Description
Component(s)
extension/opamp
What happened?
Description
The OpAMP Agent Extension's OpAMP agent applies TLS settings even when the server::ws::endpoint/server::http::endpoint is set to a URL with ws/http scheme, resulting in the client being unable to connect to a server that uses an insecure protocol.
In the OpAMP Supervisor, a similar issue was addressed by loading the agent's TLS settings conditionally:
opentelemetry-collector-contrib/cmd/opampsupervisor/supervisor/supervisor.go
Lines 630 to 641 in 2d91302
A similar approach can be taken here.
Steps to Reproduce
Start an OpAMP server without TLS. If using the opamp-go example server, this can be done by replacing this line with:
_ = tlsConfigRun the collector with the provided config from the OpenTelemetry Collector configuration section below:
./otelcol-contrib --config=./config.yamlExpected Result
The collector connects to the OpAMP server.
Actual Result
The collector fails to connect to the OpAMP server.
It only connects if providing TLS config insecure: true:
extensions:
opamp:
server:
ws:
endpoint: "ws://127.0.0.1:4320/v1/opamp"
tls:
insecure: trueCollector version
v0.124.1
Environment information
Environment
OS: macOS Sequoia 15.4.1
Compiler: go1.24.2 darwin/arm64
OpenTelemetry Collector configuration
extensions:
opamp:
server:
ws:
endpoint: "ws://127.0.0.1:4320/v1/opamp"
receivers:
nop:
exporters:
nop:
service:
extensions: [opamp]
pipelines:
traces:
receivers: [nop]
exporters: [nop]Log output
2025-04-21T15:47:29.487+0200 info [email protected]/service.go:199 Setting up own telemetry...
2025-04-21T15:47:29.487+0200 info [email protected]/service.go:266 Starting otelcol-contrib... {"Version": "0.124.1", "NumCPU": 11}
2025-04-21T15:47:29.487+0200 info extensions/extensions.go:41 Starting extensions...
2025-04-21T15:47:29.487+0200 info extensions/extensions.go:45 Extension is starting...
2025-04-21T15:47:29.509+0200 info extensions/extensions.go:62 Extension started.
2025-04-21T15:47:29.510+0200 info [email protected]/service.go:289 Everything is ready. Begin running and processing data.
2025-04-21T15:47:29.511+0200 error [email protected]/opamp_agent.go:138 Failed to connect to the OpAMP server {"error": "tls: first record does not look like a TLS handshake"}
github.com/open-telemetry/opentelemetry-collector-contrib/extension/opampextension.(*opampAgent).Start.func3
github.com/open-telemetry/opentelemetry-collector-contrib/extension/[email protected]/opamp_agent.go:138
github.com/open-telemetry/opamp-go/client.(*wsClient).tryConnectOnce
github.com/open-telemetry/[email protected]/client/wsclient.go:239
github.com/open-telemetry/opamp-go/client.(*wsClient).ensureConnected
github.com/open-telemetry/[email protected]/client/wsclient.go:282
github.com/open-telemetry/opamp-go/client.(*wsClient).runOneCycle
github.com/open-telemetry/[email protected]/client/wsclient.go:326
github.com/open-telemetry/opamp-go/client.(*wsClient).runUntilStopped
github.com/open-telemetry/[email protected]/client/wsclient.go:412
github.com/open-telemetry/opamp-go/client/internal.(*ClientCommon).StartConnectAndRun.func1
github.com/open-telemetry/[email protected]/client/internal/clientcommon.go:208Additional context
No response