In my monitoring setup i am heavily using InfluxDB. Starting with one linux server with grafana which loads the data from its local influxdb, i wanted to setup a second linux server.
My options:
- new telegraf, new influxdb, new grafana
 but then i have two url (because of two grafanas and i can not copy graphs from one dashboard to the other)
- new telegraf, new influxdb, but grafana from first server
 grafana has to get the data over the network
- new telegraf, influxdb & grafana from first server
 what is happening if telegraf can not reach influxdb, because of network problem? what if the first server is down?
- completely remote monitoring
 what is happening if telegraf can not reach the other server? what if the first server is down?
As you can see, option 2 is the favorite here.
But therefore InfluxDB has to be secured: SSL + user/password.
So let's start with creating some certificates:
openssl req -new -x509 -nodes -out server-cert.pem -days 3650 -keyout server-key.pem
So that you get:
zigbee:/etc/influxdb# ls -lrt *pem
-rw-r--r-- 1 influxdb root 1704 Nov 7 09:48 key.pem
-rw-r--r-- 1 influxdb root 1411 Nov 7 09:48 cert.pem
Then add this in /etc/influxdb/influxdb.conf
https-enabled = true
https-certificate = "/etc/influxdb/cert.pem"
https-private-key = "/etc/influxdb/key.pem"
But still a user is missing, so we have to create users (via bash):
influx -ssl -unsafeSsl
create user admin with password 'XXXXXXX' with all privileges
After that you can test this with
root@zigbee:# influx -ssl -unsafeSsl
Connected to https://localhost:8086 version 1.6.4
InfluxDB shell version: 1.6.4
> show databases
ERR: unable to parse authentication credentials
Warning: It is possible this error is due to not setting a database.
Please set a database with the command "use <database>".
> auth
username: admin
password:
> show databases
name: databases
name
----
_internal

No comments:
Post a Comment