Add TLS support to kapacitor input (#3927)

This commit is contained in:
Daniel Nelson 2018-03-23 11:53:18 -07:00 committed by GitHub
parent 729388f4dd
commit e8fc3ca70c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 45 additions and 1 deletions

View File

@ -14,6 +14,13 @@ The Kapacitor plugin will collect metrics from the given Kapacitor instances.
## Time limit for http requests ## Time limit for http requests
timeout = "5s" timeout = "5s"
## Optional SSL Config
# ssl_ca = "/etc/telegraf/ca.pem"
# ssl_cert = "/etc/telegraf/cert.pem"
# ssl_key = "/etc/telegraf/key.pem"
## Use SSL but skip chain & host verification
# insecure_skip_verify = false
``` ```
### Measurements & Fields ### Measurements & Fields

View File

@ -21,6 +21,15 @@ type Kapacitor struct {
Timeout internal.Duration Timeout internal.Duration
// Path to CA file
SSLCA string `toml:"ssl_ca"`
// Path to host cert file
SSLCert string `toml:"ssl_cert"`
// Path to cert key file
SSLKey string `toml:"ssl_key"`
// Use SSL but skip chain & host verification
InsecureSkipVerify bool
client *http.Client client *http.Client
} }
@ -38,12 +47,23 @@ func (*Kapacitor) SampleConfig() string {
## Time limit for http requests ## Time limit for http requests
timeout = "5s" timeout = "5s"
## Optional SSL Config
# ssl_ca = "/etc/telegraf/ca.pem"
# ssl_cert = "/etc/telegraf/cert.pem"
# ssl_key = "/etc/telegraf/key.pem"
## Use SSL but skip chain & host verification
# insecure_skip_verify = false
` `
} }
func (k *Kapacitor) Gather(acc telegraf.Accumulator) error { func (k *Kapacitor) Gather(acc telegraf.Accumulator) error {
if k.client == nil { if k.client == nil {
k.client = &http.Client{Timeout: k.Timeout.Duration} client, err := k.createHttpClient()
if err != nil {
return err
}
k.client = client
} }
var wg sync.WaitGroup var wg sync.WaitGroup
@ -61,6 +81,23 @@ func (k *Kapacitor) Gather(acc telegraf.Accumulator) error {
return nil return nil
} }
func (k *Kapacitor) createHttpClient() (*http.Client, error) {
tlsCfg, err := internal.GetTLSConfig(
k.SSLCert, k.SSLKey, k.SSLCA, k.InsecureSkipVerify)
if err != nil {
return nil, err
}
client := &http.Client{
Transport: &http.Transport{
TLSClientConfig: tlsCfg,
},
Timeout: k.Timeout.Duration,
}
return client, nil
}
type object struct { type object struct {
Name string `json:"name"` Name string `json:"name"`
Values map[string]interface{} `json:"values"` Values map[string]interface{} `json:"values"`