Owner Relations

Owner relations control how Mermin walks Kubernetes owner references to enrich flows with workload controller metadata (Deployment, StatefulSet, etc.).

Overview

Kubernetes resources have owner references forming a chain: Pod → ReplicaSet → Deployment → ... Mermin can walk this chain and attach metadata from owners to network flows.

Configuration

discovery "informer" "k8s" {
  owner_relations = {
    max_depth = 5
    include_kinds = []
    exclude_kinds = []
  }
}

Configuration Options

max_depth

Type: Integer Default: 5

Maximum depth to walk owner reference chain.

Example:

include_kinds

Type: Array of strings Default: [] (include all)

Only include these owner kinds in flow metadata. Empty array means include all.

Valid kinds: Deployment, ReplicaSet, StatefulSet, DaemonSet, Job, CronJob

Example:

exclude_kinds

Type: Array of strings Default: [] (exclude none)

Exclude these owner kinds from flow metadata. Takes precedence over include_kinds.

Example:

How It Works

Example chain: Pod nginx-abc123 → ReplicaSet nginx-xyz → Deployment nginx

Without owner relations:

• Flow shows only: Pod name, namespace, labels

With owner relations:

• Flow shows: Pod + ReplicaSet + Deployment metadata

Complete Example

Next Steps

• Selector Relations: Configure selector-based matching

• Flow Attributes: Configure metadata extraction