Add support for credentials file to nats_consumer and nats output (#7022)

2020-02-20 22:30:04 +00:00
parent 82a358b910
commit 79ff743064
8 changed files with 78 additions and 59 deletions
--- a/plugins/inputs/nats/nats.go
+++ b/plugins/inputs/nats/nats.go
@@ -13,7 +13,7 @@ import (
 	"github.com/influxdata/telegraf"
 	"github.com/influxdata/telegraf/internal"
 	"github.com/influxdata/telegraf/plugins/inputs"
-	gnatsd "github.com/nats-io/gnatsd/server"
+	gnatsd "github.com/nats-io/nats-server/v2/server"
 )

 type Nats struct {
--- a/plugins/inputs/nats_consumer/README.md
+++ b/plugins/inputs/nats_consumer/README.md
@@ -23,6 +23,9 @@ instances of telegraf can read from a NATS cluster in parallel.
  # username = ""
  # password = ""

+  ## Optional NATS 2.0 and NATS NGS compatible user credentials
+  # credentials = "/etc/telegraf/nats.creds"
+
  ## Use Transport Layer Security
  # secure = false

--- a/plugins/inputs/nats_consumer/nats_consumer.go
+++ b/plugins/inputs/nats_consumer/nats_consumer.go
@@ -3,13 +3,14 @@ package natsconsumer
 import (
 	"context"
 	"fmt"
+	"strings"
 	"sync"

 	"github.com/influxdata/telegraf"
 	"github.com/influxdata/telegraf/internal/tls"
 	"github.com/influxdata/telegraf/plugins/inputs"
 	"github.com/influxdata/telegraf/plugins/parsers"
-	nats "github.com/nats-io/go-nats"
+	"github.com/nats-io/nats.go"
 )

 var (
@@ -31,12 +32,14 @@ func (e natsError) Error() string {
 }

 type natsConsumer struct {
-	QueueGroup string   `toml:"queue_group"`
-	Subjects   []string `toml:"subjects"`
-	Servers    []string `toml:"servers"`
-	Secure     bool     `toml:"secure"`
-	Username   string   `toml:"username"`
-	Password   string   `toml:"password"`
+	QueueGroup  string   `toml:"queue_group"`
+	Subjects    []string `toml:"subjects"`
+	Servers     []string `toml:"servers"`
+	Secure      bool     `toml:"secure"`
+	Username    string   `toml:"username"`
+	Password    string   `toml:"password"`
+	Credentials string   `toml:"credentials"`
+
 	tls.ClientConfig

 	Log telegraf.Logger
@@ -77,6 +80,9 @@ var sampleConfig = `
  # username = ""
  # password = ""

+  ## Optional NATS 2.0 and NATS NGS compatible user credentials
+  # credentials = "/etc/telegraf/nats.creds"
+
  ## Use Transport Layer Security
  # secure = false

@@ -135,19 +141,18 @@ func (n *natsConsumer) Start(acc telegraf.Accumulator) error {

 	var connectErr error

-	// set default NATS connection options
-	opts := nats.DefaultOptions
-
-	// override max reconnection tries
-	opts.MaxReconnect = -1
-
-	// override servers if any were specified
-	opts.Servers = n.Servers
+	options := []nats.Option{
+		nats.MaxReconnects(-1),
+		nats.ErrorHandler(n.natsErrHandler),
+	}

 	// override authentication, if any was specified
-	if n.Username != "" {
-		opts.User = n.Username
-		opts.Password = n.Password
+	if n.Username != "" && n.Password != "" {
+		options = append(options, nats.UserInfo(n.Username, n.Password))
+	}
+
+	if n.Credentials != "" {
+		options = append(options, nats.UserCredentials(n.Credentials))
 	}

 	if n.Secure {
@@ -156,19 +161,17 @@ func (n *natsConsumer) Start(acc telegraf.Accumulator) error {
 			return err
 		}

-		opts.Secure = true
-		opts.TLSConfig = tlsConfig
+		options = append(options, nats.Secure(tlsConfig))
 	}

 	if n.conn == nil || n.conn.IsClosed() {
-		n.conn, connectErr = opts.Connect()
+		n.conn, connectErr = nats.Connect(strings.Join(n.Servers, ","), options...)
 		if connectErr != nil {
 			return connectErr
 		}

 		// Setup message and error channels
 		n.errs = make(chan error)
-		n.conn.SetErrorHandler(n.natsErrHandler)

 		n.in = make(chan *nats.Msg, 1000)
 		for _, subj := range n.Subjects {
@@ -178,14 +181,13 @@ func (n *natsConsumer) Start(acc telegraf.Accumulator) error {
 			if err != nil {
 				return err
 			}
-			// ensure that the subscription has been processed by the server
-			if err = n.conn.Flush(); err != nil {
-				return err
-			}
+
 			// set the subscription pending limits
-			if err = sub.SetPendingLimits(n.PendingMessageLimit, n.PendingBytesLimit); err != nil {
+			err = sub.SetPendingLimits(n.PendingMessageLimit, n.PendingBytesLimit)
+			if err != nil {
 				return err
 			}
+
 			n.subs = append(n.subs, sub)
 		}
 	}
--- a/plugins/outputs/nats/README.md
+++ b/plugins/outputs/nats/README.md
@@ -9,6 +9,10 @@ This plugin writes to a (list of) specified NATS instance(s).
  ## Optional credentials
  # username = ""
  # password = ""
+
+  ## Optional NATS 2.0 and NATS NGS compatible user credentials
+  # credentials = "/etc/telegraf/nats.creds"
+
  ## NATS subject for producer messages
  subject = "telegraf"

--- a/plugins/outputs/nats/nats.go
+++ b/plugins/outputs/nats/nats.go
@@ -3,32 +3,40 @@ package nats
 import (
 	"fmt"
 	"log"
+	"strings"

 	"github.com/influxdata/telegraf"
 	"github.com/influxdata/telegraf/internal/tls"
 	"github.com/influxdata/telegraf/plugins/outputs"
 	"github.com/influxdata/telegraf/plugins/serializers"
-	nats_client "github.com/nats-io/go-nats"
+	"github.com/nats-io/nats.go"
 )

 type NATS struct {
-	Servers  []string `toml:"servers"`
-	Secure   bool     `toml:"secure"`
-	Username string   `toml:"username"`
-	Password string   `toml:"password"`
-	Subject  string   `toml:"subject"`
+	Servers     []string `toml:"servers"`
+	Secure      bool     `toml:"secure"`
+	Username    string   `toml:"username"`
+	Password    string   `toml:"password"`
+	Credentials string   `toml:"credentials"`
+	Subject     string   `toml:"subject"`
+
 	tls.ClientConfig

-	conn       *nats_client.Conn
+	conn       *nats.Conn
 	serializer serializers.Serializer
 }

 var sampleConfig = `
  ## URLs of NATS servers
  servers = ["nats://localhost:4222"]
+
  ## Optional credentials
  # username = ""
  # password = ""
+
+  ## Optional NATS 2.0 and NATS NGS compatible user credentials
+  # credentials = "/etc/telegraf/nats.creds"
+
  ## NATS subject for producer messages
  subject = "telegraf"

@@ -56,19 +64,13 @@ func (n *NATS) SetSerializer(serializer serializers.Serializer) {
 func (n *NATS) Connect() error {
 	var err error

-	// set default NATS connection options
-	opts := nats_client.DefaultOptions
-
-	// override max reconnection tries
-	opts.MaxReconnect = -1
-
-	// override servers, if any were specified
-	opts.Servers = n.Servers
+	opts := []nats.Option{
+		nats.MaxReconnects(-1),
+	}

 	// override authentication, if any was specified
 	if n.Username != "" {
-		opts.User = n.Username
-		opts.Password = n.Password
+		opts = append(opts, nats.UserInfo(n.Username, n.Password))
 	}

 	if n.Secure {
@@ -77,12 +79,11 @@ func (n *NATS) Connect() error {
 			return err
 		}

-		opts.Secure = true
-		opts.TLSConfig = tlsConfig
+		opts = append(opts, nats.Secure(tlsConfig))
 	}

 	// try and connect
-	n.conn, err = opts.Connect()
+	n.conn, err = nats.Connect(strings.Join(n.Servers, ","), opts...)

 	return err
 }