dom
/
telegraf
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add secure option to NATS output to mirror input

This commit is contained in:
Daniel Nelson 2019-08-02 16:56:49 -07:00
parent ffe9494663
commit 633dfe2a19
No known key found for this signature in database
GPG Key ID: CAAD59C9444F6155
2 changed files with 21 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
plugins/outputs/nats/README.md
View File

@ -2,7 +2,7 @@
This plugin writes to a (list of) specified NATS instance(s). This plugin writes to a (list of) specified NATS instance(s).
``` ```toml
[[outputs.nats]] [[outputs.nats]]
## URLs of NATS servers ## URLs of NATS servers
servers = ["nats://localhost:4222"] servers = ["nats://localhost:4222"]
@ -11,9 +11,14 @@ This plugin writes to a (list of) specified NATS instance(s).
# password = "" # password = ""
## NATS subject for producer messages ## NATS subject for producer messages
subject = "telegraf" subject = "telegraf"
## Use Transport Layer Security
# secure = false
## Optional TLS Config ## Optional TLS Config
## CA certificate used to self-sign NATS server(s) TLS certificate(s)
# tls_ca = "/etc/telegraf/ca.pem" # tls_ca = "/etc/telegraf/ca.pem"
# tls_cert = "/etc/telegraf/cert.pem"
# tls_key = "/etc/telegraf/key.pem"
## Use TLS but skip chain & host verification ## Use TLS but skip chain & host verification
# insecure_skip_verify = false # insecure_skip_verify = false
@ -23,15 +28,3 @@ This plugin writes to a (list of) specified NATS instance(s).
## https://github.com/influxdata/telegraf/blob/master/docs/DATA_FORMATS_OUTPUT.md ## https://github.com/influxdata/telegraf/blob/master/docs/DATA_FORMATS_OUTPUT.md
data_format = "influx" data_format = "influx"
``` ```
### Required parameters:
* `servers`: List of strings, this is for NATS clustering support. Each URL should start with `nats://`.
* `subject`: The NATS subject to publish to.
### Optional parameters:
* `username`: Username for NATS
* `password`: Password for NATS
* `tls_ca`: TLS CA
* `insecure_skip_verify`: Use SSL but skip chain & host verification (default: false)

20
plugins/outputs/nats/nats.go
View File

@ -12,13 +12,11 @@ import (
) )
type NATS struct { type NATS struct {
// Servers is the NATS server pool to connect to Servers []string `toml:"servers"`
Servers []string Secure bool `toml:"secure"`
// Credentials Username string `toml:"username"`
Username string Password string `toml:"password"`
Password string Subject string `toml:"subject"`
// NATS subject to publish metrics to
Subject string
tls.ClientConfig tls.ClientConfig
conn *nats_client.Conn conn *nats_client.Conn
@ -34,6 +32,9 @@ var sampleConfig = `
## NATS subject for producer messages ## NATS subject for producer messages
subject = "telegraf" subject = "telegraf"
## Use Transport Layer Security
# secure = false
## Optional TLS Config ## Optional TLS Config
# tls_ca = "/etc/telegraf/ca.pem" # tls_ca = "/etc/telegraf/ca.pem"
# tls_cert = "/etc/telegraf/cert.pem" # tls_cert = "/etc/telegraf/cert.pem"
@ -70,13 +71,12 @@ func (n *NATS) Connect() error {
opts.Password = n.Password opts.Password = n.Password
} }
// override TLS, if it was specified if n.Secure {
tlsConfig, err := n.ClientConfig.TLSConfig() tlsConfig, err := n.ClientConfig.TLSConfig()
if err != nil { if err != nil {
return err return err
} }
if tlsConfig != nil {
// set NATS connection TLS options
opts.Secure = true opts.Secure = true
opts.TLSConfig = tlsConfig opts.TLSConfig = tlsConfig
} }