_image_fs_used_bytes
- kubernetes_pod_container
+ kubernetes_pod_container
  - tags:
    - container_name
    - namespace
    - node_name
    - pod_name
  - fields:
-	- cpu_usage_nanocores
+    - cpu_usage_nanocores
-	- cpu_usage_core_nanoseconds
+    - cpu_usage_core_nanoseconds
-	- memory_usage_bytes
+    - memory_usage_bytes
-	- memory_working_set_bytes
+    - memory_working_set_bytes
-	- memory_rss_bytes
+    - memory_rss_bytes
-	- memory_page_faults
+    - memory_page_faults
-	- memory_major_page_faults
+    - memory_major_page_faults
-	- rootfs_available_bytes
+    - rootfs_available_bytes
-	- rootfs_capacity_bytes
+    - rootfs_capacity_bytes
-	- rootfs_used_bytes
+    - rootfs_used_bytes
-	- logsfs_avaialble_bytes
+    - logsfs_avaialble_bytes
-	- logsfs_capacity_bytes
+    - logsfs_capacity_bytes
-	- logsfs_used_bytes
+    - logsfs_used_bytes
 - kubernetes_pod_volume
  - tags:
@ -105,7 +107,7 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
    - capacity_bytes
    - used_bytes
- kubernetes_pod_network
+ kubernetes_pod_network
  - tags:
    - namespace
    - node_name
@ -119,9 +121,11 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
 ### Example Output
 ```
-kubernetes_pod_container,host=ip-10-0-0-0.ec2.internal,container_name=deis-controller,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr cpu_usage_core_nanoseconds=2432835i,cpu_usage_nanocores=0i,logsfs_avaialble_bytes=121128271872i,logsfs_capacity_bytes=153567944704i,logsfs_used_bytes=20787200i,memory_major_page_faults=0i,memory_page_faults=175i,memory_rss_bytes=0i,memory_usage_bytes=0i,memory_working_set_bytes=0i,rootfs_available_bytes=121128271872i,rootfs_capacity_bytes=153567944704i,rootfs_used_bytes=1110016i 1476477530000000000
+kubernetes_node
-kubernetes_pod_volume,host=ip-10-0-0-0.ec2.internal,name=default-token-f7wts,namespace=kube-system,node_name=ip-10-0-0-0.ec2.internal,pod_name=kubernetes-dashboard-v1.1.1-t4x4t available_bytes=8415240192i,capacity_bytes=8415252480i,used_bytes=12288i 1476477530000000000
+kubernetes_pod_container,container_name=deis-controller,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr cpu_usage_core_nanoseconds=2432835i,cpu_usage_nanocores=0i,logsfs_avaialble_bytes=121128271872i,logsfs_capacity_bytes=153567944704i,logsfs_used_bytes=20787200i,memory_major_page_faults=0i,memory_page_faults=175i,memory_rss_bytes=0i,memory_usage_bytes=0i,memory_working_set_bytes=0i,rootfs_available_bytes=121128271872i,rootfs_capacity_bytes=153567944704i,rootfs_used_bytes=1110016i 1476477530000000000
-kubernetes_pod_network,host=ip-10-0-0-0.ec2.internal,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr rx_bytes=120671099i,rx_errors=0i,tx_bytes=102451983i,tx_errors=0i 1476477530000000000
+kubernetes_pod_network,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr rx_bytes=120671099i,rx_errors=0i,tx_bytes=102451983i,tx_errors=0i 1476477530000000000
 kubernetes_pod_volume,volume_name=default-token-f7wts,namespace=default,node_name=ip-172-17-0-1.internal,pod_name=storage-7 available_bytes=8415240192i,capacity_bytes=8415252480i,used_bytes=12288i 1546910783000000000
 kubernetes_system_container
 ```
 [metric filtering]: https://github.com/influxdata/telegraf/blob/master/docs/CONFIGURATION.md#metric-filtering
--- a/plugins/inputs/kubernetes/kubernetes.go
+++ b/plugins/inputs/kubernetes/kubernetes.go
@ -6,7 +6,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
-	"sync"
+	"strings"
 	"time"
 	"github.com/influxdata/telegraf"
@ -20,7 +20,8 @@ type Kubernetes struct {
 	URL string
 	// Bearer Token authorization file path
-	BearerToken string `toml:"bearer_token"`
+	BearerToken       string `toml:"bearer_token"`
 	BearerTokenString string `toml:"bearer_token_string"`
 	// HTTP Timeout specified as a string - 3s, 1m, 1h
 	ResponseTimeout internal.Duration
@ -32,10 +33,12 @@ type Kubernetes struct {
 var sampleConfig = `
  ## URL for the kubelet
-  url = "http://1.1.1.1:10255"
+  url = "http://127.0.0.1:10255"
-  ## Use bearer token for authorization
+  ## Use bearer token for authorization. ('bearer_token' takes priority)
-  # bearer_token = /path/to/bearer/token
+  # bearer_token = "/path/to/bearer/token"
  ## OR
  # bearer_token_string = "abc_123"
  ## Set response_timeout (default 5 seconds)
  # response_timeout = "5s"
@ -70,13 +73,7 @@ func (k *Kubernetes) Description() string {
 //Gather collects kubernetes metrics from a given URL
 func (k *Kubernetes) Gather(acc telegraf.Accumulator) error {
-	var wg sync.WaitGroup
+	acc.AddError(k.gatherSummary(k.URL, acc))
 	wg.Add(1)
 	go func(k *Kubernetes) {
 		defer wg.Done()
 		acc.AddError(k.gatherSummary(k.URL, acc))
 	}(k)
 	wg.Wait()
 	return nil
 }
@ -92,7 +89,6 @@ func buildURL(endpoint string, base string) (*url.URL, error) {
 func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) error {
 	url := fmt.Sprintf("%s/stats/summary", baseURL)
 	var req, err = http.NewRequest("GET", url, nil)
 	var token []byte
 	var resp *http.Response
 	tlsCfg, err := k.ClientConfig.TLSConfig()
@ -113,12 +109,15 @@ func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) err
 	}
 	if k.BearerToken != "" {
-		token, err = ioutil.ReadFile(k.BearerToken)
+		token, err := ioutil.ReadFile(k.BearerToken)
 		if err != nil {
 			return err
 		}
-		req.Header.Set("Authorization", "Bearer "+string(token))
+		req.Header.Set("Authorization", "Bearer "+strings.TrimSpace(string(token)))
 	} else if k.BearerTokenString != "" {
 		req.Header.Set("Authorization", "Bearer "+k.BearerTokenString)
 	}
 	req.Header.Add("Accept", "application/json")
 	resp, err = k.RoundTripper.RoundTrip(req)
 	if err != nil {