gpt4 book ai didi

Rust OpenTelemetry OTLP w/Honeycomb

转载 作者:行者123 更新时间:2023-12-02 18:01:28 34 4
gpt4 key购买 nike

我正在尝试使用 opentelemetryopen telemetry-otlp 通过 OTLP 向 Honeycomb 提供可观察性数据。

我正在使用类似这样的东西作为概念证明(如果你想运行它,可以提取到这个 repo 中:https://github.com/timfpark/honeycomb-rust-poc)

fn init_tracer(metadata: &MetadataMap) -> Result<sdktrace::Tracer, TraceError> {
let opentelemetry_endpoint =
env::var("OTEL_ENDPOINT").unwrap_or_else(|_| "https://api.honeycomb.io".to_owned());
let opentelemetry_endpoint =
Url::parse(&opentelemetry_endpoint).expect("OTEL_ENDPOINT is not a valid url");

opentelemetry_otlp::new_pipeline()
.tracing()
.with_exporter(
opentelemetry_otlp::new_exporter()
.tonic()
.with_endpoint(opentelemetry_endpoint.as_str())
.with_metadata(metadata.clone())
.with_tls_config(
ClientTlsConfig::new().domain_name(
opentelemetry_endpoint
.host_str()
.expect("OTEL_ENDPOINTshould have a valid host"),
),
),
)
.install_batch(opentelemetry::runtime::Tokio)
}

#[tokio::main]
async fn main() -> anyhow::Result<()> {

let mut metadata = MetadataMap::with_capacity(2);

metadata.insert(
"x-honeycomb-team",
"...honeycomb api key...".parse().unwrap(),
);

metadata.insert("x-honeycomb-dataset", "my-api".parse().unwrap());

let tracer = init_tracer(&metadata).expect("failed to instantiate opentelemetry tracing");

tracing_subscriber::registry()
.with(tracing_subscriber::EnvFilter::from_default_env())
.with(tracing_opentelemetry::layer().with_tracer(tracer))
.with(tracing_subscriber::fmt::layer())
.try_init()
.expect("failed to register tracer with registry");

let tracer = global::tracer("ex.com/basic");

但我得到:

2022-11-02T17:01:01.088429Z DEBUG hyper::client::connect::http: connecting to 52.5.162.226:443
2022-11-02T17:01:01.170767Z DEBUG hyper::client::connect::http: connected to 52.5.162.226:443
2022-11-02T17:01:01.171870Z DEBUG rustls::client::hs: No cached session for DnsName(DnsName(DnsName("api.honeycomb.io")))
2022-11-02T17:01:01.172555Z DEBUG rustls::client::hs: Not resuming any session
2022-11-02T17:01:01.269218Z DEBUG rustls::client::hs: ALPN protocol is Some(b"h2")
2022-11-02T17:01:01.269398Z DEBUG rustls::client::hs: Using ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2022-11-02T17:01:01.269504Z DEBUG rustls::client::tls12::server_hello: Server supports tickets
2022-11-02T17:01:01.269766Z DEBUG rustls::client::tls12: ECDHE curve is ECParameters { curve_type: NamedCurve, named_group: secp256r1 }
2022-11-02T17:01:01.269843Z DEBUG rustls::client::tls12: Server DNS name is DnsName(DnsName(DnsName("api.honeycomb.io")))
2022-11-02T17:01:01.271123Z WARN rustls::conn: Sending fatal alert BadCertificate
2022-11-02T17:01:01.271861Z DEBUG tonic::transport::service::reconnect: reconnect::poll_ready: hyper::Error(Connect, Custom { kind: InvalidData, error: InvalidCertificateData("invalid peer certificate: UnknownIssuer") })
2022-11-02T17:01:01.271967Z DEBUG tower::buffer::worker: service.ready=true processing request
2022-11-02T17:01:01.272169Z DEBUG tonic::transport::service::reconnect: error: error trying to connect: invalid peer certificate contents: invalid peer certificate: UnknownIssuer
OpenTelemetry trace error occurred. Exporter otlp encountered the following error(s): the grpc server returns error (The service is currently unavailable): , detailed error message: error trying to connect: invalid peer certificate contents: invalid peer certificate: UnknownIssuer

这似乎表明我的 TLS 设置有些不正确...有人在 Rust 中有一段 opentelemetry 代码可以与 Honeycomb 一起使用吗?

最佳答案

问题是:您需要为 ClientTlsConfig 提供根证书,目标站点 (api.honeycomb.io) 链接回该证书。

我在我的容器中找到了一个合适的根证书,然后让程序加载它。

代码如下:

let pem = tokio::fs::read("/etc/ssl/certs/Starfield_Services_Root_Certificate_Authority_-_G2.pem").await.expect("read the cert file");
let cert = Certificate::from_pem(pem);

let mut metadata = MetadataMap::with_capacity(1);
metadata.insert("x-honeycomb-team", honeycomb_api_key.parse().unwrap());

let opentelemetry_endpoint =
env::var("OTEL_ENDPOINT").unwrap_or_else(|_| "https://api.honeycomb.io".to_owned());

let opentelemetry_endpoint =
Url::parse(&opentelemetry_endpoint).expect("OTEL_ENDPOINT is not a valid url");

opentelemetry_otlp::new_pipeline()
.tracing()
.with_exporter(
opentelemetry_otlp::new_exporter()
.tonic()
.with_endpoint(opentelemetry_endpoint.as_str())
.with_metadata(metadata.clone())
.with_tls_config(
ClientTlsConfig::new().ca_certificate(cert)
),
)
.install_batch(opentelemetry::runtime::Tokio)
}

前两行是新的;他们从文件系统加载根证书。然后使用它来配置 ClientTlsConfig。

我根据证书详细信息的输出选择了根证书文件:openssl s_client -connect api.honeycomb.io:443 -servername localhost

证书链中的最后一个条目类似于文件名。它包括:/CN=Starfield Services Root Certificate Authority - G2

关于Rust OpenTelemetry OTLP w/Honeycomb,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/74281657/

34 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com