From cb259116b4ad5f03d07ef85cec6f6b714ca7c17f Mon Sep 17 00:00:00 2001 From: Aliaksandr Valialkin Date: Thu, 7 Mar 2024 01:21:59 +0200 Subject: [PATCH] lib/promauth: set the Host header to tlsServerName if itsn't empty If tlsServerName isn't empty, then it is likely the https request is sent to IP instead of hostname. In this case the request will fail, since Go automatically sets the Host header to the IP instead of the desired hostname at tlsServerName. So set the Host header to tlsServerName if itsn't empty. Updates https://github.com/VictoriaMetrics/VictoriaMetrics/pull/5802 --- docs/CHANGELOG.md | 1 + lib/promauth/config.go | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 75848f576..ebf69ed5a 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -45,6 +45,7 @@ See also [LTS releases](https://docs.victoriametrics.com/lts-releases/). * FEATURE: [stream aggregation](https://docs.victoriametrics.com/stream-aggregation/): add [increase_prometheus](https://docs.victoriametrics.com/stream-aggregation/#increase_prometheus) and [total_prometheus](https://docs.victoriametrics.com/stream-aggregation/#total_prometheus) outputs, which can be used for `increase` and `total` aggregations when the first sample of every new [time series](https://docs.victoriametrics.com/keyconcepts/#time-series) must be ignored. * FEATURE: [stream aggregation](https://docs.victoriametrics.com/stream-aggregation/): expose `vm_streamaggr_flush_timeouts_total` and `vm_streamaggr_dedup_flush_timeouts_total` [counters](https://docs.victoriametrics.com/keyconcepts/#counter) at [`/metrics` page](https://docs.victoriametrics.com/#monitoring), which can be used for detecting flush timeouts for stream aggregation states. Expose also `vm_streamaggr_flush_duration_seconds` and `vm_streamaggr_dedup_flush_duration_seconds` [histograms](https://docs.victoriametrics.com/keyconcepts/#histogram) for monitoring the real flush durations of stream aggregation states. * FEATURE: [vmui](https://docs.victoriametrics.com/#vmui): improve trace display for better visual separation of branches. See [this pull request](https://github.com/VictoriaMetrics/VictoriaMetrics/pull/5926). +* FEATURE: [vmagent](https://docs.victoriametrics.com/vmagent.html): use the provided `-remoteWrite.tlsServerName` as `Host` header in requests to `-remoteWrite.url`. This allows sending data to https remote storage by IP address instead of hostname. Thanks to @minor-fixes for initial idea and [the pull request](https://github.com/VictoriaMetrics/VictoriaMetrics/pull/5802). * BUGFIX: do not drop `match[]` filter at [`/api/v1/series`](https://docs.victoriametrics.com/url-examples/#apiv1series) if `-search.ignoreExtraFiltersAtLabelsAPI` command-line flag is set, since this broke the `/api/v1/series` requests. diff --git a/lib/promauth/config.go b/lib/promauth/config.go index 4fafb3d7a..29996883d 100644 --- a/lib/promauth/config.go +++ b/lib/promauth/config.go @@ -327,6 +327,12 @@ func (ac *Config) HeadersNoAuthString() string { // SetHeaders sets the configured ac headers to req. func (ac *Config) SetHeaders(req *http.Request, setAuthHeader bool) error { + if ac.tlsServerName != "" { + // It tlsServerName is set, then it is likely the request is performed via IP address instead of hostname. + // In this case users expect that the specified tlsServerName is used as a Host header in the request to https server. + // See https://github.com/VictoriaMetrics/VictoriaMetrics/pull/5802 + req.Host = ac.tlsServerName + } reqHeaders := req.Header for _, h := range ac.headers { reqHeaders.Set(h.key, h.value)