Default TLS settings for otlpexporter #2601
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
This PR seeks to address some issues with the configuration of the
otlpexporter
. The motivation for this PR is two-fold.1. Default TLS configuration for https
As it stands, in order to use TLS over gRPC, one must specify TLS Settings requiring acert_file
andkey_file
. This PR proposes that the TLS settings default to using system certificates when the scheme of the endpoint configuration ishttps
. This has also been proposed by @vmihailenco in the opentelemetry-go project: open-telemetry/opentelemetry-go#1584.Update: Turns out this is not true. You do not need to declare a
cert_file
/key_file
. This was my misunderstanding. Communication over https just work. However, I'm still interested in hearing people's thoughts regarding my proposal below for aligning the configuration with the spec and requiring a scheme in the endpoint configuration.2. Align
otlpexporter
endpoint configuration with the specificationFrom the OTLP exporter specification regarding endpoint configuration:
Currently, as I noted in #2539, including a scheme in the endpoint configuration for the
otlpexporter
causes the errortoo many colons in address
upon export. This PR aligns theotlpexporter
with the specification by requiring that endpoint be a valid URL. My understanding is the spec requires this irrespective of what protocol is used - i.e.,http
orgrpc
. It appears the theotlphttpexporter
already requires a valid URL.Question If a scheme is not included in the endpoint configuration an error occurs but only upon export. Does it make sense to:
Link to tracking Issue:
#2539
Testing:
TODO - I will complete test coverage if the direction of this PR is acceptable.
Documentation:
TODO - The TLS Configuration Settings documentation will need to be updated.