parent
13f314a507
commit
7a5d857846
|
@ -57,6 +57,7 @@ be deprecated eventually.
|
||||||
- [#2071](https://github.com/influxdata/telegraf/issues/2071): Use official docker SDK.
|
- [#2071](https://github.com/influxdata/telegraf/issues/2071): Use official docker SDK.
|
||||||
- [#1678](https://github.com/influxdata/telegraf/pull/1678): Add AMQP consumer input plugin
|
- [#1678](https://github.com/influxdata/telegraf/pull/1678): Add AMQP consumer input plugin
|
||||||
- [#2501](https://github.com/influxdata/telegraf/pull/2501): Support DEAD(X) state in system input plugin.
|
- [#2501](https://github.com/influxdata/telegraf/pull/2501): Support DEAD(X) state in system input plugin.
|
||||||
|
- [#2522](https://github.com/influxdata/telegraf/pull/2522): Add support for mongodb client certificates.
|
||||||
|
|
||||||
### Bugfixes
|
### Bugfixes
|
||||||
|
|
||||||
|
|
|
@ -11,9 +11,16 @@
|
||||||
## 10.0.0.1:10000, etc.
|
## 10.0.0.1:10000, etc.
|
||||||
servers = ["127.0.0.1:27017"]
|
servers = ["127.0.0.1:27017"]
|
||||||
gather_perdb_stats = false
|
gather_perdb_stats = false
|
||||||
|
|
||||||
|
## Optional SSL Config
|
||||||
|
# ssl_ca = "/etc/telegraf/ca.pem"
|
||||||
|
# ssl_cert = "/etc/telegraf/cert.pem"
|
||||||
|
# ssl_key = "/etc/telegraf/key.pem"
|
||||||
|
## Use SSL but skip chain & host verification
|
||||||
|
# insecure_skip_verify = false
|
||||||
```
|
```
|
||||||
|
|
||||||
For authenticated mongodb istances use connection mongdb connection URI
|
For authenticated mongodb instances use `mongodb://` connection URI
|
||||||
|
|
||||||
```toml
|
```toml
|
||||||
[[inputs.mongodb]]
|
[[inputs.mongodb]]
|
||||||
|
|
|
@ -10,6 +10,7 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/influxdata/telegraf"
|
"github.com/influxdata/telegraf"
|
||||||
|
"github.com/influxdata/telegraf/internal"
|
||||||
"github.com/influxdata/telegraf/internal/errchan"
|
"github.com/influxdata/telegraf/internal/errchan"
|
||||||
"github.com/influxdata/telegraf/plugins/inputs"
|
"github.com/influxdata/telegraf/plugins/inputs"
|
||||||
"gopkg.in/mgo.v2"
|
"gopkg.in/mgo.v2"
|
||||||
|
@ -20,6 +21,15 @@ type MongoDB struct {
|
||||||
Ssl Ssl
|
Ssl Ssl
|
||||||
mongos map[string]*Server
|
mongos map[string]*Server
|
||||||
GatherPerdbStats bool
|
GatherPerdbStats bool
|
||||||
|
|
||||||
|
// Path to CA file
|
||||||
|
SSLCA string `toml:"ssl_ca"`
|
||||||
|
// Path to host cert file
|
||||||
|
SSLCert string `toml:"ssl_cert"`
|
||||||
|
// Path to cert key file
|
||||||
|
SSLKey string `toml:"ssl_key"`
|
||||||
|
// Use SSL but skip chain & host verification
|
||||||
|
InsecureSkipVerify bool
|
||||||
}
|
}
|
||||||
|
|
||||||
type Ssl struct {
|
type Ssl struct {
|
||||||
|
@ -35,6 +45,13 @@ var sampleConfig = `
|
||||||
## 10.0.0.1:10000, etc.
|
## 10.0.0.1:10000, etc.
|
||||||
servers = ["127.0.0.1:27017"]
|
servers = ["127.0.0.1:27017"]
|
||||||
gather_perdb_stats = false
|
gather_perdb_stats = false
|
||||||
|
|
||||||
|
## Optional SSL Config
|
||||||
|
# ssl_ca = "/etc/telegraf/ca.pem"
|
||||||
|
# ssl_cert = "/etc/telegraf/cert.pem"
|
||||||
|
# ssl_key = "/etc/telegraf/key.pem"
|
||||||
|
## Use SSL but skip chain & host verification
|
||||||
|
# insecure_skip_verify = false
|
||||||
`
|
`
|
||||||
|
|
||||||
func (m *MongoDB) SampleConfig() string {
|
func (m *MongoDB) SampleConfig() string {
|
||||||
|
@ -105,8 +122,11 @@ func (m *MongoDB) gatherServer(server *Server, acc telegraf.Accumulator) error {
|
||||||
dialInfo.Direct = true
|
dialInfo.Direct = true
|
||||||
dialInfo.Timeout = 5 * time.Second
|
dialInfo.Timeout = 5 * time.Second
|
||||||
|
|
||||||
|
var tlsConfig *tls.Config
|
||||||
|
|
||||||
if m.Ssl.Enabled {
|
if m.Ssl.Enabled {
|
||||||
tlsConfig := &tls.Config{}
|
// Deprecated SSL config
|
||||||
|
tlsConfig = &tls.Config{}
|
||||||
if len(m.Ssl.CaCerts) > 0 {
|
if len(m.Ssl.CaCerts) > 0 {
|
||||||
roots := x509.NewCertPool()
|
roots := x509.NewCertPool()
|
||||||
for _, caCert := range m.Ssl.CaCerts {
|
for _, caCert := range m.Ssl.CaCerts {
|
||||||
|
@ -119,6 +139,13 @@ func (m *MongoDB) gatherServer(server *Server, acc telegraf.Accumulator) error {
|
||||||
} else {
|
} else {
|
||||||
tlsConfig.InsecureSkipVerify = true
|
tlsConfig.InsecureSkipVerify = true
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
tlsConfig, err = internal.GetTLSConfig(
|
||||||
|
m.SSLCert, m.SSLKey, m.SSLCA, m.InsecureSkipVerify)
|
||||||
|
}
|
||||||
|
|
||||||
|
// If configured to use TLS, add a dial function
|
||||||
|
if tlsConfig != nil {
|
||||||
dialInfo.DialServer = func(addr *mgo.ServerAddr) (net.Conn, error) {
|
dialInfo.DialServer = func(addr *mgo.ServerAddr) (net.Conn, error) {
|
||||||
conn, err := tls.Dial("tcp", addr.String(), tlsConfig)
|
conn, err := tls.Dial("tcp", addr.String(), tlsConfig)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in New Issue