diff --git a/plugins/inputs/nats_consumer/README.md b/plugins/inputs/nats_consumer/README.md index 739d7c89f..c7e60a1a7 100644 --- a/plugins/inputs/nats_consumer/README.md +++ b/plugins/inputs/nats_consumer/README.md @@ -6,6 +6,10 @@ creates metrics using one of the supported [input data formats][]. A [Queue Group][queue group] is used when subscribing to subjects so multiple instances of telegraf can read from a NATS cluster in parallel. +There are three methods of (optionally) authenticating with NATS: +[username/password][userpass], [a NATS creds file][creds] (NATS 2.0), or +an [nkey seed file][nkey] (NATS 2.0). + ## Service Input This plugin is a service input. Normal plugins gather metrics determined by the @@ -51,13 +55,16 @@ See the [CONFIGURATION.md][CONFIGURATION.md] for more details. ## name a queue group queue_group = "telegraf_consumers" - ## Optional credentials + ## Optional authentication with username and password credentials # username = "" # password = "" - ## Optional NATS 2.0 and NATS NGS compatible user credentials + ## Optional authentication with NATS credentials file (NATS 2.0) # credentials = "/etc/telegraf/nats.creds" + ## Optional authentication with nkey seed file (NATS 2.0) + # nkey_seed = "/etc/telegraf/seed.txt" + ## Use Transport Layer Security # secure = false @@ -95,6 +102,9 @@ See the [CONFIGURATION.md][CONFIGURATION.md] for more details. [nats]: https://www.nats.io/about/ [input data formats]: /docs/DATA_FORMATS_INPUT.md [queue group]: https://www.nats.io/documentation/concepts/nats-queueing/ +[userpass]: https://docs.nats.io/using-nats/developer/connecting/userpass +[creds]: https://docs.nats.io/using-nats/developer/connecting/creds +[nkey]: https://docs.nats.io/using-nats/developer/connecting/nkey ## Metrics diff --git a/plugins/inputs/nats_consumer/nats_consumer.go b/plugins/inputs/nats_consumer/nats_consumer.go index 1811b224e..6be08ed80 100644 --- a/plugins/inputs/nats_consumer/nats_consumer.go +++ b/plugins/inputs/nats_consumer/nats_consumer.go @@ -44,6 +44,7 @@ type natsConsumer struct { Username string `toml:"username"` Password string `toml:"password"` Credentials string `toml:"credentials"` + NkeySeed string `toml:"nkey_seed"` JsSubjects []string `toml:"jetstream_subjects"` tls.ClientConfig @@ -106,6 +107,14 @@ func (n *natsConsumer) Start(acc telegraf.Accumulator) error { options = append(options, nats.UserCredentials(n.Credentials)) } + if n.NkeySeed != "" { + opt, err := nats.NkeyOptionFromSeed(n.NkeySeed) + if err != nil { + return err + } + options = append(options, opt) + } + if n.Secure { tlsConfig, err := n.ClientConfig.TLSConfig() if err != nil { diff --git a/plugins/inputs/nats_consumer/sample.conf b/plugins/inputs/nats_consumer/sample.conf index c0bc2e3c0..cab631c58 100644 --- a/plugins/inputs/nats_consumer/sample.conf +++ b/plugins/inputs/nats_consumer/sample.conf @@ -20,13 +20,16 @@ ## name a queue group queue_group = "telegraf_consumers" - ## Optional credentials + ## Optional authentication with username and password credentials # username = "" # password = "" - ## Optional NATS 2.0 and NATS NGS compatible user credentials + ## Optional authentication with NATS credentials file (NATS 2.0) # credentials = "/etc/telegraf/nats.creds" + ## Optional authentication with nkey seed file (NATS 2.0) + # nkey_seed = "/etc/telegraf/seed.txt" + ## Use Transport Layer Security # secure = false