github-mirrors/VictoriaMetrics
1
0
Fork 0
mirror of https://github.com/VictoriaMetrics/VictoriaMetrics.git synced 2024-11-21 14:44:00 +00:00
Code Issues Projects Releases Packages Wiki Activity
VictoriaMetrics/lib/promscrape/discovery
History
Zakhar Bessarab b3b29ba6ac
lib/{promauth,promscrape}: automatically refresh root CA certificates after changes on disk (#5725) 
* lib/{promauth,promscrape}: automatically refresh root CA certificates after changes on disk

Added a custom `http.RoundTripper` implementation which checks for root CA content changes and updates `tls.Config` used by `http.RoundTripper` after detecting CA change.

Client certificate changes are not tracked by this implementation since `tls.Config` already supports passing certificate dynamically by overriding `tls.Config.GetClientCertificate`.

This change implements dynamic reload of root CA only for streaming client used for scraping. Blocking client (`fasthttp.HostClient`) does not support using custom transport so can't use this implementation.

See: https://github.com/VictoriaMetrics/VictoriaMetrics/issues/5526

Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>

* lib/promauth/config: update NewRoundTripper API

Update API to allow user to update only parameters required for transport.

Add warning log when reloading Root CA failed.

Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>

* lib/promauth/config: fix mutex acquire logic

Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>

* lib/promauth/config: replace RWMutex with regular mutex to simplify the code

- remove additional mutex used for getRootCABytes - require callee to use mutex
- replace RWMutex with regular mutex

Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>

* lib/promauth/config: refactor

- hold the mutex lock to avoid round tripper being re-created twice
- move recreation logic into separate func to simplify the code

Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>

---------

Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>
Co-authored-by: Nikolay <nik@victoriametrics.com>
2024-04-03 10:01:43 +02:00
..
azure lib/promscrape/discovery: close unused HTTP connections to service discovery servers 2023-07-27 14:48:56 -07:00
consul do not print redundant error logs when failed to scrape consul or no… (#5239) 2023-10-27 13:31:55 +08:00
consulagent lib/promscrape/discovery: close unused HTTP connections to service discovery servers 2023-07-27 14:48:56 -07:00
digitalocean all: consistently use %w instead of %s in when error is passed to fmt.Errorf() 2023-10-25 21:24:03 +02:00
dns lib/promauth: follow-up for e16d3f5639 2023-10-25 23:19:37 +02:00
docker lib/promscrape/discovery: close unused HTTP connections to service discovery servers 2023-07-27 14:48:56 -07:00
dockerswarm lib/promauth: follow-up for e16d3f5639 2023-10-25 23:19:37 +02:00
ec2 Makefile: update golangci-lint from v1.51.2 to v1.54.2 2023-09-01 10:16:42 +02:00
eureka lib/promscrape/discovery: close unused HTTP connections to service discovery servers 2023-07-27 14:48:56 -07:00
gce Makefile: update golangci-lint from v1.51.2 to v1.54.2 2023-09-01 10:16:42 +02:00
hetzner lib/promscrape/discovery/hetzner: follow-up after 03a97dc678 2024-01-20 17:01:53 +02:00
http all: consistently use %w instead of %s in when error is passed to fmt.Errorf() 2023-10-25 21:24:03 +02:00
kubernetes lib/{promauth,promscrape}: automatically refresh root CA certificates after changes on disk (#5725) 2024-04-03 10:01:43 +02:00
kuma lib/promscrape/discovery/kuma: add support for client_id option 2024-02-18 19:19:40 +02:00
nomad do not print redundant error logs when failed to scrape consul or no… (#5239) 2023-10-27 13:31:55 +08:00
openstack lib/{promauth,promscrape}: automatically refresh root CA certificates after changes on disk (#5725) 2024-04-03 10:01:43 +02:00
yandexcloud lib/{promauth,promscrape}: automatically refresh root CA certificates after changes on disk (#5725) 2024-04-03 10:01:43 +02:00