Skip to content

Commit

Permalink
in_kubernetes_events: add k8s permission details
Browse files Browse the repository at this point in the history
fluent/fluent-bit#8351

Signed-off-by: ryanohnemus <[email protected]>
  • Loading branch information
ryanohnemus committed Jun 19, 2024
1 parent eb6b687 commit 88f67dd
Showing 1 changed file with 9 additions and 2 deletions.
11 changes: 9 additions & 2 deletions pipeline/inputs/kubernetes-events.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ Kubernetes exports it events through the API server. This input plugin allows to
|---------------------|---------------------------------------------------------------------------------------|------------------------------------------------------|
| db | Set a database file to keep track of recorded Kubernetes events | |
| db.sync | Set a database sync method. values: extra, full, normal and off | normal |
| interval_sec | Set the polling interval for each channel. | 0 |
| interval_nsec | Set the polling interval for each channel (sub seconds: nanoseconds) | 500000000 |
| interval_sec | Set the reconnect interval (seconds)* | 0 |
| interval_nsec | Set the reconnect interval (sub seconds: nanoseconds)* | 500000000 |
| kube_url | API Server end-point | https://kubernetes.default.svc |
| kube_ca_file | Kubernetes TLS CA file | /var/run/secrets/kubernetes.io/serviceaccount/ca.crt |
| kube_ca_path | Kubernetes TLS ca path | |
Expand All @@ -28,8 +28,15 @@ Kubernetes exports it events through the API server. This input plugin allows to
| tls.verify | Enable or disable verification of TLS peer certificate. | On |
| tls.vhost | Set optional TLS virtual host. | |


- _* as of Fluent-Bit 3.1 this plugin uses a kubernetes watch stream instead of polling. The interval parameters in versions > 3.1 are used for reconnecting the kubernetes watch stream._


## Getting Started

### Kubernetes Service Account
The kubernetes service account used by fluent-bit must have `get`, `list`, and `watch` permissions to `namespaces` and `pods` for the namespaces watched in the `kube_namespace` config parameter. If you are using the helm chart to set up fluent-bit, this role is included.

### Simple Configuration File

In the following configuration file, the input plugin *kubernetes_events* collects events every 5 seconds (default for *interval_nsec*) and exposes them through the [standard output plugin](../outputs/standard-output.md) on the console.
Expand Down

0 comments on commit 88f67dd

Please sign in to comment.