Skip to content

Commit

Permalink
Support passing bearer token directly in k8s input (influxdata#5295)
Browse files Browse the repository at this point in the history
  • Loading branch information
glinton authored and Mathieu Lecarme committed Apr 17, 2020
1 parent 67deec0 commit 4107303
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 54 deletions.
82 changes: 43 additions & 39 deletions plugins/inputs/kubernetes/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,10 @@ avoid cardinality issues:
## URL for the kubelet
url = "http://127.0.0.1:10255"

## Use bearer token for authorization
# bearer_token = /path/to/bearer/token
## Use bearer token for authorization. ('bearer_token' takes priority)
# bearer_token = "/path/to/bearer/token"
## OR
# bearer_token_string = "abc_123"

## Set response_timeout (default 5 seconds)
# response_timeout = "5s"
Expand All @@ -54,45 +56,45 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
- tags:
- node_name
- fields:
- cpu_usage_nanocores
- cpu_usage_core_nanoseconds
- memory_available_bytes
- memory_usage_bytes
- memory_working_set_bytes
- memory_rss_bytes
- memory_page_faults
- memory_major_page_faults
- network_rx_bytes
- network_rx_errors
- network_tx_bytes
- network_tx_errors
- fs_available_bytes
- fs_capacity_bytes
- fs_used_bytes
- runtime_image_fs_available_bytes
- runtime_image_fs_capacity_bytes
- runtime_image_fs_used_bytes

- kubernetes_pod_container
- cpu_usage_nanocores
- cpu_usage_core_nanoseconds
- memory_available_bytes
- memory_usage_bytes
- memory_working_set_bytes
- memory_rss_bytes
- memory_page_faults
- memory_major_page_faults
- network_rx_bytes
- network_rx_errors
- network_tx_bytes
- network_tx_errors
- fs_available_bytes
- fs_capacity_bytes
- fs_used_bytes
- runtime_image_fs_available_bytes
- runtime_image_fs_capacity_bytes
- runtime_image_fs_used_bytes

+ kubernetes_pod_container
- tags:
- container_name
- namespace
- node_name
- pod_name
- fields:
- cpu_usage_nanocores
- cpu_usage_core_nanoseconds
- memory_usage_bytes
- memory_working_set_bytes
- memory_rss_bytes
- memory_page_faults
- memory_major_page_faults
- rootfs_available_bytes
- rootfs_capacity_bytes
- rootfs_used_bytes
- logsfs_avaialble_bytes
- logsfs_capacity_bytes
- logsfs_used_bytes
- cpu_usage_nanocores
- cpu_usage_core_nanoseconds
- memory_usage_bytes
- memory_working_set_bytes
- memory_rss_bytes
- memory_page_faults
- memory_major_page_faults
- rootfs_available_bytes
- rootfs_capacity_bytes
- rootfs_used_bytes
- logsfs_avaialble_bytes
- logsfs_capacity_bytes
- logsfs_used_bytes

- kubernetes_pod_volume
- tags:
Expand All @@ -105,7 +107,7 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
- capacity_bytes
- used_bytes

- kubernetes_pod_network
+ kubernetes_pod_network
- tags:
- namespace
- node_name
Expand All @@ -119,9 +121,11 @@ Architecture][k8s-telegraf] or view the [Helm charts][tick-charts].
### Example Output

```
kubernetes_pod_container,host=ip-10-0-0-0.ec2.internal,container_name=deis-controller,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr cpu_usage_core_nanoseconds=2432835i,cpu_usage_nanocores=0i,logsfs_avaialble_bytes=121128271872i,logsfs_capacity_bytes=153567944704i,logsfs_used_bytes=20787200i,memory_major_page_faults=0i,memory_page_faults=175i,memory_rss_bytes=0i,memory_usage_bytes=0i,memory_working_set_bytes=0i,rootfs_available_bytes=121128271872i,rootfs_capacity_bytes=153567944704i,rootfs_used_bytes=1110016i 1476477530000000000
kubernetes_pod_volume,host=ip-10-0-0-0.ec2.internal,name=default-token-f7wts,namespace=kube-system,node_name=ip-10-0-0-0.ec2.internal,pod_name=kubernetes-dashboard-v1.1.1-t4x4t available_bytes=8415240192i,capacity_bytes=8415252480i,used_bytes=12288i 1476477530000000000
kubernetes_pod_network,host=ip-10-0-0-0.ec2.internal,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr rx_bytes=120671099i,rx_errors=0i,tx_bytes=102451983i,tx_errors=0i 1476477530000000000
kubernetes_node
kubernetes_pod_container,container_name=deis-controller,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr cpu_usage_core_nanoseconds=2432835i,cpu_usage_nanocores=0i,logsfs_avaialble_bytes=121128271872i,logsfs_capacity_bytes=153567944704i,logsfs_used_bytes=20787200i,memory_major_page_faults=0i,memory_page_faults=175i,memory_rss_bytes=0i,memory_usage_bytes=0i,memory_working_set_bytes=0i,rootfs_available_bytes=121128271872i,rootfs_capacity_bytes=153567944704i,rootfs_used_bytes=1110016i 1476477530000000000
kubernetes_pod_network,namespace=deis,node_name=ip-10-0-0-0.ec2.internal,pod_name=deis-controller-3058870187-xazsr rx_bytes=120671099i,rx_errors=0i,tx_bytes=102451983i,tx_errors=0i 1476477530000000000
kubernetes_pod_volume,volume_name=default-token-f7wts,namespace=default,node_name=ip-172-17-0-1.internal,pod_name=storage-7 available_bytes=8415240192i,capacity_bytes=8415252480i,used_bytes=12288i 1546910783000000000
kubernetes_system_container
```

[metric filtering]: https://github.com/influxdata/telegraf/blob/master/docs/CONFIGURATION.md#metric-filtering
Expand Down
29 changes: 14 additions & 15 deletions plugins/inputs/kubernetes/kubernetes.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"io/ioutil"
"net/http"
"net/url"
"sync"
"strings"
"time"

"github.com/influxdata/telegraf"
Expand All @@ -20,7 +20,8 @@ type Kubernetes struct {
URL string

// Bearer Token authorization file path
BearerToken string `toml:"bearer_token"`
BearerToken string `toml:"bearer_token"`
BearerTokenString string `toml:"bearer_token_string"`

// HTTP Timeout specified as a string - 3s, 1m, 1h
ResponseTimeout internal.Duration
Expand All @@ -32,10 +33,12 @@ type Kubernetes struct {

var sampleConfig = `
## URL for the kubelet
url = "http://1.1.1.1:10255"
url = "http://127.0.0.1:10255"
## Use bearer token for authorization
# bearer_token = /path/to/bearer/token
## Use bearer token for authorization. ('bearer_token' takes priority)
# bearer_token = "/path/to/bearer/token"
## OR
# bearer_token_string = "abc_123"
## Set response_timeout (default 5 seconds)
# response_timeout = "5s"
Expand Down Expand Up @@ -70,13 +73,7 @@ func (k *Kubernetes) Description() string {

//Gather collects kubernetes metrics from a given URL
func (k *Kubernetes) Gather(acc telegraf.Accumulator) error {
var wg sync.WaitGroup
wg.Add(1)
go func(k *Kubernetes) {
defer wg.Done()
acc.AddError(k.gatherSummary(k.URL, acc))
}(k)
wg.Wait()
acc.AddError(k.gatherSummary(k.URL, acc))
return nil
}

Expand All @@ -92,7 +89,6 @@ func buildURL(endpoint string, base string) (*url.URL, error) {
func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) error {
url := fmt.Sprintf("%s/stats/summary", baseURL)
var req, err = http.NewRequest("GET", url, nil)
var token []byte
var resp *http.Response

tlsCfg, err := k.ClientConfig.TLSConfig()
Expand All @@ -113,12 +109,15 @@ func (k *Kubernetes) gatherSummary(baseURL string, acc telegraf.Accumulator) err
}

if k.BearerToken != "" {
token, err = ioutil.ReadFile(k.BearerToken)
token, err := ioutil.ReadFile(k.BearerToken)
if err != nil {
return err
}
req.Header.Set("Authorization", "Bearer "+string(token))
req.Header.Set("Authorization", "Bearer "+strings.TrimSpace(string(token)))
} else if k.BearerTokenString != "" {
req.Header.Set("Authorization", "Bearer "+k.BearerTokenString)
}
req.Header.Add("Accept", "application/json")

resp, err = k.RoundTripper.RoundTrip(req)
if err != nil {
Expand Down

0 comments on commit 4107303

Please sign in to comment.