Will AutoDiscovery work with a Role and RoleBinding in kubernetes

Hi,

I like the autodiscovery feature of filebeat (as a Daemonset) but I was reluctant to use a clusterRole and clusterRoleBinding as part of my kubernetes deployment. Apparently I'm not allowed to use a clusterRoleBinding as I am not the owner of the kubernetes cluster. I can only fetch logs in my kubernetes namespace.

  1. Is it possible for FileBeat's autoDiscovery feature to work with Role and RoleBinding?
  2. If not, do we have any other secured way-forward from Elastic?

Thanks,
Teja

Please take a look at this thread Limiting Filebeat Autodiscover to Namespace . You may find answers to your questions.

1 Like

Thanks Role and RoleBinding helped me to fetch logs from the current namespace :slight_smile:

Just to double-check, Having a Role (for the current namespace) or a clusterRole (for all or set of namespaces) do the same work in terms of updating k8s metadata? Is there any difference? Will I miss any important feature or flexibility if I use a Role? Does filebeat still need extra security privileges while using a role instead of clusterRole?

In another way, having clusterRole will help me to fetch logs from all or a specific set of namespaces, and having a role helps me to get the current namespace. Did I understand it correctly?

As I mentioned earlier, I don't want to use a clusterRole and also not interested in all namespaces.