0

使用 1.x 写入端点时,我无法解决来自 InfluxDB 2 的未经授权的响应。

设置:

InfluxDB 2.0 docs中,它声明它具有一些 1.x 兼容性:

InfluxDB v2 API 包括与 InfluxDB 1.x 客户端库和 Grafana 等第三方集成一起使用的 InfluxDB 1.x 兼容性端点。

特别是,/write被列为 1.x 兼容

因此,让我们对此进行测试并使用 1.x api 写入 2.0 服务器。首先,我们将使用用户名和密码启动一个 docker 映像

docker run -p 8086:8086 \
      -e DOCKER_INFLUXDB_INIT_MODE=setup \
      -e DOCKER_INFLUXDB_INIT_USERNAME=my-user \
      -e DOCKER_INFLUXDB_INIT_PASSWORD=my-password \
      -e DOCKER_INFLUXDB_INIT_ORG=myorg \
      -e DOCKER_INFLUXDB_INIT_BUCKET=mydb \
      influxdb:2.0

文档声明我们可以使用基本身份验证进行身份验证,因此以下示例(也来自他们的文档,只有身份验证切换到 curl 更符合人体工程学的--user选项)应该可以工作:

curl -v --request POST http://localhost:8086/write?db=mydb \
  --user my-user:my-password \
  --data-binary "measurement,host=host1 field1=2i,field2=2.0 1577836800000000000"

不幸的是,返回 401 并带有以下有效负载:

{"code":"unauthorized","message":"Unauthorized"}

可能是什么问题?我在 docker 设置中提供了最少数量的必需参数,并且我从他们的文档中复制并粘贴了示例——没有太多可能出错的地方。

最终目标是拥有一个可以同时写入 1.x 和 2.x 的客户端,因为一些部署是 1.x,而其他部署是 2.x。阅读文档让我认为这是可能的,但遵循文档让我不这么认为。解决方案真的是同时嵌入 InfluxDB 1.x 和 2.x 客户端并要求用户在运行应用程序之前指定此版本吗?

Fwiw,添加更详细的日志记录不会产生额外的洞察力——只有相同的未经授权的行:

docker run -p 8086:8086 \
      -e DOCKER_INFLUXDB_INIT_MODE=setup \
      -e DOCKER_INFLUXDB_INIT_USERNAME=my-user \
      -e DOCKER_INFLUXDB_INIT_PASSWORD=my-password \
      -e DOCKER_INFLUXDB_INIT_ORG=myorg \
      -e DOCKER_INFLUXDB_INIT_BUCKET=mydb \
      -e INFLUXD_LOG_LEVEL=debug \
      influxdb:2.0
4

1 回答 1

0

我也在研究这个......还没有让它工作,但我认为我们可以使用 influxdb_listener-plugin https://docs.influxdata.com/telegraf/v1.18/plugins/将 Telegraf 作为代理放在两者之间/#influxdb_listener

编辑:

首先,启动您的 InfluxDB2 设置;有一个存储桶和一个用户等。在“加载数据”>“令牌”下创建一个访问令牌。

然后进行电报设置(例如从 docker )并给它telegraf.conf

[[inputs.influxdb_listener]]
  ## Address and port to host HTTP listener on
  service_address = ":8186"

  ## maximum duration before timing out read of the request
  read_timeout = "10s"
  ## maximum duration before timing out write of the response
  write_timeout = "10s"

  ## Maximum allowed HTTP request body size in bytes.
  ## 0 means to use the default of 32MiB.
  max_body_size = 0

  ## Maximum line size allowed to be sent in bytes.
  ##   deprecated in 1.14; parser now handles lines of unlimited length and option is ignored
  # max_line_size = 0

  ## Set one or more allowed client CA certificate file names to
  ## enable mutually authenticated TLS connections
  #tls_allowed_cacerts = ["/etc/telegraf/clientca.pem"]

  ## Add service certificate and key
  #tls_cert = "/etc/telegraf/cert.pem"
  #tls_key = "/etc/telegraf/key.pem"

  ## Optional tag name used to store the database name.
  ## If the write has a database in the query string then it will be kept in this tag name.
  ## This tag can be used in downstream outputs.
  ## The default value of nothing means it will be off and the database will not be recorded.
  ## If you have a tag that is the same as the one specified below, and supply a database,
  ## the tag will be overwritten with the database supplied.
  # database_tag = ""

  ## If set the retention policy specified in the write query will be added as
  ## the value of this tag name.
  retention_policy_tag = "Forever"

  ## Optional username and password to accept for HTTP basic authentication.
  ## You probably want to make sure you have TLS configured above for this.
  basic_username = "user"
  basic_password = "pass"


[[outputs.influxdb_v2]]
  ## The URLs of the InfluxDB cluster nodes.
  ##
  ## Multiple URLs can be specified for a single cluster, only ONE of the
  ## urls will be written to each interval.
  ## urls exp: http://127.0.0.1:8086
  urls = ["http://xyz:8086"]

  ## Token for authentication.
  token = "xxx"

  ## Organization is the name of the organization you wish to write to; must exist.
  organization = "default"

  ## Destination bucket to write into.
  bucket = "default"

您可以通过单击 InfluxDB 生成输入:“加载数据”>“源”>“搜索”“influx”并选择“InfluxDB 侦听器”并复制配置。您可以通过单击 InfluxDB 生成输出:“加载数据”>“Telegraf”>紫色按钮“InfluxDB 输出插件”。

祝你好运!

于 2021-04-09T14:39:45.057 回答