在我的系统(使用 raspberry)中,我有一些传感器可以将数据发布到 Mosquitto,我使用 Telegraf 传输数据做一个 influxDB 数据库,我使用 Grafana 来显示数据。
在没有 TLS 连接的测试期间(在 mosquittos 中),一切正常,但是当我激活 TLS 时,Telegraf 开始出现问题。
传感器使用 client.key、client.crt 和 ca.crt 将数据发送到代理。 在代理中,我可以看到来自传感器的数据。所以我认为问题不在于这个。
在 Telegraf(我想它可以作为客户端)中,我尝试配置 TLS 连接。 查看 telegraf.service 状态,它处于活动状态且正在运行。查看日志,我没有看到连接中的错误,但我看不到来自代理的任何数据。
在 Telegraf.conf 中,我设置了证书,如下所示。而不是使用 pem 文件,我使用了用于连接到系统的传感器或其他客户端的文件:扩展名不同,我不知道问题是否在这里。
这里是 Telegraf (mqtt_consumer) 的配置
# # Read metrics from MQTT topic(s)
[[inputs.mqtt_consumer]]
# ## Broker URLs for the MQTT server or cluster. To connect to multiple
# ## clusters or standalone servers, use a seperate plugin instance.
# ## example: servers = ["tcp://localhost:1883"]
# ## servers = ["ssl://localhost:1883"]
# ## servers = ["ws://localhost:1883"]
servers = ["tcp://192.168.1.58:8883"]
#
# ## Topics that will be subscribed to.
topics = [
"sensors/#"
]
#
# ## The message topic will be stored in a tag specified by this value. If set
# ## to the empty string no topic tag will be created.
# # topic_tag = "topic"
#
# ## QoS policy for messages
# ## 0 = at most once
# ## 1 = at least once
# ## 2 = exactly once
# ##
# ## When using a QoS of 1 or 2, you should enable persistent_session to allow
# ## resuming unacknowledged messages.
# # qos = 0
#
# ## Connection timeout for initial connection in seconds
# # connection_timeout = "30s"
#
# ## Maximum messages to read from the broker that have not been written by an
# ## output. For best throughput set based on the number of metrics within
# ## each message and the size of the output's metric_batch_size.
# ##
# ## For example, if each message from the queue contains 10 metrics and the
# ## output metric_batch_size is 1000, setting this to 100 will ensure that a
# ## full batch is collected and the write is triggered immediately without
# ## waiting until the next flush_interval.
# # max_undelivered_messages = 1000
#
# ## Persistent session disables clearing of the client session on connection.
# ## In order for this option to work you must also set client_id to identify
# ## the client. To receive messages that arrived while the client is offline,
# ## also set the qos option to 1 or 2 and don't forget to also set the QoS when
# ## publishing.
# # persistent_session = false
#
# ## If unset, a random client ID will be generated.
client_id = ""
#
# ## Username and password to connect MQTT server.
#username = ""
#password = ""
#
# ## Optional TLS Config
tls_ca = "/etc/telegraf/ca.crt"
tls_cert = "/etc/telegraf/client.crt"
tls_key = "/etc/telegraf/client.key"
# ## Use TLS but skip chain & host verification
# insecure_skip_verify = false
#
# ## Data format to consume.
# ## Each data format has its own unique set of configuration options, read
# ## more about them here:
# ## https://github.com/influxdata/telegraf/blob/master/docs/DATA_FORMATS_INPUT.md
data_format = "influx"
如何在 Telegraf 中检查与代理的连接?配置正确还是我应该只使用 .pem 文件?
答案 0 :(得分:2)
您的 MQTT URL 以 tcp:// 开头,但对于基于 SSL 的 MQTT 连接,它应该以 ssl:// 开头。