Skip to content

Commit

Permalink
Add TLS support to kapacitor input (#3927)
Browse files Browse the repository at this point in the history
  • Loading branch information
@danielnelson
danielnelson authored Mar 23, 2018
1 parent 00cac26 commit c12c6b9
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 1 deletion.
7 changes: 7 additions & 0 deletions plugins/inputs/kapacitor/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,13 @@ The Kapacitor plugin will collect metrics from the given Kapacitor instances.

## Time limit for http requests
timeout = "5s"

## Optional SSL Config
# ssl_ca = "/etc/telegraf/ca.pem"
# ssl_cert = "/etc/telegraf/cert.pem"
# ssl_key = "/etc/telegraf/key.pem"
## Use SSL but skip chain & host verification
# insecure_skip_verify = false
```

### Measurements & Fields
Expand Down
39 changes: 38 additions & 1 deletion plugins/inputs/kapacitor/kapacitor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,15 @@ type Kapacitor struct {

Timeout internal.Duration

// Path to CA file
SSLCA string `toml:"ssl_ca"`
// Path to host cert file
SSLCert string `toml:"ssl_cert"`
// Path to cert key file
SSLKey string `toml:"ssl_key"`
// Use SSL but skip chain & host verification
InsecureSkipVerify bool

client *http.Client
}

Expand All @@ -38,12 +47,23 @@ func (*Kapacitor) SampleConfig() string {
## Time limit for http requests
timeout = "5s"
## Optional SSL Config
# ssl_ca = "/etc/telegraf/ca.pem"
# ssl_cert = "/etc/telegraf/cert.pem"
# ssl_key = "/etc/telegraf/key.pem"
## Use SSL but skip chain & host verification
# insecure_skip_verify = false
`
}

func (k *Kapacitor) Gather(acc telegraf.Accumulator) error {
if k.client == nil {
k.client = &http.Client{Timeout: k.Timeout.Duration}
client, err := k.createHttpClient()
if err != nil {
return err
}
k.client = client
}

var wg sync.WaitGroup
Expand All @@ -61,6 +81,23 @@ func (k *Kapacitor) Gather(acc telegraf.Accumulator) error {
return nil
}

func (k *Kapacitor) createHttpClient() (*http.Client, error) {
tlsCfg, err := internal.GetTLSConfig(
k.SSLCert, k.SSLKey, k.SSLCA, k.InsecureSkipVerify)
if err != nil {
return nil, err
}

client := &http.Client{
Transport: &http.Transport{
TLSClientConfig: tlsCfg,
},
Timeout: k.Timeout.Duration,
}

return client, nil
}

type object struct {
Name string `json:"name"`
Values map[string]interface{} `json:"values"`
Expand Down

0 comments on commit c12c6b9

Please sign in to comment.