Added cloud.id and cloud.auth config settings (elastic#4964)

* Added cloud.id and cloud.auth config settings This adds two new configuration settings: `cloud.id` and `cloud.auth`. They can be used in the configuration file, or from the CLI like this: ``` ./metricbeat -e -E cloud.id=<cloud-id> -E cloud.auth=<cloud-auth> ``` The ES/KB settings are changed via overwritting, but we display an INFO level message that the settings are changed by the cloud-id. Closes elastic#4959. * goimports fix * aded more tests * added basic docs * changelog * addressed comments * Check that we're not enabling a second output * remove unused var * Addressed comments
leweafan · Aug 23, 2017 · 3d32342 · 3d32342
1 parent 235619a
commit 3d32342
Show file tree

Hide file tree

Showing 19 changed files with 569 additions and 7 deletions.
diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc
@@ -74,6 +74,7 @@ https://github.com/elastic/beats/compare/v6.0.0-beta1...master[Check the HEAD di
 - Update init scripts to use the `test config` subcommand instead of the deprecated `-configtest` flag. {issue}4600[4600]
 - Get by default the credentials for connecting to Kibana from the Elasticsearch output configuration. {pull}4867[4867]
 - Move TCP UDP start up into `server.Start()` {pull}4903[4903]
+- Added `cloud.id` and `cloud.auth` settings, for simplifying using Beats with the Elastic Cloud. {issue}4959[4959]
 
 *Auditbeat*
 

diff --git a/auditbeat/auditbeat.reference.yml b/auditbeat/auditbeat.reference.yml
@@ -175,6 +175,19 @@ auditbeat.modules:
 #processors:
 #- add_docker_metadata: ~
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using auditbeat with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs ======================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/auditbeat/auditbeat.yml b/auditbeat/auditbeat.yml
@@ -59,7 +59,7 @@ auditbeat.modules:
 
 #============================== Kibana =====================================
 
-# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. 
+# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
 # This requires a Kibana endpoint configuration.
 setup.kibana:
 
@@ -69,6 +69,19 @@ setup.kibana:
   # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
   #host: "localhost:5601"
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using auditbeat with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs =====================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/filebeat/filebeat.reference.yml b/filebeat/filebeat.reference.yml
@@ -595,6 +595,19 @@ filebeat.prospectors:
 #processors:
 #- add_docker_metadata: ~
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using filebeat with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs ======================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/filebeat/filebeat.yml b/filebeat/filebeat.yml
@@ -105,7 +105,7 @@ filebeat.config.modules:
 
 #============================== Kibana =====================================
 
-# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. 
+# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
 # This requires a Kibana endpoint configuration.
 setup.kibana:
 
@@ -115,6 +115,19 @@ setup.kibana:
   # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
   #host: "localhost:5601"
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using filebeat with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs =====================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/heartbeat/heartbeat.reference.yml b/heartbeat/heartbeat.reference.yml
@@ -324,6 +324,19 @@ heartbeat.scheduler:
 #processors:
 #- add_docker_metadata: ~
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using heartbeat with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs ======================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/heartbeat/heartbeat.yml b/heartbeat/heartbeat.yml
@@ -52,7 +52,7 @@ heartbeat.monitors:
 
 #============================== Kibana =====================================
 
-# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. 
+# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
 # This requires a Kibana endpoint configuration.
 setup.kibana:
 
@@ -62,6 +62,19 @@ setup.kibana:
   # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
   #host: "localhost:5601"
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using heartbeat with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs =====================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/libbeat/_meta/config.reference.yml b/libbeat/_meta/config.reference.yml
@@ -110,6 +110,19 @@
 #processors:
 #- add_docker_metadata: ~
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using beatname with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs ======================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/libbeat/_meta/config.yml b/libbeat/_meta/config.yml
@@ -29,7 +29,7 @@
 
 #============================== Kibana =====================================
 
-# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. 
+# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
 # This requires a Kibana endpoint configuration.
 setup.kibana:
 
@@ -39,6 +39,19 @@ setup.kibana:
   # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
   #host: "localhost:5601"
 
+#============================= Elastic Cloud ==================================
+
+# These settings simplify using beatname with the Elastic Cloud (https://cloud.elastic.co/).
+
+# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
+# `setup.kibana.host` options.
+# You can find the `cloud.id` in the Elastic Cloud web UI.
+#cloud.id:
+
+# The cloud.auth setting overwrites the `output.elasticsearch.username` and
+# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
+#cloud.auth:
+
 #================================ Outputs =====================================
 
 # Configure what outputs to use when sending the data collected by the beat.

diff --git a/libbeat/cloudid/cloudid.go b/libbeat/cloudid/cloudid.go
@@ -0,0 +1,128 @@
+// package cloudid contains functions for parsing the cloud.id and cloud.auth
+// settings and modifying the configuration to take them into account.
+package cloudid
+
+import (
+	"encoding/base64"
+	"fmt"
+	"net/url"
+	"strings"
+
+	"github.com/pkg/errors"
+
+	"github.com/elastic/beats/libbeat/common"
+	"github.com/elastic/beats/libbeat/logp"
+)
+
+// OverwriteSettings modifies the received config object by overwriting the
+// output.elasticsearch.hosts, output.elasticsearch.username, output.elasticsearch.password,
+// setup.kibana.host settings based on values derived from the cloud.id and cloud.auth
+// settings.
+func OverwriteSettings(cfg *common.Config) error {
+
+	cloudID, _ := cfg.String("cloud.id", -1)
+	cloudAuth, _ := cfg.String("cloud.auth", -1)
+
+	if cloudID == "" && cloudAuth == "" {
+		// nothing to hack
+		return nil
+	}
+
+	logp.Debug("cloudid", "cloud.id: %s, cloud.auth: %s", cloudID, cloudAuth)
+	if cloudID == "" {
+		return errors.New("cloud.auth specified but cloud.id is empty. Please specify both.")
+	}
+
+	// cloudID overwrites
+	esURL, kibanaURL, err := decodeCloudID(cloudID)
+	if err != nil {
+		return errors.Errorf("Error decoding cloud.id: %v", err)
+	}
+
+	logp.Info("Setting Elasticsearch and Kibana URLs based on the cloud id: output.elasticsearch.hosts=%s and setup.kibana.host=%s", esURL, kibanaURL)
+
+	esURLConfig, err := common.NewConfigFrom([]string{esURL})
+	if err != nil {
+		return err
+	}
+
+	// Before enabling the ES output, check that no other output is enabled
+	tmp := struct {
+		Output common.ConfigNamespace `config:"output"`
+	}{}
+	if err := cfg.Unpack(&tmp); err != nil {
+		return err
+	}
+	if out := tmp.Output; out.IsSet() && out.Name() != "elasticsearch" {
+		return errors.Errorf("The cloud.id setting enables the Elasticsearch output, but you already have the %s output enabled in the config", out.Name())
+	}
+
+	err = cfg.SetChild("output.elasticsearch.hosts", -1, esURLConfig)
+	if err != nil {
+		return err
+	}
+
+	err = cfg.SetString("setup.kibana.host", -1, kibanaURL)
+	if err != nil {
+		return err
+	}
+
+	if cloudAuth != "" {
+		// cloudAuth overwrites
+		username, password, err := decodeCloudAuth(cloudAuth)
+		if err != nil {
+			return err
+		}
+
+		err = cfg.SetString("output.elasticsearch.username", -1, username)
+		if err != nil {
+			return err
+		}
+
+		err = cfg.SetString("output.elasticsearch.password", -1, password)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// decodeCloudID decodes the cloud.id into elasticsearch-URL and kibana-URL
+func decodeCloudID(cloudID string) (string, string, error) {
+
+	// 1. Ignore anything before `:`.
+	idx := strings.LastIndex(cloudID, ":")
+	if idx >= 0 {
+		cloudID = cloudID[idx+1:]
+	}
+
+	// 2. base64 decode
+	decoded, err := base64.StdEncoding.DecodeString(cloudID)
+	if err != nil {
+		return "", "", errors.Wrapf(err, "base64 decoding failed on %s", cloudID)
+	}
+
+	// 3. separate based on `$`
+	words := strings.Split(string(decoded), "$")
+	if len(words) < 3 {
+		return "", "", errors.Errorf("Expected at least 3 parts in %s", string(decoded))
+	}
+
+	// 4. form the URLs
+	esURL := url.URL{Scheme: "https", Host: fmt.Sprintf("%s.%s:443", words[1], words[0])}
+	kibanaURL := url.URL{Scheme: "https", Host: fmt.Sprintf("%s.%s:443", words[2], words[0])}
+
+	return esURL.String(), kibanaURL.String(), nil
+}
+
+// decodeCloudAuth splits the cloud.auth into username and password.
+func decodeCloudAuth(cloudAuth string) (string, string, error) {
+
+	idx := strings.Index(cloudAuth, ":")
+	if idx < 0 {
+		return "", "", errors.New("cloud.auth setting doesn't contain `:` to split between username and password")
+	}
+
+	return cloudAuth[0:idx], cloudAuth[idx+1:], nil
+}