Kubernetes Events binding spec
Detailed documentation on the Kubernetes Events binding component
Component format
To setup Kubernetes Events binding create a component of type bindings.kubernetes. See this guide on how to create and apply a binding configuration.
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: <NAME>
namespace: <NAMESPACE>
spec:
type: bindings.kubernetes
version: v1
metadata:
- name: namespace
value: <NAMESPACE>
- name: resyncPeriodInSec
vale: "<seconds>"
Spec metadata fields
| Field | Required | Binding support | Details | Example |
|---|---|---|---|---|
| namespace | Y | Input | The Kubernetes namespace to read events from | "default" |
| resyncPeriodInSec | N | Te period of time to refresh event list from Kubernetes API server. Defaults to "10" | "15" |
Binding support
This component supports input binding interface.
Output format
Output received from the binding is of format bindings.ReadResponse with the Data field populated with the following structure:
{
"event": "",
"oldVal": {
"metadata": {
"name": "hello-node.162c2661c524d095",
"namespace": "kube-events",
"selfLink": "/api/v1/namespaces/kube-events/events/hello-node.162c2661c524d095",
...
},
"involvedObject": {
"kind": "Deployment",
"namespace": "kube-events",
...
},
"reason": "ScalingReplicaSet",
"message": "Scaled up replica set hello-node-7bf657c596 to 1",
...
},
"newVal": {
"metadata": { "creationTimestamp": "null" },
"involvedObject": {},
"source": {},
"firstTimestamp": "null",
"lastTimestamp": "null",
"eventTime": "null",
...
}
}
Three different event types are available:
- Add : Only the
newValfield is populated,oldValfield is an emptyv1.Event,eventisadd - Delete : Only the
oldValfield is populated,newValfield is an emptyv1.Event,eventisdelete - Update : Both the
oldValandnewValfields are populated,eventisupdate
Required permissions
For consuming events from Kubernetes, permissions need to be assigned to a User/Group/ServiceAccount using [RBAC Auth] mechanism of Kubernetes.
Role
One of the rules need to be of the form as below to give permissions to get, watch and list events. API Groups can be as restrictive as needed.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: <NAMESPACE>
name: <ROLENAME>
rules:
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "watch", "list"]
RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: <NAME>
namespace: <NAMESPACE> # same as above
subjects:
- kind: ServiceAccount
name: default # or as need be, can be changed
namespace: <NAMESPACE> # same as above
roleRef:
kind: Role
name: <ROLENAME> # same as the one above
apiGroup: ""
Related links
- Basic schema for a Dapr component
- Bindings building block
- How-To: Trigger application with input binding
- How-To: Use bindings to interface with external resources
- Bindings API reference
Last modified May 22, 2021: docs: clean up white noise (#1491) (fe1ab8eb)