openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OBSDOCS-1675: Release notes for Distributed tracing 3.6

Browse Source
This commit is contained in:
Max Leonov
2025-06-03 14:48:42 +02:00
committed by openshift-cherrypick-robot
parent 037c3e2d9e
commit 397048daa6
7 changed files with 165 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
observability/distr_tracing/distr-tracing-rn.adoc
View File

@@ -12,6 +12,71 @@ You can use the {TempoName} xref:../../observability/otel/otel-forwarding-teleme
include::snippets/distr-tracing-and-otel-disclaimer-about-docs-for-supported-features-only.adoc[]
[id="distr-tracing_3-6_{context}"]
== Release notes for {DTShortName} 3.6
[id="distr-tracing_3-6_tempo-release-notes_{context}"]
=== {TempoName}
The {TempoName} 3.6 is provided through the link:https://catalog.redhat.com/software/containers/rhosdt/tempo-operator-bundle/642c3e0eacf1b5bdbba7654a/history[{TempoOperator} 0.16.0].
The {TempoName} 3.6 is based on the open source link:https://grafana.com/oss/tempo/[Grafana Tempo] 2.7.2.
[WARNING]
====
This is the first release of the {DTProductName} that is shipped only with the {TempoName} and without the deprecated {JaegerName}.
If you have not migrated from the deprecated {JaegerName} Operator to the {TempoOperator} and the {OTELName} Operator for distributed tracing collection and storage, see "Release notes for {DTProductName} 3.5".
====
[id="distr-tracing_3-6_tempo-release-notes_technology-preview-features_{context}"]
==== Technology Preview features
This update introduces the following Technology Preview feature:
* TempoStack deployment combined with the distributed tracing UI plugin of the {coo-first} supports fine-grained query role-based access control (RBAC). With the enabled RBAC, your users can see the attributes only from the namespaces to which they are given access.
:FeatureName: The fine-grained query RBAC for the UI plugin
include::snippets/technology-preview.adoc[leveloffset=+1]
[id="distr-tracing_3-6_tempo-release-notes_new-features-and-enhancements_{context}"]
==== New features and enhancements
This update introduces the following enhancements:
* Support for authentication using the Google Cloud Platform (GCP) Workload Identity Federation short-lived tokens. This enables secure and temporary credential access for workloads running with the GCP.
* Support for authentication using the Azure Workload Identity Federation short-lived tokens. This allows secure and temporary access for workloads federated with the Azure Active Directory.
* Support for the AWS Security Token Service (STS) through the CloudCredential Operator. This allows the use of dynamic and temporary AWS credentials for workloads.
////
[id="distr-tracing_3-6_cves_{context}"]
=== CVEs
This release fixes the following CVEs:
* ???
////
[id="distr-tracing_3-6_tempo-release-notes_bug-fixes_{context}"]
==== Bug fixes
This update introduces the following bug fixes:
* Before this update, the per-tenant retention configuration was not properly configured in the `TempoStack` instance. With this update, the per-tenant retention is properly configured in the `TempoStack` deployment.
* Before this update, the `oauth-proxy` container did not have any compute resources assigned to it. With this update, the container correctly sets the resources as specified in the `TempoStack` custom resource.
[id="distr-tracing_3-6_tempo-release-notes_known-issues_{context}"]
==== Known issues
The {TempoName} 3.6 has the following known issue:
* Currently, when the OpenShift tenancy mode is enabled, the `ServiceAccount` object of the gateway component of either a `TempoStack` or `TempoMonolithic` instance requires the `TokenReview` and `SubjectAccessReview` permissions for authorization.
+
Workaround: Deploy the instance in a dedicated namespace, and carefully audit which users have the permission to read the secrets in this namespace.
[id="distr-tracing_3-5_{context}"]
== Release notes for {DTProductName} 3.5

17
observability/otel/otel-collector/otel-collector-exporters.adoc
View File

@@ -17,7 +17,7 @@ Currently, the following General Availability and Technology Preview exporters a
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#prometheus-exporter_otel-collector-exporters[Prometheus Exporter]
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#prometheus-remote-write-exporter_otel-collector-exporters[Prometheus Remote Write Exporter]
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#kafka-exporter_otel-collector-exporters[Kafka Exporter]
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#aws-cloudwatch-exporter_otel-collector-exporters[AWS CloudWatch Exporter]
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#aws-cloudwatch-exporter_otel-collector-exporters[AWS CloudWatch Logs Exporter]
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#aws-emf-exporter_otel-collector-exporters[AWS EMF Exporter]
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#aws-xray-exporter_otel-collector-exporters[AWS X-Ray Exporter]
- xref:../../../observability/otel/otel-collector/otel-collector-exporters.adoc#file-exporter_otel-collector-exporters[File Exporter]
@@ -257,9 +257,6 @@ include::snippets/technology-preview.adoc[]
The Kafka Exporter exports logs, metrics, and traces to Kafka. This exporter uses a synchronous producer that blocks and does not batch messages. You must use it with batch and queued retry processors for higher throughput and resiliency.
:FeatureName: The Kafka Exporter
include::snippets/technology-preview.adoc[]
.OpenTelemetry Collector custom resource with the enabled Kafka Exporter
[source,yaml]
----
@@ -312,14 +309,14 @@ include::snippets/technology-preview.adoc[]
log_group_name: "<group_name_of_amazon_cloudwatch_logs>" # <1>
log_stream_name: "<log_stream_of_amazon_cloudwatch_logs>" # <2>
region: <aws_region_of_log_stream> # <3>
endpoint: <service_endpoint_of_amazon_cloudwatch_logs> # <4>
endpoint: <protocol><service_endpoint_of_amazon_cloudwatch_logs> # <4>
log_retention: <supported_value_in_days> # <5>
# ...
----
<1> Required. If the log group does not exist yet, it is automatically created.
<2> Required. If the log stream does not exist yet, it is automatically created.
<3> Optional. If the AWS region is not already set in the default credential chain, you must specify it.
<4> Optional. You can override the default Amazon CloudWatch Logs service endpoint to which the requests are forwarded. For the list of service endpoints by region, see link:https://docs.aws.amazon.com/general/latest/gr/cwl_region.html[Amazon CloudWatch Logs endpoints and quotas] (AWS General Reference).
<4> Optional. You can override the default Amazon CloudWatch Logs service endpoint to which the requests are forwarded. You must include the protocol, such as `https://`, as part of the endpoint value. For the list of service endpoints by region, see link:https://docs.aws.amazon.com/general/latest/gr/cwl_region.html[Amazon CloudWatch Logs endpoints and quotas] (AWS General Reference).
<5> Optional. With this parameter, you can set the log retention policy for new Amazon CloudWatch log groups. If this parameter is omitted or set to `0`, the logs never expire by default. Supported values for retention in days are `1`, `3`, `5`, `7`, `14`, `30`, `60`, `90`, `120`, `150`, `180`, `365`, `400`, `545`, `731`, `1827`, `2192`, `2557`, `2922`, `3288`, or `3653`.
[role="_additional-resources"]
@@ -357,7 +354,7 @@ include::snippets/technology-preview.adoc[]
resource_to_telemetry_conversion: # <3>
enabled: true
region: <region> # <4>
endpoint: <endpoint> # <5>
endpoint: <protocol><endpoint> # <5>
log_retention: <supported_value_in_days> # <6>
namespace: <custom_namespace> # <7>
# ...
@@ -366,7 +363,7 @@ include::snippets/technology-preview.adoc[]
<2> Customized log stream name.
<3> Optional. Converts resource attributes to telemetry attributes such as metric labels. Disabled by default.
<4> The AWS region of the log stream. If a region is not already set in the default credential provider chain, you must specify the region.
<5> Optional. You can override the default Amazon CloudWatch Logs service endpoint to which the requests are forwarded. For the list of service endpoints by region, see link:https://docs.aws.amazon.com/general/latest/gr/cwl_region.html[Amazon CloudWatch Logs endpoints and quotas] (AWS General Reference).
<5> Optional. You can override the default Amazon CloudWatch Logs service endpoint to which the requests are forwarded. You must include the protocol, such as `https://`, as part of the endpoint value. For the list of service endpoints by region, see link:https://docs.aws.amazon.com/general/latest/gr/cwl_region.html[Amazon CloudWatch Logs endpoints and quotas] (AWS General Reference).
<6> Optional. With this parameter, you can set the log retention policy for new Amazon CloudWatch log groups. If this parameter is omitted or set to `0`, the logs never expire by default. Supported values for retention in days are `1`, `3`, `5`, `7`, `14`, `30`, `60`, `90`, `120`, `150`, `180`, `365`, `400`, `545`, `731`, `1827`, `2192`, `2557`, `2922`, `3288`, or `3653`.
<7> Optional. A custom namespace for the Amazon CloudWatch metrics.
@@ -424,7 +421,7 @@ include::snippets/technology-preview.adoc[]
exporters:
awsxray:
region: "<region>" # <1>
endpoint: <endpoint> # <2>
endpoint: <protocol><endpoint> # <2>
resource_arn: "<aws_resource_arn>" # <3>
role_arn: "<iam_role>" # <4>
indexed_attributes: [ "<indexed_attr_0>", "<indexed_attr_1>" ] # <5>
@@ -433,7 +430,7 @@ include::snippets/technology-preview.adoc[]
# ...
----
<1> The destination region for the X-Ray segments sent to the AWS X-Ray service. For example, `eu-west-1`.
<2> Optional. You can override the default Amazon CloudWatch Logs service endpoint to which the requests are forwarded. For the list of service endpoints by region, see link:https://docs.aws.amazon.com/general/latest/gr/cwl_region.html[Amazon CloudWatch Logs endpoints and quotas] (AWS General Reference).
<2> Optional. You can override the default Amazon CloudWatch Logs service endpoint to which the requests are forwarded. You must include the protocol, such as `https://`, as part of the endpoint value. For the list of service endpoints by region, see link:https://docs.aws.amazon.com/general/latest/gr/cwl_region.html[Amazon CloudWatch Logs endpoints and quotas] (AWS General Reference).
<3> The Amazon Resource Name (ARN) of the AWS resource that is running the Collector.
<4> The AWS Identity and Access Management (IAM) role for uploading the X-Ray segments to a different account.
<5> The list of attribute names to be converted to X-Ray annotations.

6
observability/otel/otel-collector/otel-collector-processors.adoc
View File

@@ -184,9 +184,6 @@ rules:
The Attributes Processor can modify attributes of a span, log, or metric. You can configure this processor to filter and match input data and include or exclude such data for specific actions.
:FeatureName: The Attributes Processor
include::snippets/technology-preview.adoc[]
This processor operates on a list of actions, executing them in the order specified in the configuration. The following actions are supported:
Insert:: Inserts a new attribute into the input data when the specified key does not already exist.
@@ -237,9 +234,6 @@ Convert:: Converts an existing attribute to a specified type.
The Resource Processor applies changes to the resource attributes. This processor supports traces, metrics, and logs.
:FeatureName: The Resource Processor
include::snippets/technology-preview.adoc[]
.OpenTelemetry Collector using the Resource Detection Processor
[source,yaml]
----

3
observability/otel/otel-collector/otel-collector-receivers.adoc
View File

@@ -335,9 +335,6 @@ rules:
The Prometheus Receiver scrapes the metrics endpoints.
:FeatureName: The Prometheus Receiver
include::snippets/technology-preview.adoc[]
.OpenTelemetry Collector custom resource with an enabled Prometheus Receiver
[source,yaml]
----

89
observability/otel/otel-rn.adoc
View File

@@ -12,6 +12,95 @@ You can use the {OTELName} xref:../../observability/otel/otel-forwarding-telemet
include::snippets/distr-tracing-and-otel-disclaimer-about-docs-for-supported-features-only.adoc[]
[id="otel_3-6_{context}"]
== Release notes for {OTELName} 3.6
The {OTELName} 3.6 is provided through the link:https://catalog.redhat.com/software/containers/rhosdt/opentelemetry-operator-bundle/615618406feffc5384e84400/history[{OTELOperator} 0.127.0].
[NOTE]
====
The {OTELName} 3.6 is based on the open source link:https://opentelemetry.io/docs/collector/[OpenTelemetry] release 0.127.0.
====
[id="otel_3-6_cves_{context}"]
=== CVEs
This release fixes the following CVEs:
* https://access.redhat.com/security/cve/CVE-2025-22868[CVE-2025-22868]
* https://access.redhat.com/security/cve/CVE-2025-22871[CVE-2025-22871]
[id="otel_3-6_technology-preview-features_{context}"]
=== Technology Preview features
This update introduces the following Technology Preview features:
* Tail Sampling Processor
* Cumulative-to-Delta Processor
:FeatureName: Each of these features
include::snippets/technology-preview.adoc[leveloffset=+1]
[id="otel_3-6_new-features-and-enhancements_{context}"]
=== New features and enhancements
This update introduces the following enhancements:
* The following link:https://access.redhat.com/support/offerings/techpreview[Technology Preview] features reach General Availability:
** Kafka Exporter
** Attributes Processor
** Resource Processor
** Prometheus Receiver
* With this update, the OpenTelemetry Collector can read TLS certificates in the `tss2` format according to the TPM Software Stack specification (TSS) 2.0 of the Trusted Platform Module (TPM) 2.0 Library by the Trusted Computing Group (TCG).
* With this update, the {OTELOperator} automatically upgrades all `OpenTelemetryCollector` custom resources during its startup. The Operator reconciles all managed instances during its startup. If there is an error, the Operator retries the upgrade at exponential backoff. If an upgrade fails, the Operator will retry the upgrade again when it restarts.
////
[id="otel_3-6_deprecated-functionality_{context}"]
=== Deprecated functionality
In the {OTELName} 3.6, ???. (link:https://issues.redhat.com/browse/TRACING-????/[TRACING-????])
////
[id="otel_3-6_removal-notice_{context}"]
=== Removal notice
In the {OTELName} 3.6, the Loki Exporter, which is a temporary Technology Preview feature, is removed. If you currently use the Loki Exporter for Loki 3.0 or later, replace the Loki Exporter with the OTLP HTTP Exporter.
:FeatureName: The Loki Exporter
include::snippets/technology-preview.adoc[leveloffset=+1]
// In the {OTELName} 3.6, the FEATURE has been removed. Bug fixes and support are provided only through the end of the 3.? lifecycle. As an alternative to the FEATURE for USE CASE, you can use the ALTERNATIVE instead.
////
[id="otel_3-6_bug-fixes_{context}"]
=== Bug fixes
This update introduces the following bug fix:
* ??? (link:https://issues.redhat.com/browse/TRACING-????/[TRACING-????])
////
[id="otel_3-6_known-issues_{context}"]
=== Known issues
There is currently a known issue with the following exporters:
* AWS CloudWatch Logs Exporter
* AWS EMF Exporter
* AWS X-Ray Exporter
This known issue affects deployments that use the optional `endpoint` field of the exporter configuration in the Collector custom resource. Not specifying the protocol, such as `https://`, as part of the endpoint value results in the `unsupported protocol scheme` error.
Workaround: Include the protocol, such as `https://`, as part of the endpoint value.
[id="otel_3-5-1_{context}"]
== Release notes for {OTELName} 3.5.1

2
observability/otel/otel-updating.adoc
View File

@@ -10,6 +10,8 @@ For version upgrades, the {OTELOperator} uses the Operator Lifecycle Manager (OL
The OLM runs in the {product-title} by default. The OLM queries for available Operators as well as upgrades for installed Operators.
The {OTELOperator} automatically upgrades all `OpenTelemetryCollector` custom resources during its startup. The Operator reconciles all managed instances during its startup. If there is an error, the Operator retries the upgrade at exponential backoff. If an upgrade fails, the Operator will retry the upgrade again when it restarts.
When the {OTELOperator} is upgraded to the new version, it scans for running OpenTelemetry Collector instances that it manages and upgrades them to the version corresponding to the Operator's new version.
[role="_additional-resources"]

6
snippets/distr-tracing-assembly-tip-for-jaeger-replacements.adoc
View File

@@ -17,11 +17,9 @@
[WARNING]
====
[subs="attributes+"]
The {JaegerName} 3.5 is the last release of the {JaegerName} that Red Hat plans to support.
The deprecated {JaegerName} 3.5 was the last release of the {JaegerName} that Red Hat supports.
In the {DTProductName} 3.5, Jaeger and support for Elasticsearch remain deprecated.
Support for the {JaegerName} ends on November 3, 2025.
Support for the deprecated {JaegerName} ends on November 3, 2025.
The {JaegerOperator} Operator (Jaeger) will be removed from the `redhat-operators` catalog on November 3, 2025. For more information, see the Red Hat Knowledgebase solution link:https://access.redhat.com/solutions/7083722[Jaeger Deprecation and Removal in OpenShift].