Skip to content

Add support for TLS configuration in NSQ input to reach HTTPS nsqd endpoints#3903

Merged
danielnelson merged 4 commits intoinfluxdata:masterfrom
Scalingo:inputs/nsq/tls
Oct 23, 2018
Merged

Add support for TLS configuration in NSQ input to reach HTTPS nsqd endpoints#3903
danielnelson merged 4 commits intoinfluxdata:masterfrom
Scalingo:inputs/nsq/tls

Conversation

@Soulou
Copy link
Contributor

@Soulou Soulou commented Mar 19, 2018
edited
Loading

Required for all PRs:

  • Signed CLA.
  • Associated README.md updated.
  • Has appropriate unit tests.

@danielnelson danielnelson added this to the 1.6.0 milestone Mar 19, 2018
@danielnelson danielnelson added the feat Improvement on an existing feature such as adding a new setting/mode to an existing plugin label Mar 19, 2018
danielnelson
danielnelson reviewed Mar 28, 2018
View reviewed changes
plugins/inputs/nsq/nsq.go
})
if err != nil {
return fmt.Errorf("fail to build tls config: %v", err)
}
Copy link
Contributor

@danielnelson danielnelson Mar 28, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is going to act a little strange if the tls.Config isn't created succesfully, because the second time Gather is called it will not return an error here. You may want to look at the nginx input for a good example.

plugins/inputs/nsq/nsq.go Outdated

var tr = &http.Transport{
ResponseHeaderTimeout: time.Duration(3 * time.Second),
func (n *NSQ) buildTLSConfig() (*tls.Config, error) {
Copy link
Contributor

@danielnelson danielnelson Mar 28, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use internal.GetTLSConfig to do this: https://github.com/influxdata/telegraf/blob/master/internal/internal.go#L118

plugins/inputs/nsq/nsq.go Outdated
func (n *NSQ) getHttpClient() *http.Client {
n.httpClientOnce.Do(func() {
tr := &http.Transport{
ResponseHeaderTimeout: time.Duration(3 * time.Second),
Copy link
Contributor

@danielnelson danielnelson Mar 28, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you remove the ResponseHeaderTimeout and only use the Timeout on http.Client?

@danielnelson danielnelson modified the milestones: 1.6.0, 1.7.0 Mar 28, 2018
@danielnelson danielnelson modified the milestones: 1.7.0, 1.8.0 Jun 3, 2018
@glinton
Copy link
Contributor

glinton commented Aug 14, 2018

@Soulou do you have time to address the changes requested by Daniel?

@Soulou
Copy link
Contributor Author

Soulou commented Aug 17, 2018

My apologies for the delay, @glinton. I'm going to do them before the end of August

@glinton
Copy link
Contributor

glinton commented Sep 7, 2018

Sorry to pester you @Soulou, but just looking for an update. Thanks

@danielnelson danielnelson modified the milestones: 1.8.0, 1.9.0 Sep 11, 2018
Soulou added 3 commits October 16, 2018 18:35
@Soulou
Add support for TLS configuration in NSQ input to reach HTTPS nsqd en…
1cbf1e4 
…dpoints

Goal: A completely secure NSQ doesn't have any HTTP endpoint, but only
HTTPS, often with x509 client authentication. This PR aims at
configuring the HTTP client to correctly connects to nsqd

Choices: TLS configuration build is only done once, and the first
`Gather()` will return an error, if configuration is invalid, then it
will be silent. The HTTP client is only built once, to limit allocations
@Soulou
Update nsq inputs tests
aace5d8
@Soulou
Finally correctly configure TLS configuration for nsq input
8b0f188
@Soulou
Copy link
Contributor Author

Soulou commented Oct 16, 2018
edited
Loading

Rebased and updated, really sorry for the delay @glinton

@glinton glinton self-requested a review October 17, 2018 17:30
@danielnelson danielnelson merged commit 1227904 into influxdata:master Oct 23, 2018
otherpirate pushed a commit to otherpirate/telegraf that referenced this pull request Mar 15, 2019
@Soulou @otherpirate
Add support for TLS configuration in NSQ input (influxdata#3903)
bf5a302
otherpirate pushed a commit to otherpirate/telegraf that referenced this pull request Mar 15, 2019
@Soulou @otherpirate
Add support for TLS configuration in NSQ input (influxdata#3903)
da593de
dupondje pushed a commit to dupondje/telegraf that referenced this pull request Apr 22, 2019
@Soulou
Add support for TLS configuration in NSQ input (influxdata#3903)
12c79a8
athoune pushed a commit to bearstech/telegraf that referenced this pull request Apr 17, 2020
@Soulou
Add support for TLS configuration in NSQ input (influxdata#3903)
b43b4fc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@danielnelson danielnelson danielnelson left review comments

@glinton glinton glinton approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

feat Improvement on an existing feature such as adding a new setting/mode to an existing plugin

Projects

None yet

Milestone

1.9.0

Development

Successfully merging this pull request may close these issues.

4 participants

@Soulou @glinton @danielnelson @russorat