diff options
author | Fotis Voutsas <fotis@netdata.cloud> | 2024-02-20 11:02:38 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-02-20 11:02:38 +0200 |
commit | c9f92a691c38b7bc4c55804738fb55023597a746 (patch) | |
tree | 77dd6dee31b0aaa552e909c220c175bb717c7182 | |
parent | 5a24b4753f4ff435c4bd1dee6423c7cebcadee52 (diff) |
Populate the SSL section in Observability and centralization points -… (#17035)
* Populate the SSL section in Observability and centralization points -> Metrics centralization points - > configuration
* Update configuration.md
* Update docs/observability-centralization-points/metrics-centralization-points/configuration.md
* Update docs/observability-centralization-points/metrics-centralization-points/configuration.md
* add note about install directory
* Update configuration.md
* Update configuration.md
---------
Co-authored-by: Ilya Mashchenko <ilya@netdata.cloud>
-rw-r--r-- | docs/observability-centralization-points/metrics-centralization-points/configuration.md | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/docs/observability-centralization-points/metrics-centralization-points/configuration.md b/docs/observability-centralization-points/metrics-centralization-points/configuration.md index 60d90660bc..e52f7309ff 100644 --- a/docs/observability-centralization-points/metrics-centralization-points/configuration.md +++ b/docs/observability-centralization-points/metrics-centralization-points/configuration.md @@ -56,6 +56,32 @@ Save the file and restart Netdata. ## Enable TLS/SSL Communication +While encrypting the connection between your parent and child nodes is recommended for security, it's not required to get started. + +This example uses self-signed certificates. + +> **Note** +> This section assumes you have read the documentation on [how to edit the Netdata configuration files](https://github.com/netdata/netdata/blob/master/docs/netdata-agent/configuration.md). +<!-- here we need link to the section that will contain the restarting instructions --> + +1. **Parent node** + To generate an SSL key and certificate using `openssl`, take a look at the related section around [Securing Netdata Agents](https://github.com/netdata/netdata/blob/master/src/web/server/README.md#enable-httpstls-support) in our Documentation. + +2. **Child node** + Update `stream.conf` to enable SSL/TLS and allow self-signed certificates. Append ':SSL' to the destination and uncomment 'ssl skip certificate verification'. + + ```conf + [stream] + enabled = yes + destination = 203.0.113.0:SSL + ssl skip certificate verification = yes + api key = 11111111-2222-3333-4444-555555555555 + ``` + +3. Restart the Netdata Agent on both the parent and child nodes, to stream encrypted metrics using TLS/SSL. + + + ## Troubleshooting Streaming Connections You can find any issues related to streaming at Netdata logs. |