You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Similar to feature request raised in fluent/fluent-bit and logzio/logzio-k8s and fabric8io/fluent-plugin-kubernetes_metadata_filter we are also receiving notifications from AWS indicating our EKS 1.21 cluster has enabled BoundServiceAccountTokenVolume feature by default and encountering numerous stale service account token notifications as a result.
There is an open PR from fabric8io/fluent-plugin-kubernetes_metadata_filter seeking to address this issue.
Can a similar feature be included in fluentd-hec to support hourly service account token refresh?
The text was updated successfully, but these errors were encountered:
The PR you mentioned has been closed in favor of the workaround in this PR, which is in the 2.11.1 release. I opened #251 hoping to get a release that uses that version.
What would you like to be added:
Support for BoundServiceAccountTokenVolume 1hr service account token refresh requirements for Kubernetes 1.21+
Why is this needed:
We use splunk/splunk-connect-for-kubernetes chart which uses
splunk/fluentd-hec
v1.2.13 by default.Similar to feature request raised in fluent/fluent-bit and logzio/logzio-k8s and fabric8io/fluent-plugin-kubernetes_metadata_filter we are also receiving notifications from AWS indicating our EKS 1.21 cluster has enabled BoundServiceAccountTokenVolume feature by default and encountering numerous stale service account token notifications as a result.
There is an open PR from
fabric8io/fluent-plugin-kubernetes_metadata_filter
seeking to address this issue.Can a similar feature be included in fluentd-hec to support hourly service account token refresh?
The text was updated successfully, but these errors were encountered: