archive/netdata_netdata
0
0
Fork 0
mirror of https://github.com/netdata/netdata.git synced 2025-04-24 21:24:12 +00:00
Code Issues Projects Releases Wiki Activity
netdata_netdata/collectors/python.d.plugin/mysql/mysql.conf
Ilya Mashchenko d6d7cb59fe
mysql module add ssl connection support () 
<!--
Describe the change in summary section, including rationale and degin decisions.
Include "Fixes #nnn" if you are fixing an existing issue.

In "Component Name" section write which component is changed in this PR. This
will help us review your PR quicker.

If you have more information you want to add, write them in "Additional
Information" section. This is usually used to help others understand your
motivation behind this change. A step-by-step reproduction of the problem is
helpful if there is no related issue.
-->

##### Summary

Fixes:  

Add ssl connection support to MySQLService

> python-mysqlclient connection

```
        :param dict ssl:                                                                            
            dictionary or mapping contains SSL connection parameters;                               
            see the MySQL documentation for more details                                            
            (mysql_ssl_set()).  If this is set, and the client does not                             
            support SSL, NotSupportedError will be raised.
```

[SSL connection parameters:](https://dev.mysql.com/doc/refman/5.6/en/mysql-ssl-set.html)

 - **key**: The path name of the client private key file.
 - **cert**: The path name of the client public key certificate file.
 - **ca**: The path name of the Certificate Authority (CA) certificate file. This option, if used, must specify the same certificate used by the server.
 - **capath**: The path name of the directory that contains trusted SSL CA certificate files.
 - **cipher**: The list of permitted ciphers for SSL encryption.

##### Component Name

[`collectors/python.d.plugin/python_modules/bases/FrameworkServices/MySQLService`](https://github.com/netdata/netdata/blob/master/collectors/python.d.plugin/python_modules/bases/FrameworkServices/MySQLService.py)

___

@woosley please test it

```yaml
tcp:
  name     : 'local'
  user     : 'user'
  pass     : 'pass'
  host     : 'localhost'
  port     : '3306'
  ssl:
    key:   'path/to/key'
    cert:  'path/to/cet'
    ca:    'path/to/ca'
```
2019-03-12 13:10:04 +03:00

293 lines
7.8 KiB
Text
Raw Blame History

# netdata python.d.plugin configuration for mysql
#
# This file is in YaML format. Generally the format is:
#
# name: value
#
# There are 2 sections:
# - global variables
# - one or more JOBS
#
# JOBS allow you to collect values from multiple sources.
# Each source will have its own set of charts.
#
# JOB parameters have to be indented (using spaces only, example below).
# ----------------------------------------------------------------------
# Global Variables
# These variables set the defaults for all JOBs, however each JOB
# may define its own, overriding the defaults.
# update_every sets the default data collection frequency.
# If unset, the python.d.plugin default is used.
# update_every: 1
# priority controls the order of charts at the netdata dashboard.
# Lower numbers move the charts towards the top of the page.
# If unset, the default for python.d.plugin is used.
# priority: 60000
# penalty indicates whether to apply penalty to update_every in case of failures.
# Penalty will increase every 5 failed updates in a row. Maximum penalty is 10 minutes.
# penalty: yes
# autodetection_retry sets the job re-check interval in seconds.
# The job is not deleted if check fails.
# Attempts to start the job are made once every autodetection_retry.
# This feature is disabled by default.
# autodetection_retry: 0
# ----------------------------------------------------------------------
# JOBS (data collection sources)
#
# The default JOBS share the same *name*. JOBS with the same name
# are mutually exclusive. Only one of them will be allowed running at
# any time. This allows autodetection to try several alternatives and
# pick the one that works.
#
# Any number of jobs is supported.
#
# All python.d.plugin JOBS (for all its modules) support a set of
# predefined parameters. These are:
#
# job_name:
# name: myname # the JOB's name as it will appear at the
# # dashboard (by default is the job_name)
# # JOBs sharing a name are mutually exclusive
# update_every: 1 # the JOB's data collection frequency
# priority: 60000 # the JOB's order on the dashboard
# penalty: yes # the JOB's penalty
# autodetection_retry: 0 # the JOB's re-check interval in seconds
#
# Additionally to the above, mysql also supports the following:
#
# socket: 'path/to/mysql.sock'
#
# or
# host: 'IP or HOSTNAME' # the host to connect to
# port: PORT # the port to connect to
#
# in all cases, the following can also be set:
#
# user: 'username' # the mysql username to use
# pass: 'password' # the mysql password to use
#
# ssl connection parameters
#
# ssl:
# key: 'key' # the path name of the client private key file.
# cert: 'cert' # the path name of the client public key certificate file.
# ca: 'ca' # the path name of the Certificate Authority (CA) certificate file. This option, if used, must specify the same certificate used by the server.
# capath: 'capath' # the path name of the directory that contains trusted SSL CA certificate files.
# cipher: [ciphers] # the list of permitted ciphers for SSL encryption.
# ----------------------------------------------------------------------
# mySQL CONFIGURATION
#
# netdata does not need any privilege - only the ability to connect
# to the mysql server (netdata will not be able to see any data).
#
# Execute these commands to give the local user 'netdata' the ability
# to connect to the mysql server on localhost, without a password:
#
# > create user 'netdata'@'localhost';
# > grant usage on *.* to 'netdata'@'localhost';
# > flush privileges;
#
# with the above statements, netdata will be able to gather mysql
# statistics, without the ability to see or alter any data or affect
# mysql operation in any way. No change is required below.
#
# If you need to monitor mysql replication too, use this instead:
#
# > create user 'netdata'@'localhost';
# > grant replication client on *.* to 'netdata'@'localhost';
# > flush privileges;
#
# ----------------------------------------------------------------------
# AUTO-DETECTION JOBS
# only one of them will run (they have the same name)
mycnf1:
name : 'local'
'my.cnf' : '/etc/my.cnf'
mycnf2:
name : 'local'
'my.cnf' : '/etc/mysql/my.cnf'
debiancnf:
name : 'local'
'my.cnf' : '/etc/mysql/debian.cnf'
socket1:
name : 'local'
# user : ''
# pass : ''
socket : '/var/run/mysqld/mysqld.sock'
socket2:
name : 'local'
# user : ''
# pass : ''
socket : '/var/run/mysqld/mysql.sock'
socket3:
name : 'local'
# user : ''
# pass : ''
socket : '/var/lib/mysql/mysql.sock'
socket4:
name : 'local'
# user : ''
# pass : ''
socket : '/tmp/mysql.sock'
tcp:
name : 'local'
# user : ''
# pass : ''
host : 'localhost'
port : '3306'
# keep in mind port might be ignored by mysql, if host = 'localhost'
# http://serverfault.com/questions/337818/how-to-force-mysql-to-connect-by-tcp-instead-of-a-unix-socket/337844#337844
tcpipv4:
name : 'local'
# user : ''
# pass : ''
host : '127.0.0.1'
port : '3306'
tcpipv6:
name : 'local'
# user : ''
# pass : ''
host : '::1'
port : '3306'
# Now we try the same as above with user: root
# A few systems configure mysql to accept passwordless
# root access.
mycnf1_root:
name : 'local'
user : 'root'
'my.cnf' : '/etc/my.cnf'
mycnf2_root:
name : 'local'
user : 'root'
'my.cnf' : '/etc/mysql/my.cnf'
socket1_root:
name : 'local'
user : 'root'
# pass : ''
socket : '/var/run/mysqld/mysqld.sock'
socket2_root:
name : 'local'
user : 'root'
# pass : ''
socket : '/var/run/mysqld/mysql.sock'
socket3_root:
name : 'local'
user : 'root'
# pass : ''
socket : '/var/lib/mysql/mysql.sock'
socket4_root:
name : 'local'
user : 'root'
# pass : ''
socket : '/tmp/mysql.sock'
tcp_root:
name : 'local'
user : 'root'
# pass : ''
host : 'localhost'
port : '3306'
# keep in mind port might be ignored by mysql, if host = 'localhost'
# http://serverfault.com/questions/337818/how-to-force-mysql-to-connect-by-tcp-instead-of-a-unix-socket/337844#337844
tcpipv4_root:
name : 'local'
user : 'root'
# pass : ''
host : '127.0.0.1'
port : '3306'
tcpipv6_root:
name : 'local'
user : 'root'
# pass : ''
host : '::1'
port : '3306'
# Now we try the same as above with user: netdata
mycnf1_netdata:
name : 'local'
user : 'netdata'
'my.cnf' : '/etc/my.cnf'
mycnf2_netdata:
name : 'local'
user : 'netdata'
'my.cnf' : '/etc/mysql/my.cnf'
socket1_netdata:
name : 'local'
user : 'netdata'
# pass : ''
socket : '/var/run/mysqld/mysqld.sock'
socket2_netdata:
name : 'local'
user : 'netdata'
# pass : ''
socket : '/var/run/mysqld/mysql.sock'
socket3_netdata:
name : 'local'
user : 'netdata'
# pass : ''
socket : '/var/lib/mysql/mysql.sock'
socket4_netdata:
name : 'local'
user : 'netdata'
# pass : ''
socket : '/tmp/mysql.sock'
tcp_netdata:
name : 'local'
user : 'netdata'
# pass : ''
host : 'localhost'
port : '3306'
# keep in mind port might be ignored by mysql, if host = 'localhost'
# http://serverfault.com/questions/337818/how-to-force-mysql-to-connect-by-tcp-instead-of-a-unix-socket/337844#337844
tcpipv4_netdata:
name : 'local'
user : 'netdata'
# pass : ''
host : '127.0.0.1'
port : '3306'
tcpipv6_netdata:
name : 'local'
user : 'netdata'
# pass : ''
host : '::1'
port : '3306'
Reference in a new issue View git blame Copy permalink