Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mysql module add ssl connection support #5610

Merged
merged 3 commits into from Mar 12, 2019

Conversation

@ilyam8
Copy link
Member

ilyam8 commented Mar 12, 2019

Summary

Fixes: #5608

Add ssl connection support to MySQLService

python-mysqlclient connection

        :param dict ssl:                                                                            
            dictionary or mapping contains SSL connection parameters;                               
            see the MySQL documentation for more details                                            
            (mysql_ssl_set()).  If this is set, and the client does not                             
            support SSL, NotSupportedError will be raised.

SSL connection parameters:

  • key: The path name of the client private key file.
  • cert: The path name of the client public key certificate file.
  • ca: The path name of the Certificate Authority (CA) certificate file. This option, if used, must specify the same certificate used by the server.
  • capath: The path name of the directory that contains trusted SSL CA certificate files.
  • cipher: The list of permitted ciphers for SSL encryption.
Component Name

collectors/python.d.plugin/python_modules/bases/FrameworkServices/MySQLService


@woosley please test it

tcp:
  name     : 'local'
  user     : 'user'
  pass     : 'pass'
  host     : 'localhost'
  port     : '3306'
  ssl:
    key:   'path/to/key'
    cert:  'path/to/cet'
    ca:    'path/to/ca'
@woosley

This comment has been minimized.

Copy link
Contributor

woosley commented Mar 12, 2019

I only tested the case with ca configured, it seems other options are optional, and it works with MySQL-python in my case, but not pymysql. Pymysql complains about certificate not matching, maybe because I used a wildcard certificate.

python is 2.7.5 and os is centos7.5, all packages are installed via yum.
I would say the patch is ready even with the issue I mentioned above

@ilyam8

This comment has been minimized.

Copy link
Member Author

ilyam8 commented Mar 12, 2019

but not pymysql. Pymysql complains about certificate not matching, maybe because I used a wildcard certificate.

i checked and pymysql has same syntax, but it may not support capath and cipher, it depends on version.

@ilyam8 ilyam8 marked this pull request as ready for review Mar 12, 2019
@ilyam8 ilyam8 requested review from cakrit and ktsaou as code owners Mar 12, 2019
@cakrit
cakrit approved these changes Mar 12, 2019
@ilyam8 ilyam8 merged commit d6d7cb5 into netdata:master Mar 12, 2019
12 checks passed
12 checks passed
Header rules - netdata No header rules processed
Details
Pages changed - netdata 2 new files uploaded
Details
Redirect rules - netdata No redirect rules processed
Details
Codacy/PR Quality Review Up to standards. A positive pull request.
Details
LGTM analysis: C/C++ No code changes detected
Details
LGTM analysis: JavaScript No code changes detected
Details
LGTM analysis: Python No new or fixed alerts
Details
Mixed content - netdata No mixed content detected
Details
Travis CI - Pull Request Build Passed
Details
WIP Ready for review
Details
license/cla Contributor License Agreement is signed.
Details
netlify/netdata/deploy-preview Deploy preview ready!
Details
@ilyam8 ilyam8 deleted the ilyam8:mysql_ssl branch Mar 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.