add proxy support (central management & monitoring)

Fixes #11799

docs/static/settings/configuration-management-settings.asciidoc

@@ -56,6 +56,11 @@ authenticate for accessing the configuration data.
 The username you specify here should have the `logstash_admin` role, which
 provides access to `.logstash-*` indices for managing configurations.
 
+`xpack.management.elasticsearch.proxy`::
+
+Optional setting that allows you to specify a proxy URL if Logstash needs to use a proxy
+to reach your Elasticsearch cluster.
+
 `xpack.management.elasticsearch.ssl.certificate_authority`::
 
 Optional setting that enables you to specify a path to the `.pem` file for the

docs/static/settings/monitoring-settings.asciidoc

@@ -38,6 +38,10 @@ If your {es} is protected with basic authentication, these settings provide the
 username and password that the Logstash instance uses to authenticate for
 shipping monitoring data.
 
+`monitoring.elasticsearch.proxy`::
+
+Optional setting that allows you to specify a proxy URL if Logstash needs to use a proxy
+to reach your Elasticsearch cluster.
 
 [[monitoring-collection-settings]]
 ===== Monitoring collection settings

x-pack/lib/config_management/extension.rb

@@ -29,6 +29,7 @@ module LogStash
         settings.register(LogStash::Setting::ArrayCoercible.new("xpack.management.elasticsearch.hosts", String, [ "https://localhost:9200" ] ))
         settings.register(LogStash::Setting::NullableString.new("xpack.management.elasticsearch.cloud_id"))
         settings.register(LogStash::Setting::NullableString.new("xpack.management.elasticsearch.cloud_auth"))
+        settings.register(LogStash::Setting::NullableString.new("xpack.management.elasticsearch.proxy"))
         settings.register(LogStash::Setting::NullableString.new("xpack.management.elasticsearch.ssl.certificate_authority"))
         settings.register(LogStash::Setting::NullableString.new("xpack.management.elasticsearch.ssl.truststore.path"))
         settings.register(LogStash::Setting::NullableString.new("xpack.management.elasticsearch.ssl.truststore.password"))

x-pack/lib/helpers/elasticsearch_options.rb

@@ -15,6 +15,7 @@ module LogStash module Helpers
         password
         cloud_id
         cloud_auth
+        proxy
       )
 
     # Retrieve elasticsearch options from either specific settings, or modules if the setting is not there and the
@@ -47,6 +48,10 @@ module LogStash module Helpers
         opts['user'] = settings.get("#{prefix}#{feature}.elasticsearch.username")
         opts['password'] = settings.get("#{prefix}#{feature}.elasticsearch.password")
       end
+      if proxysetting = settings.get("#{prefix}#{feature}.elasticsearch.proxy")
+        opts['proxy'] = proxysetting
+      end
+
       opts['sniffing'] = settings.get("#{prefix}#{feature}.elasticsearch.sniffing")
       opts['ssl_certificate_verification'] = settings.get("#{prefix}#{feature}.elasticsearch.ssl.verification_mode") == 'certificate'
 
@@ -157,4 +162,4 @@ module LogStash module Helpers
                               "specified, please only use one of those.")
     end
 
-  end end end
+  end end end

x-pack/lib/monitoring/monitoring.rb

@@ -32,6 +32,7 @@ module LogStash
         @password = es_settings['password']
         @cloud_id = es_settings['cloud_id']
         @cloud_auth = es_settings['cloud_auth']
+        @proxy = es_settings['proxy']
         @ca_path = es_settings['cacert']
         @truststore_path = es_settings['truststore']
         @truststore_password = es_settings['truststore_password']
@@ -41,7 +42,7 @@ module LogStash
         @ssl_certificate_verification = (es_settings['verification_mode'] == 'certificate')
       end
 
-      attr_accessor :system_api_version, :es_hosts, :user, :password, :node_uuid, :cloud_id, :cloud_auth
+      attr_accessor :system_api_version, :es_hosts, :user, :password, :node_uuid, :cloud_id, :cloud_auth, :proxy
       attr_accessor :ca_path, :truststore_path, :truststore_password
       attr_accessor :keystore_path, :keystore_password, :sniffing, :ssl_certificate_verification
 
@@ -61,6 +62,10 @@ module LogStash
         !!cloud_auth && cloud_id?
       end
 
+      def proxy?
+        proxy
+      end
+
       def auth?
         user && password
       end
@@ -254,6 +259,7 @@ module LogStash
       settings.register(LogStash::Setting::TimeValue.new("#{prefix}monitoring.collection.timeout_interval", "10m"))
       settings.register(LogStash::Setting::NullableString.new("#{prefix}monitoring.elasticsearch.username", "logstash_system"))
       settings.register(LogStash::Setting::NullableString.new("#{prefix}monitoring.elasticsearch.password"))
+      settings.register(LogStash::Setting::NullableString.new("#{prefix}monitoring.elasticsearch.proxy"))
       settings.register(LogStash::Setting::NullableString.new("#{prefix}monitoring.elasticsearch.cloud_id"))
       settings.register(LogStash::Setting::NullableString.new("#{prefix}monitoring.elasticsearch.cloud_auth"))
       settings.register(LogStash::Setting::NullableString.new("#{prefix}monitoring.elasticsearch.ssl.certificate_authority"))

x-pack/lib/template.cfg.erb

@@ -25,6 +25,9 @@ output {
     document_type => "%{[@metadata][document_type]}"
     index => "<%= monitoring_index %>"
     sniffing => <%= sniffing %>
+  <% if proxy? %>
+    proxy => "<%= proxy %>"
+  <% end %>
   <% if auth? && !cloud_auth? %>
     user => "<%= user %>"
     password => "<%= password %>"