From bb664a7b0747f0167945e92b60c20c6db690378a Mon Sep 17 00:00:00 2001 From: Andrew Wilkins Date: Fri, 19 Feb 2021 21:28:06 +0800 Subject: [PATCH 1/5] Add dataset_is_prefix field to manifest files (#4653) (#4835) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Juan Álvarez --- apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml | 1 + apmpackage/apm/0.1.0/data_stream/error_logs/manifest.yml | 1 + apmpackage/apm/0.1.0/data_stream/internal_metrics/manifest.yml | 1 + apmpackage/apm/0.1.0/data_stream/profile_metrics/manifest.yml | 1 + apmpackage/apm/0.1.0/data_stream/traces/manifest.yml | 1 + 5 files changed, 5 insertions(+) diff --git a/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml b/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml index b105a387173..edb07df5033 100644 --- a/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml +++ b/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml @@ -1,4 +1,5 @@ title: APM application metrics type: metrics dataset: apm +dataset_is_prefix: true ilm_policy: metrics-apm.app_metrics-default_policy diff --git a/apmpackage/apm/0.1.0/data_stream/error_logs/manifest.yml b/apmpackage/apm/0.1.0/data_stream/error_logs/manifest.yml index 8c7df729177..daac375b186 100644 --- a/apmpackage/apm/0.1.0/data_stream/error_logs/manifest.yml +++ b/apmpackage/apm/0.1.0/data_stream/error_logs/manifest.yml @@ -1,4 +1,5 @@ title: APM logs and errors type: logs dataset: apm.error +dataset_is_prefix: true ilm_policy: logs-apm.error_logs-default_policy diff --git a/apmpackage/apm/0.1.0/data_stream/internal_metrics/manifest.yml b/apmpackage/apm/0.1.0/data_stream/internal_metrics/manifest.yml index fcc5fd31d5d..f092bd7a76c 100644 --- a/apmpackage/apm/0.1.0/data_stream/internal_metrics/manifest.yml +++ b/apmpackage/apm/0.1.0/data_stream/internal_metrics/manifest.yml @@ -1,4 +1,5 @@ title: APM internal metrics type: metrics dataset: apm.internal +dataset_is_prefix: true ilm_policy: metrics-apm.internal_metrics-default_policy diff --git a/apmpackage/apm/0.1.0/data_stream/profile_metrics/manifest.yml b/apmpackage/apm/0.1.0/data_stream/profile_metrics/manifest.yml index b7e811bd0f7..dca66b4314e 100644 --- a/apmpackage/apm/0.1.0/data_stream/profile_metrics/manifest.yml +++ b/apmpackage/apm/0.1.0/data_stream/profile_metrics/manifest.yml @@ -1,4 +1,5 @@ title: APM profiles type: metrics dataset: apm.profiling +dataset_is_prefix: true ilm_policy: metrics-apm.profile_metrics-default_policy diff --git a/apmpackage/apm/0.1.0/data_stream/traces/manifest.yml b/apmpackage/apm/0.1.0/data_stream/traces/manifest.yml index bd7ac2b9cd4..9aa497471e0 100644 --- a/apmpackage/apm/0.1.0/data_stream/traces/manifest.yml +++ b/apmpackage/apm/0.1.0/data_stream/traces/manifest.yml @@ -1,4 +1,5 @@ title: APM traces type: traces dataset: apm +dataset_is_prefix: true ilm_policy: traces-apm.traces-default_policy From 33291ecd2cedb9b35d3c9b82395e5ee0b03358b0 Mon Sep 17 00:00:00 2001 From: Andrew Wilkins Date: Fri, 19 Feb 2021 21:29:00 +0800 Subject: [PATCH 2/5] processor/otel: add unit test for span status (#4734) (#4833) --- processor/otel/consumer_test.go | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/processor/otel/consumer_test.go b/processor/otel/consumer_test.go index f4c26bc76a1..76f4cc8de49 100644 --- a/processor/otel/consumer_test.go +++ b/processor/otel/consumer_test.go @@ -69,6 +69,38 @@ func TestConsumer_ConsumeTraces_Empty(t *testing.T) { assert.NoError(t, consumer.ConsumeTraces(context.Background(), traces)) } +func TestOutcome(t *testing.T) { + test := func(t *testing.T, expectedOutcome, expectedResult string, statusCode pdata.StatusCode) { + t.Helper() + + traces, spans := newTracesSpans() + otelSpan1 := pdata.NewSpan() + otelSpan1.SetTraceID(pdata.NewTraceID([16]byte{1})) + otelSpan1.SetSpanID(pdata.NewSpanID([8]byte{2})) + otelSpan1.Status().SetCode(statusCode) + otelSpan2 := pdata.NewSpan() + otelSpan2.SetTraceID(pdata.NewTraceID([16]byte{1})) + otelSpan2.SetSpanID(pdata.NewSpanID([8]byte{2})) + otelSpan2.SetParentSpanID(pdata.NewSpanID([8]byte{3})) + otelSpan2.Status().SetCode(statusCode) + + spans.Spans().Append(otelSpan1) + spans.Spans().Append(otelSpan2) + events := transformTraces(t, traces) + require.Len(t, events, 2) + + tx := events[0].(*model.Transaction) + span := events[1].(*model.Span) + assert.Equal(t, expectedOutcome, tx.Outcome) + assert.Equal(t, expectedResult, tx.Result) + assert.Equal(t, expectedOutcome, span.Outcome) + } + + test(t, "unknown", "", pdata.StatusCodeUnset) + test(t, "success", "Success", pdata.StatusCodeOk) + test(t, "failure", "Error", pdata.StatusCodeError) +} + func TestHTTPTransactionURL(t *testing.T) { test := func(t *testing.T, expected *model.URL, attrs map[string]pdata.AttributeValue) { t.Helper() From 43d4bf241e08bc672901f9bf0599963e62873c81 Mon Sep 17 00:00:00 2001 From: Andrew Wilkins Date: Fri, 19 Feb 2021 21:37:38 +0800 Subject: [PATCH 3/5] Wire kibana config from fleet (#4670) (#4839) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Adds kibana and sourcemap api keys to package # Conflicts: # apmpackage/apm/0.1.0/agent/input/template.yml.hbs # apmpackage/apm/0.1.0/manifest.yml # changelogs/head.asciidoc # kibana/connecting_client.go Co-authored-by: Juan Álvarez --- .../apm/0.1.0/_dev/docs/README.template.md | 3 +- apmpackage/apm/0.1.0/docs/README.md | 3 +- beater/api/config/agent/handler_test.go | 2 +- beater/api/mux.go | 2 +- beater/beater.go | 16 ++++++++-- beater/config/config.go | 9 +++--- beater/config/integration.go | 6 ++++ beater/config/rum.go | 13 ++++++-- beater/config/rum_test.go | 22 +++++++++++++ beater/jaeger/server.go | 2 +- beater/server.go | 2 +- cmd/apikey.go | 6 ++-- go.sum | 3 ++ kibana/connecting_client.go | 30 +++++++++++++----- kibana/connecting_client_test.go | 31 +++++++++++++++++-- 15 files changed, 122 insertions(+), 28 deletions(-) diff --git a/apmpackage/apm/0.1.0/_dev/docs/README.template.md b/apmpackage/apm/0.1.0/_dev/docs/README.template.md index 3d38d5df247..8623202ba5b 100644 --- a/apmpackage/apm/0.1.0/_dev/docs/README.template.md +++ b/apmpackage/apm/0.1.0/_dev/docs/README.template.md @@ -66,7 +66,8 @@ IMPORTANT: If you run APM Server with Elastic Agent manually in standalone mode, - `Host`: APM Server host and port to listen on. - `Secret token`: Authorization token for sending data to APM Server. See the [documentation](https://www.elastic.co/guide/en/apm/server/current/configuration-rum.html) for details. - `Enable RUM`: Enables support for RUM monitoring. See the [documentation](https://www.elastic.co/guide/en/apm/server/current/configuration-rum.html) for details. - +- `API Key for Central Configuration`: Gives privileges for APM Agent central configuration. See the [documentation](https://www.elastic.co/guide/en/kibana/master/agent-configuration.html) +- `API Key for Sourcemaps`: Gives priveleges to read sourcemaps. See the [documentation](https://www.elastic.co/guide/en/apm/agent/rum-js/current/sourcemap.html). ## Traces diff --git a/apmpackage/apm/0.1.0/docs/README.md b/apmpackage/apm/0.1.0/docs/README.md index 97924c34b0e..4fe97f62e63 100644 --- a/apmpackage/apm/0.1.0/docs/README.md +++ b/apmpackage/apm/0.1.0/docs/README.md @@ -66,7 +66,8 @@ IMPORTANT: If you run APM Server with Elastic Agent manually in standalone mode, - `Host`: APM Server host and port to listen on. - `Secret token`: Authorization token for sending data to APM Server. See the [documentation](https://www.elastic.co/guide/en/apm/server/current/configuration-rum.html) for details. - `Enable RUM`: Enables support for RUM monitoring. See the [documentation](https://www.elastic.co/guide/en/apm/server/current/configuration-rum.html) for details. - +- `API Key for Central Configuration`: Gives privileges for APM Agent central configuration. See the [documentation](https://www.elastic.co/guide/en/kibana/master/agent-configuration.html) +- `API Key for Sourcemaps`: Gives priveleges to read sourcemaps. See the [documentation](https://www.elastic.co/guide/en/apm/agent/rum-js/current/sourcemap.html). ## Traces diff --git a/beater/api/config/agent/handler_test.go b/beater/api/config/agent/handler_test.go index cbfe03613f1..6f6883994ec 100644 --- a/beater/api/config/agent/handler_test.go +++ b/beater/api/config/agent/handler_test.go @@ -355,7 +355,7 @@ func TestIfNoneMatch(t *testing.T) { } func TestAgentConfigTraceContext(t *testing.T) { - kibanaCfg := libkibana.DefaultClientConfig() + kibanaCfg := config.KibanaConfig{Enabled: true, ClientConfig: libkibana.DefaultClientConfig()} kibanaCfg.Host = "testKibana:12345" client := kibana.NewConnectingClient(&kibanaCfg) handler := Handler(client, &config.AgentConfig{Cache: &config.Cache{Expiration: 5 * time.Minute}}) diff --git a/beater/api/mux.go b/beater/api/mux.go index df57278a7b5..cf236ee85bf 100644 --- a/beater/api/mux.go +++ b/beater/api/mux.go @@ -168,7 +168,7 @@ type middlewareFunc func(*config.Config, *authorization.Handler, map[request.Res func agentConfigHandler(cfg *config.Config, authHandler *authorization.Handler, middlewareFunc middlewareFunc) (request.Handler, error) { var client kibana.Client if cfg.Kibana.Enabled { - client = kibana.NewConnectingClient(&cfg.Kibana.ClientConfig) + client = kibana.NewConnectingClient(&cfg.Kibana) } h := agent.Handler(client, cfg.AgentConfig) msg := "Agent remote configuration is disabled. " + diff --git a/beater/beater.go b/beater/beater.go index 3f3cf67686b..c9de6beb85c 100644 --- a/beater/beater.go +++ b/beater/beater.go @@ -25,6 +25,8 @@ import ( "sync" "time" + "github.com/elastic/beats/v7/libbeat/kibana" + "github.com/pkg/errors" "go.elastic.co/apm" "golang.org/x/sync/errgroup" @@ -184,6 +186,7 @@ func (bt *beater) start(ctx context.Context, cancelContext context.CancelFunc, b inputs.Stop() } reload.Register.MustRegisterList("inputs", inputs) + } else { // Management disabled, use statically defined config. s, err := newServerRunner(ctx, serverRunnerParams{ @@ -236,6 +239,7 @@ func (s *serverCreator) Create(p beat.PipelineConnector, rawConfig *common.Confi sharedServerRunnerParams: s.args, Namespace: namespace, Pipeline: p, + KibanaConfig: &integrationConfig.Fleet.Kibana, RawConfig: apmServerCommonConfig, }) } @@ -268,9 +272,10 @@ type serverRunner struct { type serverRunnerParams struct { sharedServerRunnerParams - Namespace string - Pipeline beat.PipelineConnector - RawConfig *common.Config + Namespace string + Pipeline beat.PipelineConnector + KibanaConfig *kibana.ClientConfig + RawConfig *common.Config } type sharedServerRunnerParams struct { @@ -287,6 +292,11 @@ func newServerRunner(ctx context.Context, args serverRunnerParams) (*serverRunne if err != nil { return nil, err } + + if cfg.DataStreams.Enabled && args.KibanaConfig != nil { + cfg.Kibana.ClientConfig = *args.KibanaConfig + } + runServerContext, cancel := context.WithCancel(ctx) return &serverRunner{ backgroundContext: ctx, diff --git a/beater/config/config.go b/beater/config/config.go index 8ff68759c68..69b0c61f114 100644 --- a/beater/config/config.go +++ b/beater/config/config.go @@ -40,17 +40,18 @@ const ( ) type KibanaConfig struct { - Enabled bool `config:"enabled"` + Enabled bool `config:"enabled"` + APIKey string `config:"api_key"` kibana.ClientConfig `config:",inline"` } func (k *KibanaConfig) Unpack(cfg *common.Config) error { - if err := cfg.Unpack(&k.ClientConfig); err != nil { + type kibanaConfig KibanaConfig + if err := cfg.Unpack((*kibanaConfig)(k)); err != nil { return err } k.Enabled = cfg.Enabled() k.Host = strings.TrimRight(k.Host, "/") - return nil } @@ -119,7 +120,7 @@ func NewConfig(ucfg *common.Config, outputESCfg *common.Config) (*Config, error) return nil, errors.New(msgInvalidConfigAgentCfg) } - if err := c.RumConfig.setup(logger, outputESCfg); err != nil { + if err := c.RumConfig.setup(logger, c.DataStreams.Enabled, outputESCfg); err != nil { return nil, err } diff --git a/beater/config/integration.go b/beater/config/integration.go index 78d80dc7a3f..99c5c321e15 100644 --- a/beater/config/integration.go +++ b/beater/config/integration.go @@ -21,6 +21,7 @@ import ( "errors" "github.com/elastic/beats/v7/libbeat/common" + "github.com/elastic/beats/v7/libbeat/kibana" ) func NewIntegrationConfig(rootConfig *common.Config) (*IntegrationConfig, error) { @@ -48,6 +49,7 @@ type IntegrationConfig struct { Meta *Meta `config:"meta"` DataStream *DataStream `config:"data_stream"` APMServer *common.Config `config:"apm-server"` + Fleet Fleet `config:"fleet"` } type DataStream struct { @@ -62,3 +64,7 @@ type Package struct { Name string `config:"name"` Version string `config:"version"` } + +type Fleet struct { + Kibana kibana.ClientConfig `config:"kibana"` +} diff --git a/beater/config/rum.go b/beater/config/rum.go index 4b74f3fb5ee..3a2a4458301 100644 --- a/beater/config/rum.go +++ b/beater/config/rum.go @@ -76,7 +76,7 @@ func (s *SourceMapping) IsEnabled() bool { return s == nil || s.Enabled == nil || *s.Enabled } -func (c *RumConfig) setup(log *logp.Logger, outputESCfg *common.Config) error { +func (c *RumConfig) setup(log *logp.Logger, dataStreamsEnabled bool, outputESCfg *common.Config) error { if !c.IsEnabled() { return nil } @@ -88,8 +88,14 @@ func (c *RumConfig) setup(log *logp.Logger, outputESCfg *common.Config) error { return errors.Wrapf(err, "Invalid regex for `exclude_from_grouping`: ") } + var apiKey string if c.SourceMapping == nil || c.SourceMapping.esConfigured { - return nil + if dataStreamsEnabled { + // when running under Fleet, the only setting configured is the api key + apiKey = c.SourceMapping.ESConfig.APIKey + } else { + return nil + } } // fall back to elasticsearch output configuration for sourcemap storage if possible @@ -101,6 +107,9 @@ func (c *RumConfig) setup(log *logp.Logger, outputESCfg *common.Config) error { if err := outputESCfg.Unpack(c.SourceMapping.ESConfig); err != nil { return errors.Wrap(err, "unpacking Elasticsearch config into Sourcemap config") } + if c.SourceMapping.ESConfig.APIKey == "" { + c.SourceMapping.ESConfig.APIKey = apiKey + } return nil } diff --git a/beater/config/rum_test.go b/beater/config/rum_test.go index bb098108679..09db7dae6b8 100644 --- a/beater/config/rum_test.go +++ b/beater/config/rum_test.go @@ -20,6 +20,12 @@ package config import ( "testing" + "github.com/stretchr/testify/require" + + "github.com/elastic/apm-server/elasticsearch" + "github.com/elastic/beats/v7/libbeat/common" + "github.com/elastic/beats/v7/libbeat/logp" + "github.com/stretchr/testify/assert" ) @@ -37,6 +43,22 @@ func TestIsRumEnabled(t *testing.T) { } } +func TestRumSetup(t *testing.T) { + rum := defaultRum() + rum.SourceMapping.esConfigured = true + rum.Enabled = &rum.SourceMapping.esConfigured + rum.SourceMapping.ESConfig = &elasticsearch.Config{APIKey: "id:apikey"} + esCfg := common.MustNewConfigFrom(map[string]interface{}{ + "hosts": []interface{}{"cloud:9200"}, + }) + + err := rum.setup(logp.NewLogger("test"), true, esCfg) + + require.NoError(t, err) + assert.Equal(t, elasticsearch.Hosts{"cloud:9200"}, rum.SourceMapping.ESConfig.Hosts) + assert.Equal(t, "id:apikey", rum.SourceMapping.ESConfig.APIKey) +} + func TestDefaultRum(t *testing.T) { c := DefaultConfig() assert.Equal(t, defaultRum(), c.RumConfig) diff --git a/beater/jaeger/server.go b/beater/jaeger/server.go index eb3856f74ff..d22c34692e2 100644 --- a/beater/jaeger/server.go +++ b/beater/jaeger/server.go @@ -102,7 +102,7 @@ func NewServer(logger *logp.Logger, cfg *config.Config, tracer *apm.Tracer, repo var client kibana.Client var fetcher *agentcfg.Fetcher if cfg.Kibana.Enabled { - client = kibana.NewConnectingClient(&cfg.Kibana.ClientConfig) + client = kibana.NewConnectingClient(&cfg.Kibana) fetcher = agentcfg.NewFetcher(client, cfg.AgentConfig.Cache.Expiration) } RegisterGRPCServices( diff --git a/beater/server.go b/beater/server.go index e3cf1f6139d..344ae4d7fba 100644 --- a/beater/server.go +++ b/beater/server.go @@ -138,7 +138,7 @@ func newGRPCServer( var kibanaClient kibana.Client var agentcfgFetcher *agentcfg.Fetcher if cfg.Kibana.Enabled { - kibanaClient = kibana.NewConnectingClient(&cfg.Kibana.ClientConfig) + kibanaClient = kibana.NewConnectingClient(&cfg.Kibana) agentcfgFetcher = agentcfg.NewFetcher(kibanaClient, cfg.AgentConfig.Cache.Expiration) } jaeger.RegisterGRPCServices(srv, authBuilder, jaeger.ElasticAuthTag, logger, reporter, kibanaClient, agentcfgFetcher) diff --git a/cmd/apikey.go b/cmd/apikey.go index 49aab1e346c..f337e5c13d6 100644 --- a/cmd/apikey.go +++ b/cmd/apikey.go @@ -49,9 +49,9 @@ func genApikeyCmd(settings instance.Settings) *cobra.Command { apikeyCmd := cobra.Command{ Use: "apikey", Short: short, - Long: short + `. -Most operations require the "manage_api_key" cluster privilege. Ensure to configure "apm-server.api_key.*" or -"output.elasticsearch.*" appropriately. APM Server will create security privileges for the "apm" application; + Long: short + `. +Most operations require the "manage_api_key" cluster privilege. Ensure to configure "apm-server.api_key.*" or +"output.elasticsearch.*" appropriately. APM Server will create security privileges for the "apm" application; you can freely query them. If you modify or delete apm privileges, APM Server might reject all requests. Check the Elastic Security API documentation for details.`, } diff --git a/go.sum b/go.sum index 584f58a6499..c8e691f84a4 100644 --- a/go.sum +++ b/go.sum @@ -190,6 +190,7 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k= github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= +github.com/blakesmith/ar v0.0.0-20150311145944-8bd4349a67f2 h1:oMCHnXa6CCCafdPDbMh/lWRhRByN0VFLvv+g+ayx1SI= github.com/blakesmith/ar v0.0.0-20150311145944-8bd4349a67f2/go.mod h1:PkYb9DJNAwrSvRx5DYA+gUcOIgTGVMNkfSCbZM8cWpI= github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= @@ -200,7 +201,9 @@ github.com/bsm/sarama-cluster v2.1.13+incompatible/go.mod h1:r7ao+4tTNXvWm+VRpRJ github.com/bsm/sarama-cluster v2.1.14-0.20180625083203-7e67d87a6b3f+incompatible/go.mod h1:r7ao+4tTNXvWm+VRpRJchr2kQhqxgmAp2iEX5W96gMM= github.com/c-bata/go-prompt v0.2.2/go.mod h1:VzqtzE2ksDBcdln8G7mk2RX9QyGjH+OVqOCSiVIqS34= github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ= +github.com/cavaliercoder/badio v0.0.0-20160213150051-ce5280129e9e h1:YYUjy5BRwO5zPtfk+aa2gw255FIIoi93zMmuy19o0bc= github.com/cavaliercoder/badio v0.0.0-20160213150051-ce5280129e9e/go.mod h1:V284PjgVwSk4ETmz84rpu9ehpGg7swlIH8npP9k2bGw= +github.com/cavaliercoder/go-rpm v0.0.0-20190131055624-7a9c54e3d83e h1:Gbx+iVCXG/1m5WSnidDGuHgN+vbIwl+6fR092ANU+Y8= github.com/cavaliercoder/go-rpm v0.0.0-20190131055624-7a9c54e3d83e/go.mod h1:AZIh1CCnMrcVm6afFf96PBvE2MRpWFco91z8ObJtgDY= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= diff --git a/kibana/connecting_client.go b/kibana/connecting_client.go index 73233f1240a..8c827d31680 100644 --- a/kibana/connecting_client.go +++ b/kibana/connecting_client.go @@ -19,22 +19,24 @@ package kibana import ( "context" + "encoding/base64" + "errors" "io" "net/http" "net/url" "sync" "time" - "github.com/pkg/errors" + "github.com/elastic/apm-server/beater/config" + + "go.elastic.co/apm" + "go.elastic.co/apm/module/apmhttp" "github.com/elastic/beats/v7/libbeat/common" "github.com/elastic/beats/v7/libbeat/common/backoff" "github.com/elastic/beats/v7/libbeat/kibana" "github.com/elastic/beats/v7/libbeat/logp" - "go.elastic.co/apm" - "go.elastic.co/apm/module/apmhttp" - logs "github.com/elastic/apm-server/log" ) @@ -59,12 +61,12 @@ type Client interface { type ConnectingClient struct { m sync.RWMutex client *kibana.Client - cfg *kibana.ClientConfig + cfg *config.KibanaConfig } // NewConnectingClient returns instance of ConnectingClient and starts a background routine trying to connect // to configured Kibana instance, using JitterBackoff for establishing connection. -func NewConnectingClient(cfg *kibana.ClientConfig) Client { +func NewConnectingClient(cfg *config.KibanaConfig) Client { c := &ConnectingClient{cfg: cfg} go func() { log := logp.NewLogger(logs.Kibana) @@ -125,7 +127,7 @@ func (c *ConnectingClient) SupportsVersion(ctx context.Context, v *common.Versio if !retry || upToDate { return upToDate, nil } - client, err := kibana.NewClientWithConfig(c.cfg) + client, err := kibana.NewClientWithConfig(c.clientConfig()) if err != nil { log.Errorf("failed to obtain connection to Kibana: %s", err.Error()) return upToDate, err @@ -146,11 +148,23 @@ func (c *ConnectingClient) connect() error { if c.client != nil { return nil } - client, err := kibana.NewClientWithConfig(c.cfg) + client, err := kibana.NewClientWithConfig(c.clientConfig()) if err != nil { return err } + if c.cfg.APIKey != "" { + client.Headers["Authorization"] = []string{"ApiKey " + base64.StdEncoding.EncodeToString([]byte(c.cfg.APIKey))} + client.Username = "" + client.Password = "" + } client.HTTP = apmhttp.WrapClient(client.HTTP) c.client = client return nil } + +func (c *ConnectingClient) clientConfig() *kibana.ClientConfig { + if c != nil && c.cfg != nil { + return &c.cfg.ClientConfig + } + return nil +} diff --git a/kibana/connecting_client_test.go b/kibana/connecting_client_test.go index fdd3de86d91..894c845f830 100644 --- a/kibana/connecting_client_test.go +++ b/kibana/connecting_client_test.go @@ -26,6 +26,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/elastic/apm-server/beater/config" + "github.com/elastic/beats/v7/libbeat/common" "github.com/elastic/beats/v7/libbeat/kibana" @@ -39,6 +41,28 @@ func TestNewConnectingClientFrom(t *testing.T) { assert.Equal(t, mockCfg, c.(*ConnectingClient).cfg) } +func TestNewConnectingClientWithAPIKey(t *testing.T) { + cfg := &config.KibanaConfig{ + Enabled: true, + APIKey: "foo-id:bar-apikey", + ClientConfig: kibana.ClientConfig{ + Host: "localhost:5601", + Username: "elastic", + Password: "secret", + IgnoreVersion: true, + }, + } + conn := &ConnectingClient{cfg: cfg} + require.NotNil(t, conn) + err := conn.connect() + require.NoError(t, err) + client := conn.client + require.NotNil(t, client) + assert.Equal(t, "", client.Username) + assert.Equal(t, "", client.Password) + assert.Equal(t, "ApiKey Zm9vLWlkOmJhci1hcGlrZXk=", client.Headers.Get("Authorization")) +} + func TestConnectingClient_Send(t *testing.T) { t.Run("Send", func(t *testing.T) { c := mockClient() @@ -102,8 +126,11 @@ type rt struct { } var ( - mockCfg = &kibana.ClientConfig{ - Host: "non-existing", + mockCfg = &config.KibanaConfig{ + Enabled: true, + ClientConfig: kibana.ClientConfig{ + Host: "non-existing", + }, } mockBody = ioutil.NopCloser(convert.ToReader(`{"response": "ok"}`)) mockStatus = http.StatusOK From 96f7d17b93f1f9cf5c4a9c1a526b37ffb073bca4 Mon Sep 17 00:00:00 2001 From: Andrew Wilkins Date: Fri, 19 Feb 2021 22:29:28 +0800 Subject: [PATCH 4/5] Rename dataset to avoid ambiguous index pattern generation (#4669) (#4837) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit # Conflicts: # apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml Co-authored-by: Juan Álvarez --- .../elasticsearch/ingest_pipeline/default.json | 8 ++++---- apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml | 2 +- model/metricset.go | 2 +- model/metricset_test.go | 4 ++-- .../testIntakeIntegrationMetricsets.approved.json | 4 ++-- .../testIntakeIntegrationMinimalService.approved.json | 2 +- .../testIntakeIntegrationOptionalTimestamps.approved.json | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/apmpackage/apm/0.1.0/data_stream/app_metrics/elasticsearch/ingest_pipeline/default.json b/apmpackage/apm/0.1.0/data_stream/app_metrics/elasticsearch/ingest_pipeline/default.json index e848ed68123..8b89a4886a6 100644 --- a/apmpackage/apm/0.1.0/data_stream/app_metrics/elasticsearch/ingest_pipeline/default.json +++ b/apmpackage/apm/0.1.0/data_stream/app_metrics/elasticsearch/ingest_pipeline/default.json @@ -3,22 +3,22 @@ "processors": [ { "pipeline": { - "name": "metrics-apm-0.1.0-apm_user_agent" + "name": "metrics-apm.app-0.1.0-apm_user_agent" } }, { "pipeline": { - "name": "metrics-apm-0.1.0-apm_user_geo" + "name": "metrics-apm.app-0.1.0-apm_user_geo" } }, { "pipeline": { - "name": "metrics-apm-0.1.0-apm_ingest_timestamp" + "name": "metrics-apm.app-0.1.0-apm_ingest_timestamp" } }, { "pipeline": { - "name": "metrics-apm-0.1.0-apm_remove_span_metadata" + "name": "metrics-apm.app-0.1.0-apm_remove_span_metadata" } } ] diff --git a/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml b/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml index edb07df5033..2f6fc978130 100644 --- a/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml +++ b/apmpackage/apm/0.1.0/data_stream/app_metrics/manifest.yml @@ -1,5 +1,5 @@ title: APM application metrics type: metrics -dataset: apm +dataset: apm.app dataset_is_prefix: true ilm_policy: metrics-apm.app_metrics-default_policy diff --git a/model/metricset.go b/model/metricset.go index 427057bcef1..4a8c94e6b3a 100644 --- a/model/metricset.go +++ b/model/metricset.go @@ -38,7 +38,7 @@ const ( metricsetEventKey = "event" metricsetTransactionKey = "transaction" metricsetSpanKey = "span" - AppMetricsDataset = "apm" + AppMetricsDataset = "apm.app" InternalMetricsDataset = "apm.internal" ) diff --git a/model/metricset_test.go b/model/metricset_test.go index 94952651c2b..79b8bbb87db 100644 --- a/model/metricset_test.go +++ b/model/metricset_test.go @@ -63,7 +63,7 @@ func TestTransform(t *testing.T) { Output: []common.MapStr{ { "data_stream.type": "metrics", - "data_stream.dataset": "apm", + "data_stream.dataset": "apm.app", "processor": common.MapStr{"event": "metric", "name": "metric"}, "service": common.MapStr{ "name": "myservice", @@ -91,7 +91,7 @@ func TestTransform(t *testing.T) { Output: []common.MapStr{ { "data_stream.type": "metrics", - "data_stream.dataset": "apm", + "data_stream.dataset": "apm.app", "processor": common.MapStr{"event": "metric", "name": "metric"}, "service": common.MapStr{"name": "myservice"}, "labels": common.MapStr{"a_b": "a.b.value"}, diff --git a/processor/stream/test_approved_es_documents/testIntakeIntegrationMetricsets.approved.json b/processor/stream/test_approved_es_documents/testIntakeIntegrationMetricsets.approved.json index 3f63c1aea3b..ca9c0d4fe7b 100644 --- a/processor/stream/test_approved_es_documents/testIntakeIntegrationMetricsets.approved.json +++ b/processor/stream/test_approved_es_documents/testIntakeIntegrationMetricsets.approved.json @@ -99,7 +99,7 @@ "name": "elastic-node", "version": "3.14.0" }, - "data_stream.dataset": "apm", + "data_stream.dataset": "apm.app", "data_stream.type": "metrics", "go": { "memstats": { @@ -145,7 +145,7 @@ "name": "elastic-node", "version": "3.14.0" }, - "data_stream.dataset": "apm", + "data_stream.dataset": "apm.app", "data_stream.type": "metrics", "host": { "ip": "192.0.0.1" diff --git a/processor/stream/test_approved_es_documents/testIntakeIntegrationMinimalService.approved.json b/processor/stream/test_approved_es_documents/testIntakeIntegrationMinimalService.approved.json index 8e288c89924..36770bde9be 100644 --- a/processor/stream/test_approved_es_documents/testIntakeIntegrationMinimalService.approved.json +++ b/processor/stream/test_approved_es_documents/testIntakeIntegrationMinimalService.approved.json @@ -6,7 +6,7 @@ "name": "elastic-node", "version": "3.14.0" }, - "data_stream.dataset": "apm", + "data_stream.dataset": "apm.app", "data_stream.type": "metrics", "go": { "memstats": { diff --git a/processor/stream/test_approved_es_documents/testIntakeIntegrationOptionalTimestamps.approved.json b/processor/stream/test_approved_es_documents/testIntakeIntegrationOptionalTimestamps.approved.json index 1de26b78e7b..db7425b4784 100644 --- a/processor/stream/test_approved_es_documents/testIntakeIntegrationOptionalTimestamps.approved.json +++ b/processor/stream/test_approved_es_documents/testIntakeIntegrationOptionalTimestamps.approved.json @@ -165,7 +165,7 @@ "name": "elastic-node", "version": "3.14.0" }, - "data_stream.dataset": "apm", + "data_stream.dataset": "apm.app", "data_stream.type": "metrics", "host": { "architecture": "x64", From 49449e626b2957b46f193b89bbb92261a81394cf Mon Sep 17 00:00:00 2001 From: Brandon Morelli Date: Fri, 19 Feb 2021 11:29:16 -0800 Subject: [PATCH 5/5] docs: Add PHP agent information to shared docs (#4740) (#4844) Co-authored-by: Sergey Kleyman Co-authored-by: Sergey Kleyman --- docs/getting-started-apm-server.asciidoc | 3 +- .../guide/agent-server-compatibility.asciidoc | 20 +++-- docs/guide/apm-data-model.asciidoc | 6 +- docs/guide/apm-doc-directory.asciidoc | 3 +- docs/guide/distributed-tracing.asciidoc | 2 +- docs/guide/opentracing.asciidoc | 2 +- docs/guide/trace-sampling.asciidoc | 1 + docs/guide/troubleshooting.asciidoc | 1 + docs/secure-communication-agents.asciidoc | 83 ++++++++++--------- docs/ssl-input.asciidoc | 23 ++--- .../distributed-trace-receive-widget.asciidoc | 18 ++++ .../distributed-trace-receive.asciidoc | 32 +++++++ .../distributed-trace-send-widget.asciidoc | 18 ++++ .../distributed-trace-send.asciidoc | 19 +++++ .../install-agents-widget.asciidoc | 18 ++++ docs/tab-widgets/install-agents.asciidoc | 61 +++++++++++++- docs/troubleshooting.asciidoc | 1 + docs/version.asciidoc | 14 ++-- 18 files changed, 253 insertions(+), 72 deletions(-) diff --git a/docs/getting-started-apm-server.asciidoc b/docs/getting-started-apm-server.asciidoc index 83e47e45d2b..f737d232034 100644 --- a/docs/getting-started-apm-server.asciidoc +++ b/docs/getting-started-apm-server.asciidoc @@ -352,11 +352,12 @@ If you haven't already, you can now install APM Agents in your services! * {apm-java-ref-v}/intro.html[Java agent] * {apm-dotnet-ref-v}/intro.html[.NET agent] * {apm-node-ref-v}/intro.html[Node.js agent] +* {apm-php-ref-v}/intro.html[PHP agent] * {apm-py-ref-v}/getting-started.html[Python agent] * {apm-ruby-ref-v}/introduction.html[Ruby agent] * {apm-rum-ref-v}/intro.html[JavaScript Real User Monitoring (RUM) agent] -Once you have at least one Agent sending data to APM Server, +Once you have at least one APM agent sending data to APM Server, you can start visualizing your data in the {kibana-ref}/xpack-apm.html[APM app]. If you're migrating from Jaeger, see <>. diff --git a/docs/guide/agent-server-compatibility.asciidoc b/docs/guide/agent-server-compatibility.asciidoc index 5c73fe14cd2..a3e59d1dce4 100644 --- a/docs/guide/agent-server-compatibility.asciidoc +++ b/docs/guide/agent-server-compatibility.asciidoc @@ -5,39 +5,43 @@ The chart below outlines the compatibility between different versions of the APM [options="header"] |==== -|Agent |Agent Version |APM Server Version +|Agent |Agent version |APM Server version // Go -.1+|**Go Agent** +.1+|**Go agent** |`1.x` |≥ `6.5` // Java -.1+|**Java Agent** +.1+|**Java agent** |`1.x`|≥ `6.5` // .NET -.1+|**.NET Agent** +.1+|**.NET agent** |`1.x` |≥ `6.5` // Node -.3+|**Node.js Agent** +.3+|**Node.js agent** |`1.x` |`6.2`-`6.x` |`2.x` |≥ `6.5` |`3.x` |≥ `6.6` +// PHP +.1+|**PHP agent** +|`1.x` |≥ `7.0` + // Python -.3+|**Python Agent** +.3+|**Python agent** |`2.x`, `3.x` |`6.2`-`6.x` |`4.x` |≥ `6.5` |`5.x` |≥ `6.6` // Ruby -.3+|**Ruby Agent** +.3+|**Ruby agent** |`1.x` |`6.4`-`6.x` |`2.x` |≥ `6.5` |`3.x` |≥ `6.5` // RUM -.4+|**JavaScript RUM Agent** +.4+|**JavaScript RUM agent** |`0.x` |`6.3`-`6.4` |`1.x` |`6.4` |`2.x`, `3.x`, `4.x` |≥ `6.5` diff --git a/docs/guide/apm-data-model.asciidoc b/docs/guide/apm-data-model.asciidoc index 589f6f45683..2744943b78f 100644 --- a/docs/guide/apm-data-model.asciidoc +++ b/docs/guide/apm-data-model.asciidoc @@ -53,6 +53,7 @@ To configure the number of spans recorded per transaction, see the relevant Agen * Java: {apm-java-ref-v}/config-core.html#config-transaction-max-spans[`transaction_max_spans`] * .NET: {apm-dotnet-ref-v}/config-core.html#config-transaction-max-spans[`TransactionMaxSpans`] * Node.js: {apm-node-ref-v}/configuration.html#transaction-max-spans[`transactionMaxSpans`] +* PHP: {apm-php-ref-v}/configuration-reference.html#config-transaction-max-spans[`transaction_max_spans`] * Python: {apm-py-ref-v}/configuration.html#config-transaction-max-spans[`transaction_max_spans`] * Ruby: {apm-ruby-ref-v}/configuration.html#config-transaction-max-spans[`transaction_max_spans`] @@ -206,9 +207,10 @@ Defining too many unique fields in an index is a condition that can lead to a ===== Agent API reference * Go: {apm-go-ref-v}/api.html#context-set-label[`SetLabel`] -* Java: {apm-java-ref-v}/public-api.html#api-transaction-add-tag[`addLabel`] +* Java: {apm-java-ref-v}/public-api.html#api-transaction-add-tag[`setLabel`] * .NET: {apm-dotnet-ref-v}/public-api.html#api-transaction-tags[`Labels`] * Node.js: {apm-node-ref-v}/agent-api.html#apm-set-label[`setLabel`] | {apm-node-ref-v}/agent-api.html#apm-add-labels[`addLabels`] +* PHP: {apm-php-ref}/public-api.html#api-transaction-interface-set-label[`Transaction` `setLabel`] | {apm-php-ref}/public-api.html#api-span-interface-set-label[`Span` `setLabel`] * Python: {apm-py-ref-v}/api.html#api-label[`elasticapm.label()`] * Ruby: {apm-ruby-ref-v}/api.html#api-agent-set-label[`set_label`] * Rum: {apm-rum-ref-v}/agent-api.html#apm-add-labels[`addLabels`] @@ -241,6 +243,7 @@ IMPORTANT: Setting a circular object, a large object, or a non JSON serializable * Java: {apm-java-ref-v}/public-api.html#api-transaction-add-custom-context[`addCustomContext`] * .NET: _coming soon_ * Node.js: {apm-node-ref-v}/agent-api.html#apm-set-custom-context[`setCustomContext`] +* PHP: _coming soon_ * Python: {apm-py-ref-v}/api.html#api-set-custom-context[`set_custom_context`] * Ruby: {apm-ruby-ref-v}/api.html#api-agent-set-custom-context[`set_custom_context`] * Rum: {apm-rum-ref-v}/agent-api.html#apm-set-custom-context[`setCustomContext`] @@ -265,6 +268,7 @@ Indexed means the data is searchable and aggregatable in Elasticsearch. * Java: {apm-java-ref-v}/public-api.html#api-transaction-set-user[`setUser`] * .NET _coming soon_ * Node.js: {apm-node-ref-v}/agent-api.html#apm-set-user-context[`setUserContext`] +* PHP: _coming soon_ * Python: {apm-py-ref-v}/api.html#api-set-user-context[`set_user_context`] * Ruby: {apm-ruby-ref-v}/api.html#api-agent-set-user[`set_user`] * Rum: {apm-rum-ref-v}/agent-api.html#apm-set-user-context[`setUserContext`] diff --git a/docs/guide/apm-doc-directory.asciidoc b/docs/guide/apm-doc-directory.asciidoc index 43b983cfd01..8bd54eeef4b 100644 --- a/docs/guide/apm-doc-directory.asciidoc +++ b/docs/guide/apm-doc-directory.asciidoc @@ -20,8 +20,7 @@ Each agent has its own documentation: * {apm-java-ref-v}/intro.html[Java agent] * {apm-dotnet-ref-v}/intro.html[.NET agent] * {apm-node-ref-v}/intro.html[Node.js agent] -// Uncomment PHP Agent when ready -// * {apm-php-ref}/intro.html[PHP agent] +* {apm-php-ref-v}/intro.html[PHP agent] * {apm-py-ref-v}/getting-started.html[Python agent] * {apm-ruby-ref-v}/introduction.html[Ruby agent] * {apm-rum-ref-v}/intro.html[JavaScript Real User Monitoring (RUM) agent] diff --git a/docs/guide/distributed-tracing.asciidoc b/docs/guide/distributed-tracing.asciidoc index d84bd420e0a..15e44200dec 100644 --- a/docs/guide/distributed-tracing.asciidoc +++ b/docs/guide/distributed-tracing.asciidoc @@ -103,7 +103,7 @@ include::../tab-widgets/distributed-trace-send-widget.asciidoc[] -- [float] -==== Add the `traceparent` header to incoming requests +==== Parse the `traceparent` header on incoming requests Receiving services must parse the incoming `traceparent` header, and start a new transaction or span as a child of the received context. diff --git a/docs/guide/opentracing.asciidoc b/docs/guide/opentracing.asciidoc index d87f5baed56..cffdd66001c 100644 --- a/docs/guide/opentracing.asciidoc +++ b/docs/guide/opentracing.asciidoc @@ -16,4 +16,4 @@ Not all features of the OpenTracing API are supported. In addition, there are so * {apm-node-ref-v}/opentracing.html[Node.js agent] * {apm-py-ref-v}/opentracing-bridge.html[Python agent] * {apm-ruby-ref-v}/opentracing.html[Ruby agent] -* {apm-rum-ref-v}/opentracing.html[JavaScript Real User Monitoring (RUM) agent] \ No newline at end of file +* {apm-rum-ref-v}/opentracing.html[JavaScript Real User Monitoring (RUM) agent] diff --git a/docs/guide/trace-sampling.asciidoc b/docs/guide/trace-sampling.asciidoc index 1637b1a1bd6..7d640eb1a7c 100644 --- a/docs/guide/trace-sampling.asciidoc +++ b/docs/guide/trace-sampling.asciidoc @@ -103,5 +103,6 @@ See the relevant agent's documentation for more details: * Java: {apm-java-ref-v}/config-core.html#config-transaction-sample-rate[`transaction_sample_rate`] * .NET: {apm-dotnet-ref-v}/config-core.html#config-transaction-sample-rate[`TransactionSampleRate`] * Node.js: {apm-node-ref-v}/configuration.html#transaction-sample-rate[`transactionSampleRate`] +* PHP: {apm-php-ref-v}/configuration-reference.html#config-transaction-sample-rate[`transaction_sample_rate`] * Python: {apm-py-ref-v}/configuration.html#config-transaction-sample-rate[`transaction_sample_rate`] * Ruby: {apm-ruby-ref-v}/configuration.html#config-transaction-sample-rate[`transaction_sample_rate`] \ No newline at end of file diff --git a/docs/guide/troubleshooting.asciidoc b/docs/guide/troubleshooting.asciidoc index f27b2694ba6..ede02b333f6 100644 --- a/docs/guide/troubleshooting.asciidoc +++ b/docs/guide/troubleshooting.asciidoc @@ -14,6 +14,7 @@ The APM Server, APM app, and each APM agent has a troubleshooting guide: * {apm-go-ref-v}/troubleshooting.html[Go agent troubleshooting] * {apm-java-ref-v}/trouble-shooting.html[Java agent troubleshooting] * {apm-node-ref-v}/troubleshooting.html[Node.js agent troubleshooting] +* {apm-php-ref-v}/troubleshooting.html[PHP agent troubleshooting] * {apm-py-ref-v}/troubleshooting.html[Python agent troubleshooting] * {apm-ruby-ref-v}/debugging.html[Ruby agent troubleshooting] * {apm-rum-ref-v}/troubleshooting.html[RUM troubleshooting] diff --git a/docs/secure-communication-agents.asciidoc b/docs/secure-communication-agents.asciidoc index ad064caa8ac..a2782330526 100644 --- a/docs/secure-communication-agents.asciidoc +++ b/docs/secure-communication-agents.asciidoc @@ -1,5 +1,5 @@ [[secure-communication-agents]] -== Secure communication with APM Agents +== Secure communication with APM agents Communication between APM agents and APM Server can be both encrypted and authenticated. Encryption is achievable through <>. @@ -279,18 +279,18 @@ Authorized for privilege "sourcemap:write"...: Yes [[set-api-key]] [float] -=== Set the API key in your APM Agents +=== Set the API key in your APM agents -You can now apply your newly created API keys in the configuration of each of your APM Agents. -See the relevant Agent documentation for additional information: +You can now apply your newly created API keys in the configuration of each of your APM agents. +See the relevant agent documentation for additional information: -* *Go Agent*: {apm-go-ref}/configuration.html#config-api-key[`ELASTIC_APM_API_KEY`] -* *.NET Agent*: {apm-dotnet-ref}/config-reporter.html#config-api-key[`ApiKey`] -* *Java Agent*: {apm-java-ref}/config-reporter.html#config-api-key[`api_key`] -* *Python Agent*: {apm-py-ref}/configuration.html#config-api-key[`api_key`] -* *Ruby Agent*: {apm-ruby-ref}/configuration.html#config-api-key[`api_key`] -// No issue or docs yet -// * *Node.js Agent*: {apm-node-ref}/configuration.html[`api_key`] +* *Go agent*: {apm-go-ref}/configuration.html#config-api-key[`ELASTIC_APM_API_KEY`] +* *.NET agent*: {apm-dotnet-ref}/config-reporter.html#config-api-key[`ApiKey`] +* *Java agent*: {apm-java-ref}/config-reporter.html#config-api-key[`api_key`] +* *Node.js agent*: {apm-node-ref}/configuration.html#api-key[`apiKey`] +* *PHP agent*: {apm-php-ref-v}/configuration-reference.html#config-api-key[`api_key`] +* *Python agent*: {apm-py-ref}/configuration.html#config-api-key[`api_key`] +* *Ruby agent*: {apm-ruby-ref}/configuration.html#config-api-key[`api_key`] [[api-key-settings]] === `api_key.*` configuration options @@ -436,11 +436,11 @@ Both the agents and the APM servers have to be configured with the same secret t NOTE: Secret tokens are sent as plain-text, so they only provide security when used in combination with <>. -To secure the communication between APM Agents and the APM Server with a secret token: +To secure the communication between APM agents and the APM Server with a secret token: . Make sure <> is enabled -. <> -. <> +. <> +. <> NOTE: Secret tokens are not applicable for the RUM Agent, as there is no way to prevent them from being publicly exposed. @@ -460,43 +460,52 @@ apm-server.secret_token: We recommend saving the token in the APM Server <>. -IMPORTANT: Secret tokens are not applicable for the RUM Agent, +IMPORTANT: Secret tokens are not applicable for the RUM agent, as there is no way to prevent them from being publicly exposed. **Agent specific configuration** Each Agent has a configuration for setting the value of the secret token: -* *Go Agent*: {apm-go-ref}/configuration.html#config-secret-token[`ELASTIC_APM_SECRET_TOKEN`] -* *Java Agent*: {apm-java-ref}/config-reporter.html#config-secret-token[`secret_token`] -* *.NET Agent*: {apm-dotnet-ref}/config-reporter.html#config-secret-token[`ELASTIC_APM_SECRET_TOKEN`] -* *Node.js Agent*: {apm-node-ref}/configuration.html#secret-token[`Secret Token`] -* *Python Agent*: {apm-py-ref}/configuration.html#config-secret-token[`secret_token`] -* *Ruby Agent*: {apm-ruby-ref}/configuration.html#config-secret-token[`secret_token`] +* *Go agent*: {apm-go-ref}/configuration.html#config-secret-token[`ELASTIC_APM_SECRET_TOKEN`] +* *Java agent*: {apm-java-ref}/config-reporter.html#config-secret-token[`secret_token`] +* *.NET agent*: {apm-dotnet-ref}/config-reporter.html#config-secret-token[`ELASTIC_APM_SECRET_TOKEN`] +* *Node.js agent*: {apm-node-ref}/configuration.html#secret-token[`Secret Token`] +* *PHP agent*: {apm-php-ref-v}/configuration-reference.html#config-secret-token[`secret_token`] +* *Python agent*: {apm-py-ref}/configuration.html#config-secret-token[`secret_token`] +* *Ruby agent*: {apm-ruby-ref}/configuration.html#config-secret-token[`secret_token`] [[https-in-agents]] [float] -=== HTTPS communication in APM Agents +=== HTTPS communication in APM agents -To enable secure communication in your Agents, you need to update the configured server URL to use `HTTPS` instead of `HTTP`. +To enable secure communication in your agents, you need to update the configured server URL to use `HTTPS` instead of `HTTP`. -* *Go Agent*: {apm-go-ref}/configuration.html#config-server-url[`ELASTIC_APM_SERVER_URL`] -* *Java Agent*: {apm-java-ref}/config-reporter.html#config-server-urls[`server_urls`] -* *.NET Agent*: {apm-dotnet-ref}/config-reporter.html#config-server-url[`ServerUrl`] -* *Node.js Agent*: {apm-node-ref}/configuration.html#server-url[`serverUrl`] -* *Python Agent*: {apm-py-ref}/[`server_url`] -* *Ruby Agent*: {apm-ruby-ref}/configuration.html#config-server-url[`server_url`] +* *Go agent*: {apm-go-ref}/configuration.html#config-server-url[`ELASTIC_APM_SERVER_URL`] +* *Java agent*: {apm-java-ref}/config-reporter.html#config-server-urls[`server_urls`] +* *.NET agent*: {apm-dotnet-ref}/config-reporter.html#config-server-url[`ServerUrl`] +* *Node.js agent*: {apm-node-ref}/configuration.html#server-url[`serverUrl`] +* *PHP agent*: {apm-php-ref-v}/configuration-reference.html#config-server-url[`server_url`] +* *Python agent*: {apm-py-ref}/[`server_url`] +* *Ruby agent*: {apm-ruby-ref}/configuration.html#config-server-url[`server_url`] -Some Agents also allow you to specify a custom certificate authority for connecting to APM Server. +Some agents also allow you to specify a custom certificate authority for connecting to APM Server. -* *Go Agent*: {apm-go-ref}/configuration.html#config-server-cert[`ELASTIC_APM_SERVER_CERT`] -* *Python Agent*: {apm-py-ref}/configuration.html#config-server-cert[`ELASTIC_APM_SERVER_CERT`] -* *Ruby Agent*: {apm-ruby-ref}/configuration.html#config-ssl-ca-cert[`server_ca_certedit`] +* *Go agent*: certificate pinning through {apm-go-ref}/configuration.html#config-server-cert[`ELASTIC_APM_SERVER_CERT`] +* *Python agent*: certificate pinning through {apm-py-ref}/configuration.html#config-server-cert[`server_cert`] +* *Ruby agent*: certificate pinning through {apm-ruby-ref}/configuration.html#config-ssl-ca-cert[`server_ca_cert`] +* *NodeJS agent*: custom CA setting through {apm-node-ref}/configuration.html#server-ca-cert-file[`serverCaCertFile`] +* *Java agent*: adding the certificate to the JVM `trustStore`. +See {apm-java-ref}/ssl-configuration.html#ssl-server-authentication[APM Server authentication] for more details. -Most Agents that don't allow you specify a custom certificate will allow you to +Agents that don't allow you specify a custom certificate will allow you to disable verification of the SSL certificate. This ensures encryption, but does not verify that you are sending data to the correct APM Server. -* *Java Agent*: {apm-java-ref}/config-reporter.html#config-verify-server-cert[`verify_server_cert`] -* *Node.js Agent*: {apm-node-ref}/configuration.html#validate-server-cert[`verifyServerCert`] -* *.NET Agent*: {apm-dotnet-ref}/config-reporter.html#config-verify-server-cert[`VerifyServerCert`] +* *Go agent*: {apm-go-ref}/configuration.html#config-verify-server-cert[`ELASTIC_APM_VERIFY_SERVER_CERT`] +* *.NET agent*: {apm-dotnet-ref}/config-reporter.html#config-verify-server-cert[`VerifyServerCert`] +* *Java agent*: {apm-java-ref}/config-reporter.html#config-verify-server-cert[`verify_server_cert`] +* *PHP agent*: {apm-php-ref-v}/configuration-reference.html#config-verify-server-cert[`verify_server_cert`] +* *Python agent*: {apm-py-ref}/configuration.html#config-verify-server-cert[`verify_server_cert`] +* *Ruby agent*: {apm-ruby-ref}/configuration.html#config-verify-server-cert[`verify_server_cert`] +* *NodeJS agent*: {apm-node-ref}/configuration.html#validate-server-cert[`verifyServerCert`] diff --git a/docs/ssl-input.asciidoc b/docs/ssl-input.asciidoc index 1f2eb28f2ba..46f16137569 100644 --- a/docs/ssl-input.asciidoc +++ b/docs/ssl-input.asciidoc @@ -40,22 +40,23 @@ of the APM Server by authenticating its certificate. When the APM server uses a certificate that is not chained to a publicly-trusted certificate (e.g. self-signed), additional setting will be required on the agent side: -* *Go Agent*: certificate pinning through {apm-go-ref}/configuration.html#config-server-cert[`ELASTIC_APM_SERVER_CERT`] -* *Python Agent*: certificate pinning through {apm-py-ref}/configuration.html#config-server-cert[`server_cert`] -* *Ruby Agent*: certificate pinning through {apm-ruby-ref}/configuration.html#config-ssl-ca-cert[`server_ca_cert`] -* *NodeJS Agent*: custom CA setting through {apm-node-ref}/configuration.html#server-ca-cert-file[`serverCaCertFile`] -* *Java Agent*: adding the certificate to the JVM `trustStore`. +* *Go agent*: certificate pinning through {apm-go-ref}/configuration.html#config-server-cert[`ELASTIC_APM_SERVER_CERT`] +* *Python agent*: certificate pinning through {apm-py-ref}/configuration.html#config-server-cert[`server_cert`] +* *Ruby agent*: certificate pinning through {apm-ruby-ref}/configuration.html#config-ssl-ca-cert[`server_ca_cert`] +* *NodeJS agent*: custom CA setting through {apm-node-ref}/configuration.html#server-ca-cert-file[`serverCaCertFile`] +* *Java agent*: adding the certificate to the JVM `trustStore`. See {apm-java-ref}/ssl-configuration.html#ssl-server-authentication[APM Server authentication] for more details. It is not recommended to disable APM Server authentication, however it is possible through agents configuration: -* *Go Agent*: {apm-go-ref}/configuration.html#config-verify-server-cert[`ELASTIC_APM_VERIFY_SERVER_CERT`] -* *.NET Agent*: {apm-dotnet-ref}/config-reporter.html#config-verify-server-cert[`VerifyServerCert`] -* *Java Agent*: {apm-java-ref}/config-reporter.html#config-verify-server-cert[`verify_server_cert`] -* *Python Agent*: {apm-py-ref}/configuration.html#config-verify-server-cert[`verify_server_cert`] -* *Ruby Agent*: {apm-ruby-ref}/configuration.html#config-verify-server-cert[`verify_server_cert`] -* *NodeJS Agent*: {apm-node-ref}/configuration.html#validate-server-cert[`verifyServerCert`] +* *Go agent*: {apm-go-ref}/configuration.html#config-verify-server-cert[`ELASTIC_APM_VERIFY_SERVER_CERT`] +* *.NET agent*: {apm-dotnet-ref}/config-reporter.html#config-verify-server-cert[`VerifyServerCert`] +* *Java agent*: {apm-java-ref}/config-reporter.html#config-verify-server-cert[`verify_server_cert`] +* *PHP agent*: {apm-php-ref-v}/configuration-reference.html#config-verify-server-cert[`verify_server_cert`] +* *Python agent*: {apm-py-ref}/configuration.html#config-verify-server-cert[`verify_server_cert`] +* *Ruby agent*: {apm-ruby-ref}/configuration.html#config-verify-server-cert[`verify_server_cert`] +* *NodeJS agent*: {apm-node-ref}/configuration.html#validate-server-cert[`verifyServerCert`] [[ssl-client-authentication]] ==== Client certificate authentication diff --git a/docs/tab-widgets/distributed-trace-receive-widget.asciidoc b/docs/tab-widgets/distributed-trace-receive-widget.asciidoc index 89c525c3ae0..80238d3f4ae 100644 --- a/docs/tab-widgets/distributed-trace-receive-widget.asciidoc +++ b/docs/tab-widgets/distributed-trace-receive-widget.asciidoc @@ -30,6 +30,13 @@ tabindex="-1"> Node.js + + +