Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add TLS support #153

Merged
merged 4 commits into from
Feb 13, 2023
Merged

Add TLS support #153

merged 4 commits into from
Feb 13, 2023

Conversation

yeya24
Copy link
Contributor

@yeya24 yeya24 commented Feb 11, 2023
edited

This PR continues the work of @nrhodes91 in #125.

Addressed the review comments in the previous PR and also update the gomemcache package with the required TLS config.

spiraltaap and others added 3 commits February 11, 2023 10:42
@spiraltaap @yeya24
Add TLS support to the memcached exporter
d8c3349 
This is based on the changes in `gomemcache` PR
grobie/gomemcache#2.

The original non-TLS behaviour is unchanged, however when `--tls.enable`
is given, the net connection is created by the `crypto/tls` module
instead of the `net` module.

The PR follows a similar setup to the TLS code in `amtool` and left
cert/key/ca/servername/insecure-skip-verify configurable. The
`ServerName` defaults to the provided address which seems a sensible
default. During testing, verification of the server certificates was
expecting an IP SAN even when a hostname is provided as the connection
address, hence the default.

Signed-off-by: Nick Rhodes <nrhodes91@gmail.com>
@yeya24
address review comments
168fb93 
Signed-off-by: Ben Ye <benye@amazon.com>
@yeya24
replace gomemcache package
c653102 
Signed-off-by: Ben Ye <benye@amazon.com>
matthiasr
matthiasr approved these changes Feb 12, 2023
View reviewed changes
Copy link
Contributor

@matthiasr matthiasr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM although I would prefer if @grobie could merge the TLS support so we don't have to do that replace

@yeya24
Copy link
Contributor Author

yeya24 commented Feb 12, 2023

+1. If @grobie could help review that patch then it would be really appreciated.

@spiraltaap
Copy link
Contributor

I'd forgotten about this; thanks for following up.

@grobie
Copy link
Member

grobie commented Feb 13, 2023

Thanks for bringing this up to my attention @matthiasr. I'm very short on time these days, can take over the rest of the review process here? Thanks.

@SuperQ
Copy link
Member

SuperQ commented Feb 13, 2023

@grobie Can you please transfer the memcached library to the Prometheus org?

@matthiasr
Copy link
Contributor

I think that's a good idea - at least for now. It seems the OG version has woken up recently (but TLS support is still pending, so maybe eventually we can re-merge the two.

matthiasr
matthiasr reviewed Feb 13, 2023
View reviewed changes
go.mod Outdated Show resolved Hide resolved
@yeya24
remove go replace
9bf720c 
Signed-off-by: Ben Ye <benye@amazon.com>
@matthiasr matthiasr merged commit db661ce into prometheus:master Feb 13, 2023
@matthiasr matthiasr mentioned this pull request Feb 13, 2023
Closed
@yeya24 yeya24 deleted the tls-support branch February 13, 2023 11:25
matthiasr added a commit that referenced this pull request Feb 13, 2023
@matthiasr
Mention TLS support for memcached in README
72ed20f 
Follow-up to #153.

Signed-off-by: Matthias Rampke <matthias@prometheus.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthiasr matthiasr matthiasr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@yeya24 @spiraltaap @grobie @SuperQ @matthiasr