Hello,
I am trying to deploy a filebeat container (not daemonset) on a k8s cluster (kub 1.21)
Used image: elastic/filebeat:7.8.1
Image starts correctly but i can't have the filebeat working correctly :
E1130 15:47:41.183053 1 reflector.go:125] github.com/elastic/beats/libbeat/common/kubernetes/watcher.go:146: Failed to list *v1.Pod: pods is forbidden: User "system:serviceaccount:xxx:airflow-worker" cannot list resource "pods" in API group "" at the cluster scope
Filebeat always asks for cluster roles (that i dont have cause its a mutualized cluster) and i cant avoid this error, even when trying to use a autodiscover specially on my ns :
autodiscover:
providers:
- type: kubernetes
namespace: xxx
templates:
- condition:
equals:
kubernetes.namespace: xxx
Is it impossible to use a filebeat container on K8S without cluster roles on the running Service account ????
Regards,
Guillaume