Error communicating with TLS secured Zipkin collector

I’m attempting to configure a cluster to report to a Zipkin instance, but it doesn’t seem to correctly handle TLS secured collectors correctly. The value is shown correctly in the cluster settings:

root@cockroach.foo.bar.com:26257/> SHOW CLUSTER SETTING trace.zipkin.collector;
+---------------------------------+
|     trace.zipkin.collector      |
+---------------------------------+
| https://zipkin-test.foo.bar.com |
+---------------------------------+
(1 row)

Time: 20.814078ms

But the logs show that the https url isn’t being parsed correctly:

[Zipkin collector err Post http://https//zipkin-test.foo.bar.com/api/v1/spans: dial tcp: lookup https on 127.0.0.1:53: no such host]

Oops, it seems we build the address using fmt.Sprintf("http://%s/api/v1/spans", collectorAddr), which clearly isn’t right for anything other than http (you also can’t specify http://zipkin.foo.bar.com).
@radu, you seem to have poked the most at the zipkin tracing, care to look in more details? (I haven’t checked whether the library we use will properly do https).

Ah, yeah, that’d do it :slight_smile:

@radu, it’d also be useful to explore some way to set the session trace context explicitly. I’m thinking of some parameters when enabling tracing such as SET TRACE = 'TraceID:bd7a977555f6b982; SpanID:ebf33e1a81dc6f71';, and have Cockroach use those identifiers for its parent span.

That would allow an application to pass its tracing context into Cockroach, and show Cockroach’s internal tracing in the context of the rest of the trace across services.

2 Likes

That’s a very interesting suggestion, thanks! Filed an issue to keep track of this: https://github.com/cockroachdb/cockroach/issues/19403