fgerlits commented on code in PR #1366: URL: https://github.com/apache/nifi-minifi-cpp/pull/1366#discussion_r920140171
########## examples/kubernetes/README.md: ########## @@ -18,13 +18,17 @@ The following examples show different configurations that can be applied in Kube ## Cluster level log collection with MiNiFi C++ -The [daemon-set-log-collection.yml](daemon-set-log-collection.yml) file has an example for cluster level log collection, which is done on every node by creating a daemon set. +The [daemon-set-log-collection.yml](daemon-set-log-collection/daemon-set-log-collection.yml) file has an example for cluster level log collection, which is done on every node by creating a daemon set. The config includes a KubernetesControllerService that provides the namespace, pod, uid, container variables for the TailFile processor for getting the logs for the filtered Kubernetes objects. In this specific example all container logs from the default namespace are collected and forwarded to Kafka. The controller service can be modified to have additional filters for namespaces, pods, containers, for which more information can be found in the [CONTROLLERS.md](/CONTROLLERS.md#kubernetesControllerService) documentation. -This setup complies with the ["node logging agent"](https://kubernetes.io/docs/concepts/cluster-administration/logging/#using-a-node-logging-agent) architecture described in the Kubernetes documentation. + +Note: To access query Kubernetes cluster information, the MiNiFi agent requires read permission on the pod and namespace objects. One way to give access read access to MiNiFi is to create specific cluster roles and cluster role bindings for a specific namespace where the MiNiFi is deployed. There is an example on this in the [daemon-set-log-collection/cluster-roles](daemon-set-log-collection/cluster-roles) directory. Review Comment: There are too many 'access'es here: ```suggestion Note: To query Kubernetes cluster information, the MiNiFi agent requires read permission on the pod and namespace objects. One way to give read access to MiNiFi is to create specific cluster roles and cluster role bindings for a specific namespace where the MiNiFi is deployed. There is an example on this in the [daemon-set-log-collection/cluster-roles](daemon-set-log-collection/cluster-roles) directory. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
