Feature: Per namespace elastic + filebeat? #2515
Comments
|
Hi @KlavsKlavsen, thanks for your feature request. Since a single Filebeat can't be configured to have multiple outputs this is not easy to set up. I didn't have an opportunity to test the below, but two options I can think of right now is to either:
We are currently exploring if this kind of scenario is something that ECK could help solve. |
|
Thanks @david-kow And then I'll set up 1 instance of filebeat per team namespace - where I hope that I can filter on a hardcoded namespace name - so the ES in that namespace (which will be the output for this filebeat) - only will get logs from containers in that teams namespace. |
|
Closing as this will be tracked in #2417 |
|
Is that the right url? I can't seem to see it. 404. Permission issue? |
|
Woops, I put in the wrong link. Corrected |
Hi guys,
Loving this ECK.. I would like to setup an elastic instance per-namespace (as we give each team their own namespace) - so they can have their own setup - isolated from other teams.
That works fine for elastic+kibana..
But the filebeat example you have - reads in from ALL containers on host.. it would be really nice if there could be some way to have a single filebeat instance (as your example yaml sets up) - which then can filter based on which namespace the pod belongs to - and direct logs to the correct elastic instance)
To avoid teams logs bothering each other - and avoiding all the complexity (and possible flaws) - in having a central elastic search with filtering for each team - so they only see their own nodes..
The text was updated successfully, but these errors were encountered: