From b3ddde5a6f5f3063b8e4c871aa91ba2715a5227d Mon Sep 17 00:00:00 2001
From: AntonBazhal <am.bazhal@gmail.com>
Date: Tue, 22 Mar 2016 13:21:58 -0400
Subject: [PATCH 1/3] Added support for TLS-enabled Docker daemon

---
 plugins/inputs/docker/README.md |  5 +++++
 plugins/inputs/docker/docker.go | 34 ++++++++++++++++++++++++++++++++-
 2 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/plugins/inputs/docker/README.md b/plugins/inputs/docker/README.md
index 97450e2aa78ae..5a3b02aa36214 100644
--- a/plugins/inputs/docker/README.md
+++ b/plugins/inputs/docker/README.md
@@ -20,6 +20,11 @@ for the stat structure can be found
   #   To use TCP, set endpoint = "tcp://[ip]:[port]"
   #   To use environment variables (ie, docker-machine), set endpoint = "ENV"
   endpoint = "unix:///var/run/docker.sock"
+  # To collect metrics from TLS-enabled daemon
+  # tls_enabled = true
+  # tls_ca = "~/certificates_path/ca.pem"
+  # tls_cert = "~/certificates_path/cert.pem"
+  # tls_key = "~/certificates_path/key.pem"
   # Only collect metrics for these containers, collect all if empty
   container_names = []
 ```
diff --git a/plugins/inputs/docker/docker.go b/plugins/inputs/docker/docker.go
index cdc8ec1e58616..33fdf0416a146 100644
--- a/plugins/inputs/docker/docker.go
+++ b/plugins/inputs/docker/docker.go
@@ -14,12 +14,22 @@ import (
 	"github.com/influxdata/telegraf/plugins/inputs"
 
 	"github.com/fsouza/go-dockerclient"
+	"errors"
 )
 
 type Docker struct {
 	Endpoint       string
 	ContainerNames []string
 
+	// Enables TLS
+	TLSEnabled bool `toml:"tls_enabled"`
+	// Path to CA file
+	TLSCA string `toml:"tls_ca"`
+	// Path to cert file
+	TLSCert string `toml:"tls_cert"`
+	// Path to cert key file
+	TLSKey string `toml:"tls_key"`
+
 	client DockerClient
 }
 
@@ -48,6 +58,11 @@ var sampleConfig = `
   ##   To use TCP, set endpoint = "tcp://[ip]:[port]"
   ##   To use environment variables (ie, docker-machine), set endpoint = "ENV"
   endpoint = "unix:///var/run/docker.sock"
+  ## To collect metrics from TLS-enabled daemon
+  # tls_enabled = true
+  # tls_ca = "~/certificates_path/ca.pem"
+  # tls_cert = "~/certificates_path/cert.pem"
+  # tls_key = "~/certificates_path/key.pem"
   ## Only collect metrics for these containers, collect all if empty
   container_names = []
 `
@@ -73,7 +88,24 @@ func (d *Docker) Gather(acc telegraf.Accumulator) error {
 				return err
 			}
 		} else {
-			c, err = docker.NewClient(d.Endpoint)
+			if !d.TLSEnabled {
+				c, err = docker.NewClient(d.Endpoint)
+			} else {
+				if d.TLSCert == "" {
+					return errors.New("tls_cert must be configured when tls_enable is set to true");
+				}
+
+				if d.TLSKey == "" {
+					return errors.New("tls_key must be configured when tls_enable is set to true");
+				}
+
+				if d.TLSCA == "" {
+					return errors.New("tls_ca must be configured when tls_enable is set to true");
+				}
+
+				c, err = docker.NewTLSClient(d.Endpoint, d.TLSCert, d.TLSKey, d.TLSCA)
+			}
+
 			if err != nil {
 				return err
 			}

From 5bd8572b5677e3f43c654398af7d61cccf7c20da Mon Sep 17 00:00:00 2001
From: AntonBazhal <am.bazhal@gmail.com>
Date: Tue, 22 Mar 2016 13:29:32 -0400
Subject: [PATCH 2/3] Minor refactoring

---
 plugins/inputs/docker/README.md | 2 +-
 plugins/inputs/docker/docker.go | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/plugins/inputs/docker/README.md b/plugins/inputs/docker/README.md
index 5a3b02aa36214..553fd8fcdd13e 100644
--- a/plugins/inputs/docker/README.md
+++ b/plugins/inputs/docker/README.md
@@ -20,7 +20,7 @@ for the stat structure can be found
   #   To use TCP, set endpoint = "tcp://[ip]:[port]"
   #   To use environment variables (ie, docker-machine), set endpoint = "ENV"
   endpoint = "unix:///var/run/docker.sock"
-  # To collect metrics from TLS-enabled daemon
+  # To collect metrics from a TLS-enabled daemon
   # tls_enabled = true
   # tls_ca = "~/certificates_path/ca.pem"
   # tls_cert = "~/certificates_path/cert.pem"
diff --git a/plugins/inputs/docker/docker.go b/plugins/inputs/docker/docker.go
index 33fdf0416a146..9c18893703f00 100644
--- a/plugins/inputs/docker/docker.go
+++ b/plugins/inputs/docker/docker.go
@@ -2,6 +2,7 @@ package system
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"log"
 	"regexp"
@@ -14,7 +15,6 @@ import (
 	"github.com/influxdata/telegraf/plugins/inputs"
 
 	"github.com/fsouza/go-dockerclient"
-	"errors"
 )
 
 type Docker struct {
@@ -58,7 +58,7 @@ var sampleConfig = `
   ##   To use TCP, set endpoint = "tcp://[ip]:[port]"
   ##   To use environment variables (ie, docker-machine), set endpoint = "ENV"
   endpoint = "unix:///var/run/docker.sock"
-  ## To collect metrics from TLS-enabled daemon
+  ## To collect metrics from a TLS-enabled daemon
   # tls_enabled = true
   # tls_ca = "~/certificates_path/ca.pem"
   # tls_cert = "~/certificates_path/cert.pem"

From 5cb11b007a44990303682088910dd0fdaaae9821 Mon Sep 17 00:00:00 2001
From: AntonBazhal <am.bazhal@gmail.com>
Date: Tue, 22 Mar 2016 14:26:36 -0400
Subject: [PATCH 3/3] Fixed code formatting

---
 plugins/inputs/docker/docker.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/plugins/inputs/docker/docker.go b/plugins/inputs/docker/docker.go
index 9c18893703f00..d270dda161656 100644
--- a/plugins/inputs/docker/docker.go
+++ b/plugins/inputs/docker/docker.go
@@ -92,15 +92,15 @@ func (d *Docker) Gather(acc telegraf.Accumulator) error {
 				c, err = docker.NewClient(d.Endpoint)
 			} else {
 				if d.TLSCert == "" {
-					return errors.New("tls_cert must be configured when tls_enable is set to true");
+					return errors.New("tls_cert must be configured when tls_enable is set to true")
 				}
 
 				if d.TLSKey == "" {
-					return errors.New("tls_key must be configured when tls_enable is set to true");
+					return errors.New("tls_key must be configured when tls_enable is set to true")
 				}
 
 				if d.TLSCA == "" {
-					return errors.New("tls_ca must be configured when tls_enable is set to true");
+					return errors.New("tls_ca must be configured when tls_enable is set to true")
 				}
 
 				c, err = docker.NewTLSClient(d.Endpoint, d.TLSCert, d.TLSKey, d.TLSCA)