search

influxdata / telegraf

Agent for collecting, processing, aggregating, and writing metrics, logs, and other arbitrary data.
https://influxdata.com/telegraf
MIT License
14.61k stars 5.57k forks source link

Support HTTPS Jolokia requests #2012

Closed EBallou closed 7 years ago

EBallou commented 7 years ago

Need assistance and/or enhancement to support https for Jolokia queries

Relevant telegraf.conf:

[[inputs.jolokia]]
#   ## This is the context root used to compose the jolokia url
   context = "/jolokia"
#
#   ## This specifies the mode used
#   # mode = "proxy"
#   #
#   ## When in proxy mode this section is used to specify further
#   ## proxy address configurations.
#   ## Remember to change host address to fit your environment.
#   # [inputs.jolokia.proxy]
#   #   host = "127.0.0.1"
#   #   port = "8080"
#
#
#   ## List of servers exposing jolokia read service
  [[inputs.jolokia.servers]]
     name = "my_app_server"
     host = "my_app_server.domain.info"
     port = "443"
     username = "jolokia"
     password = "jolokia_pw"

System info:

Using telegraf 1.0.0. Jolokia 1.3.5 on Red Hat 5, Centos 7

Steps to reproduce:

  1. configure telegraf.conf as above
  2. start service
  3. receive error in -test

Error handling response: Post http://jolokia:jolokia_pw@my_app_server.domain.info:443/jolokia: EOF

Expected behavior:

URL option to switch to https protocol and connection achieved to receive data

Feature Request

Get Jolokia plugin to execute https connections

Proposal:

Update jolokia plugin to be like mqtt plugin where there is optional ssl config and use full url to address endpoints like phpfpm

Current behavior:

HTTP forced

Desired behavior:

HTTPS Optional and retreives.

Use case: [Why is this important (helps with prioritizing requests)]

Jolokia still can expose application sensitive information/functions and should be encrypted regardless when passing authentication information to be most secure.

EBallou commented 7 years ago

I've written an update that enables https and also incorporates the response/header timeout. How can I submit the code?

sparrc commented 7 years ago

you need to submit a PR to github, you'll need to figure out how to do that on your own using online resources

EBallou commented 7 years ago

Ok.. submitted a PR.

domainname commented 7 years ago

Hi there,

Any updates regarding this issue?

EBallou commented 7 years ago

Jeff-

I coded a fix, but ran into issues getting approval from my company to release the fix. It seems most of the roadblocks are gone, but now I need to integrate the timeout settings that were since added. Hopefully, I may be able to request the pull soon.

Eric Ballou phone: (720) 568-3027 mobile: (720) 441-4702

From: Jeff [mailto:notifications@github.com] Sent: Monday, June 12, 2017 1:48 AM To: influxdata/telegraf Cc: Ballou, Eric; Author Subject: Re: [influxdata/telegraf] Support HTTPS Jolokia requests (#2012)

Hi there,

Any updates regarding this issue?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_influxdata_telegraf_issues_2012-23issuecomment-2D307714688&d=DwMCaQ&c=jcv3orpCsv7C4ly8-ubDob57ycZ4jvhoYZNDBA06fPk&r=w2CaiRC4zDyWFlaT5dG3cPipsOkP01o5SVfA4gFfuoM&m=o5_kglW-OcZlMzm4j0RY47BKt4zdD4_HuAjRqZRklFg&s=OhFJkWBcE4A8NlywoB3l7L6E94-2StrAZCjlG2LEtBI&e=, or mute the threadhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_ALq2bw1aKPcYqImuiyLmSDX07JpWsXzFks5sDO0ygaJpZM4KshD9&d=DwMCaQ&c=jcv3orpCsv7C4ly8-ubDob57ycZ4jvhoYZNDBA06fPk&r=w2CaiRC4zDyWFlaT5dG3cPipsOkP01o5SVfA4gFfuoM&m=o5_kglW-OcZlMzm4j0RY47BKt4zdD4_HuAjRqZRklFg&s=k1dMXxFipXZc1VdLw_0qL14C5BhNm5JOZ7qBE7q-cJY&e=.

domainname commented 7 years ago

Hi @EBallou,

Thank you for your prompt reply. The feature I need is the HTTPS support. It appears that telegraf still uses HTTP protocol all the time. Is there any way to instruct it to use HTTPS instead?

danielnelson commented 7 years ago

We are hoping to merge #2278 for 1.4, which should address this issue. I encourage you to try it out and provide and feedback on that issue.

domainname commented 7 years ago

Hi @danielnelson,

Glad to see your new Jolokia plugin. I'd love to test-drive it. How do I deploy the new plugin on my Linux machine, which has telegraf installed already? I'm a little bit lost.

dylanmei commented 7 years ago

@domainname You may build and deploy it or, if you are running Docker, you can use the quay.io/nordstrom/telegraf image.

danielnelson commented 7 years ago

You can also grab the latest binary for any pull request from CircleCI: From the PR near the bottom click on "show all checks" and then "details" for the CircleCI line. This will redirect you to CircleCI, then you can click on the "Artifacts" tab and expand the tree that appears to see the link to telegraf.gz. Maybe we can figure out a way to get a more predictable link.

Here is the direct link. The build is amd64 linux.

domainname commented 7 years ago

Thank you Dylan & Daniel. I'll download it and give a try.

domainname commented 7 years ago

I downloaded it and tried it yesterday. It works well. Thank you guys for your efforts in the new feature!

danielnelson commented 7 years ago

Thanks to @dylanmei, #2278 has been merged and will be in the 1.5.0 release.