Add secure option to NATS output to mirror input

This commit is contained in:
Daniel Nelson 2019-08-02 16:56:49 -07:00
parent ffe9494663
commit 633dfe2a19
No known key found for this signature in database
GPG Key ID: CAAD59C9444F6155
2 changed files with 21 additions and 28 deletions

View File

@ -2,7 +2,7 @@
This plugin writes to a (list of) specified NATS instance(s).
```
```toml
[[outputs.nats]]
## URLs of NATS servers
servers = ["nats://localhost:4222"]
@ -11,9 +11,14 @@ This plugin writes to a (list of) specified NATS instance(s).
# password = ""
## NATS subject for producer messages
subject = "telegraf"
## Use Transport Layer Security
# secure = false
## Optional TLS Config
## CA certificate used to self-sign NATS server(s) TLS certificate(s)
# tls_ca = "/etc/telegraf/ca.pem"
# tls_cert = "/etc/telegraf/cert.pem"
# tls_key = "/etc/telegraf/key.pem"
## Use TLS but skip chain & host verification
# insecure_skip_verify = false
@ -23,15 +28,3 @@ This plugin writes to a (list of) specified NATS instance(s).
## https://github.com/influxdata/telegraf/blob/master/docs/DATA_FORMATS_OUTPUT.md
data_format = "influx"
```
### Required parameters:
* `servers`: List of strings, this is for NATS clustering support. Each URL should start with `nats://`.
* `subject`: The NATS subject to publish to.
### Optional parameters:
* `username`: Username for NATS
* `password`: Password for NATS
* `tls_ca`: TLS CA
* `insecure_skip_verify`: Use SSL but skip chain & host verification (default: false)

View File

@ -12,13 +12,11 @@ import (
)
type NATS struct {
// Servers is the NATS server pool to connect to
Servers []string
// Credentials
Username string
Password string
// NATS subject to publish metrics to
Subject string
Servers []string `toml:"servers"`
Secure bool `toml:"secure"`
Username string `toml:"username"`
Password string `toml:"password"`
Subject string `toml:"subject"`
tls.ClientConfig
conn *nats_client.Conn
@ -34,6 +32,9 @@ var sampleConfig = `
## NATS subject for producer messages
subject = "telegraf"
## Use Transport Layer Security
# secure = false
## Optional TLS Config
# tls_ca = "/etc/telegraf/ca.pem"
# tls_cert = "/etc/telegraf/cert.pem"
@ -70,13 +71,12 @@ func (n *NATS) Connect() error {
opts.Password = n.Password
}
// override TLS, if it was specified
tlsConfig, err := n.ClientConfig.TLSConfig()
if err != nil {
return err
}
if tlsConfig != nil {
// set NATS connection TLS options
if n.Secure {
tlsConfig, err := n.ClientConfig.TLSConfig()
if err != nil {
return err
}
opts.Secure = true
opts.TLSConfig = tlsConfig
}