Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support tls in syslog #2399

Merged
merged 4 commits into from May 17, 2019
Merged

Support tls in syslog #2399

merged 4 commits into from May 17, 2019

Conversation

ganmacs
Copy link
Member

@ganmacs ganmacs commented Apr 25, 2019

Which issue(s) this PR fixes:

none

What this PR does / why we need it:

support tls for in_syslog

Docs Changes:

needed. I'll change docs.

Release Note:

same as title

@ganmacs
Use server plugin's config_param
179dcf6 
protocol_type have been deprecated param

Signed-off-by: Yuta Iwama <ganmacs@gmail.com>
@ganmacs
change server title
cee9aef 
Signed-off-by: Yuta Iwama <ganmacs@gmail.com>
@ganmacs ganmacs requested a review from repeatedly April 25, 2019 08:54
@repeatedly
Copy link
Member

All test failed. Could you check it?

repeatedly
repeatedly reviewed Apr 26, 2019
View reviewed changes
lib/fluent/plugin/in_syslog.rb Outdated
@@ -74,7 +74,7 @@ class SyslogInput < Input
desc 'The prefix of the tag. The tag itself is generated by the tag prefix, facility level, and priority.'
config_param :tag, :string
desc 'The transport protocol used to receive logs.(udp, tcp)'
config_param :protocol_type, :enum, list: [:tcp, :udp], default: :udp
config_param :protocol_type, :enum, list: [:tcp, :udp], default: nil
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For deprecated parameter, use deprecated:

repeatedly
repeatedly reviewed Apr 26, 2019
View reviewed changes
lib/fluent/plugin/in_syslog.rb
log.info "listening syslog socket on #{@bind}:#{@port} with #{@protocol_type}"
case @protocol_type
log.info "listening syslog socket on #{@bind}:#{@port} with #{@protocol_type || @transport_config.protocol}"
case @protocol_type || @transport_config.protocol
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Default @transport_config.protocol is tcp. Change default to udp.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good catch 🙏
f23566a

@ganmacs
Use deprecated option of config_param
50f4ab3 
Signed-off-by: Yuta Iwama <ganmacs@gmail.com>
cosmo0920
cosmo0920 reviewed May 7, 2019
View reviewed changes
Copy link
Contributor

@cosmo0920 cosmo0920 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added a nitpicks comment.

lib/fluent/plugin/in_syslog.rb Outdated
@@ -107,6 +107,11 @@ class SyslogInput < Input
config_param :with_priority, :bool, default: true
end

# overwrite server plugin to change default to :udp
config_section :transport, required: false, multi: false, init: true, param_name: :transport_config do
config_argument :protocol, :enum, list: [:tcp, :tls], default: :udp
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we use the following line?

config_argument :protocol, :enum, list: [:tcp, :udp, :tls], default: :udp

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right. Thank you. bf319e9

@ganmacs
overwrite default value
bf319e9 
Signed-off-by: Yuta Iwama <ganmacs@gmail.com>
@repeatedly
Copy link
Member

repeatedly commented May 17, 2019
edited

I confirmed this works with rsyslog. See configuration example.

  • fluentd conf
<source>
  @type syslog
  port 5140
  bind 0.0.0.0
  <transport tls>
    ca_path /etc/pki/ca.pem
    cert_path /etc/pki/cert.pem
    private_key_path /etc/pki/key.pem
    private_key_passphrase PASSPHRASE
  </transport>
  tag system
</source>

<match system.**>
  @type stdout
</match>
  • rsyslog conf
$DefaultNetstreamDriverCAFile /etc/pki/ca.pem
$DefaultNetstreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode anon
*.* @@127.0.0.1:5140

@repeatedly repeatedly merged commit 3ac6966 into fluent:master May 17, 2019
@ganmacs ganmacs deleted the support-tls-in-syslog branch May 17, 2019 05:03
@ganmacs ganmacs mentioned this pull request Jul 1, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@repeatedly repeatedly repeatedly left review comments

@cosmo0920 cosmo0920 cosmo0920 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ganmacs @repeatedly @cosmo0920