You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@skywalking.apache.org by ke...@apache.org on 2021/04/13 23:28:34 UTC
[skywalking-nodejs] branch master updated: added secure connection
option (#48)
This is an automated email from the ASF dual-hosted git repository.
kezhenxu94 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/skywalking-nodejs.git
The following commit(s) were added to refs/heads/master by this push:
new 7a5c054 added secure connection option (#48)
7a5c054 is described below
commit 7a5c05495b217b09db2671e86f1d936a0f543d92
Author: Tomasz Pytel <to...@gmail.com>
AuthorDate: Tue Apr 13 20:28:22 2021 -0300
added secure connection option (#48)
---
README.md | 1 +
src/agent/protocol/grpc/clients/HeartbeatClient.ts | 8 +++++---
src/agent/protocol/grpc/clients/TraceReportClient.ts | 2 +-
src/config/AgentConfig.ts | 2 ++
4 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/README.md b/README.md
index a78aac3..1ff9800 100644
--- a/README.md
+++ b/README.md
@@ -53,6 +53,7 @@ Environment Variable | Description | Default
| `SW_AGENT_NAME` | The name of the service | `your-nodejs-service` |
| `SW_AGENT_INSTANCE` | The name of the service instance | Randomly generated |
| `SW_AGENT_COLLECTOR_BACKEND_SERVICES` | The backend OAP server address | `127.0.0.1:11800` |
+| `SW_AGENT_SECURE` | Whether to use secure connection to backend OAP server | `false` |
| `SW_AGENT_AUTHENTICATION` | The authentication token to verify that the agent is trusted by the backend OAP, as for how to configure the backend, refer to [the yaml](https://github.com/apache/skywalking/blob/4f0f39ffccdc9b41049903cc540b8904f7c9728e/oap-server/server-bootstrap/src/main/resources/application.yml#L155-L158). | not set |
| `SW_AGENT_LOGGING_LEVEL` | The logging level, could be one of `error`, `warn`, `info`, `debug` | `info` |
| `SW_AGENT_DISABLE_PLUGINS` | Comma-delimited list of plugins to disable in the plugins directory (e.g. "mysql", "express"). | `` |
diff --git a/src/agent/protocol/grpc/clients/HeartbeatClient.ts b/src/agent/protocol/grpc/clients/HeartbeatClient.ts
index 660d620..55d00d9 100755
--- a/src/agent/protocol/grpc/clients/HeartbeatClient.ts
+++ b/src/agent/protocol/grpc/clients/HeartbeatClient.ts
@@ -37,9 +37,11 @@ export default class HeartbeatClient implements Client {
private heartbeatTimer?: NodeJS.Timeout;
constructor() {
- this.managementServiceClient = new ManagementServiceClient(config.collectorAddress, grpc.credentials.createInsecure(), {
- interceptors: [AuthInterceptor],
- });
+ this.managementServiceClient = new ManagementServiceClient(
+ config.collectorAddress,
+ config.secure ? grpc.credentials.createSsl() : grpc.credentials.createInsecure(),
+ { interceptors: [AuthInterceptor] },
+ );
}
get isConnected(): boolean {
diff --git a/src/agent/protocol/grpc/clients/TraceReportClient.ts b/src/agent/protocol/grpc/clients/TraceReportClient.ts
index fcc7fd8..79b19bc 100755
--- a/src/agent/protocol/grpc/clients/TraceReportClient.ts
+++ b/src/agent/protocol/grpc/clients/TraceReportClient.ts
@@ -40,7 +40,7 @@ export default class TraceReportClient implements Client {
this.buffer = new Buffer();
this.reporterClient = new TraceSegmentReportServiceClient(
config.collectorAddress,
- grpc.credentials.createInsecure(),
+ config.secure ? grpc.credentials.createSsl() : grpc.credentials.createInsecure(),
{ interceptors: [AuthInterceptor] },
);
emitter.on('segment-finished', (segment) => {
diff --git a/src/config/AgentConfig.ts b/src/config/AgentConfig.ts
index c92afea..eb74b0d 100644
--- a/src/config/AgentConfig.ts
+++ b/src/config/AgentConfig.ts
@@ -23,6 +23,7 @@ export type AgentConfig = {
serviceName?: string;
serviceInstance?: string;
collectorAddress?: string;
+ secure?: boolean;
authorization?: string;
maxBufferSize?: number;
disablePlugins?: string;
@@ -62,6 +63,7 @@ export default {
return os.hostname();
})(),
collectorAddress: process.env.SW_AGENT_COLLECTOR_BACKEND_SERVICES || '127.0.0.1:11800',
+ secure: process.env.SW_AGENT_SECURE?.toLocaleLowerCase() === 'true',
authorization: process.env.SW_AGENT_AUTHENTICATION,
maxBufferSize: Number.isSafeInteger(process.env.SW_AGENT_MAX_BUFFER_SIZE) ?
Number.parseInt(process.env.SW_AGENT_MAX_BUFFER_SIZE as string, 10) : 1000,