docs: add parent-child deployments and access levels section#22065
Draft
nedi-app[bot] wants to merge 1 commit intomasterfrom
Draft
docs: add parent-child deployments and access levels section#22065nedi-app[bot] wants to merge 1 commit intomasterfrom
nedi-app[bot] wants to merge 1 commit intomasterfrom
Conversation
- Explain access levels in parent-child streaming architectures - Clarify distinction between streaming API keys and Cloud authentication - Add comparison table showing Anonymous, Community, and Business access - Include cross-reference to deployment-with-centralization-points.md
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
No issues found across 1 file
Confidence score: 5/5
- Automated review surfaced no issues in the provided summaries.
- No files require special attention.
Architecture diagram
sequenceDiagram
participant User as User / Browser
participant Cloud as Netdata Cloud
participant Parent as Parent Node
participant Child as Child Node
Note over Child, Parent: Data Streaming Flow
Child->>Parent: NEW: Stream metrics (Auth via API Key)
Note over Parent: Data stored but sensitive<br/>functions remain locked
Note over User, Parent: Dashboard Access Flow
alt Scenario: WITHOUT Netdata Cloud
User->>Parent: Request local dashboard
Parent->>Parent: CHANGED: Set access to "Anonymous"
Parent-->>User: Metrics view (Sensitive functions BLOCKED)
else Scenario: WITH Netdata Cloud (Claimed)
User->>Cloud: Authenticate (Community/Business)
Cloud->>Parent: NEW: Verify authenticated session
Parent->>Parent: CHANGED: Unlock features based on Plan
Parent-->>User: Full Dashboard (Sensitive functions UNLOCKED)
opt Business Plan
Parent->>Parent: NEW: Enable Dynamic Configuration
end
end
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds a new section to
netdata-oss-limitations.mdexplaining how access levels work in parent-child streaming deployments:Changes
docs/netdata-oss-limitations.mdAudit Context
Session Query: "how does community differs from a parent-child set up with anonymous log in"
Decision Verdict: surgical_edit - Add documentation explaining the relationship between parent-child streaming architectures and Netdata access control levels, clarifying that streaming API keys don't unlock sensitive functions.
Summary by cubic
Adds a new “Parent-Child Deployments and Access Levels” section to
docs/netdata-oss-limitations.mdclarifying how access works in parent-child streaming setups. It covers Anonymous access without Cloud, Community/Business access when Cloud-claimed, includes a brief capabilities comparison, notes that streaming API keys don’t grant UI privileges, and links to the parent-child deployment guide.Written for commit f402936. Summary will update on new commits.