Support TLS config for Zipkin Collector

[mmorel-35]

Requirement - what kind of business use case are you trying to solve?

TLS configuration options in jaeger-zipkin-collector - for reporting zipkin traces

Problem - what in Jaeger blocks you from solving the requirement?

TLS configuration options like tls.cert or tls.key are not available in jaeger-collector

[mmorel-35]

Hi @yurishkuro,
IMHO, all the services admin (for query and collector) and zipkin for the collector, should allow tls mode.
Otherwise I'll probably have to secure Jaeger with an httpd server, as I found it here

What do you think ?

[yurishkuro]

Zipkin port - yes, admin ports - probably not. Most deployment platforms today do not automatically expose ports until explicitly requested (we even had requests to run Jaeger admin services on the same port as business services because of that), so you already have some control over who can see the admin port. Admin ports can be used for things like health checks, where TLS might actually get in the way.

[mmorel-35]

For grpc and http TLS is an option so it's up to the user to decide if he wants to use it or not but with admin the option is not available so it doesn't let any choice to the user. In my context every software is deployed on virtual machines and not containers.
The rules requires that every services exposed must support TLS.
Without this option there will be an extra work with the setup of a reverse proxy to make it an https endpoint.
I hope that I'm not the only one with such constraints, but if this option was available for the admin endpoint I wouldn't need to do this extra work. Moreover, Adding think option would also make jaeger more secure.

[yurishkuro]

I'm not opposed to adding it, since we factored it out into a package that is easy to compose.

[mmorel-35]

Great! I can make another PR once the Zipkin's one is merged