openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OSDOCS-15852 [NETOBSERV] Modularize release notes 1.2

Browse Source
This commit is contained in:
Gwynne Monahan
2025-08-14 15:06:48 -05:00
committed by openshift-cherrypick-robot
parent f75735c621
commit 73e59d9f73
18 changed files with 119 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
observability/network_observability/network-observability-operator-release-notes.adoc
View File

@@ -714,56 +714,4 @@ The release of Network Observability Operator 1.3 deprecates the `spec.Loki.auth
* Since the 1.2.0 release of the Network Observability Operator, using {loki-op} 5.6, a Loki certificate change periodically affects the `flowlogs-pipeline` pods and results in dropped flows rather than flows written to Loki. The problem self-corrects after some time, but it still causes temporary flow data loss during the Loki certificate change. This issue has only been observed in large-scale environments of 120 nodes or greater.(link:https://issues.redhat.com/browse/NETOBSERV-980[*NETOBSERV-980*])
* When you install the Operator, a warning kernel taint can appear. The reason for this error is that the network observability eBPF agent has memory constraints that prevent preallocating the entire hashmap table. The Operator eBPF agent sets the `BPF_F_NO_PREALLOC` flag so that pre-allocation is disabled when the hashmap is too memory expansive.
[id="network-observability-operator-release-notes-1-2"]
== Network Observability Operator 1.2.0
The following advisory is available for the Network Observability Operator 1.2.0:
* https://access.redhat.com/errata/RHSA-2023:1817[RHSA-2023:1817 Network Observability Operator 1.2.0]
[id="network-observability-operator-preparing-to-update"]
=== Preparing for the next update
The subscription of an installed Operator specifies an update channel that tracks and receives updates for the Operator. Until the 1.2 release of the Network Observability Operator, the only channel available was `v1.0.x`. The 1.2 release of the Network Observability Operator introduces the `stable` update channel for tracking and receiving updates. You must switch your channel from `v1.0.x` to `stable` to receive future Operator updates. The `v1.0.x` channel is deprecated and planned for removal in a following release.
[id="network-observability-operator-1.2.0-features-enhancements"]
=== New features and enhancements
[id="histogram-feature-1.2"]
==== Histogram in Traffic Flows view
* You can now choose to show a histogram bar chart of flows over time. The histogram enables you to visualize the history of flows without hitting the Loki query limit. For more information, see xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-histogram-trafficflow_nw-observe-network-traffic[Using the histogram].
[id="conversation-tracking-feature-1.2"]
==== Conversation tracking
* You can now query flows by *Log Type*, which enables grouping network flows that are part of the same conversation. For more information, see xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-working-with-conversations_nw-observe-network-traffic[Working with conversations].
[id="health-alerts-feature-1.2"]
==== Network observability health alerts
* The Network Observability Operator now creates automatic alerts if the `flowlogs-pipeline` is dropping flows because of errors at the write stage or if the Loki ingestion rate limit has been reached. For more information, see xref:../../observability/network_observability/network-observability-operator-monitoring.adoc#network-observability-health-dashboard-overview_network_observability[Health dashboards].
[id="network-observability-operator-1.2.0-bug-fixes"]
=== Bug fixes
* Previously, after changing the `namespace` value in the FlowCollector spec, `eBPF` agent pods running in the previous namespace were not appropriately deleted. Now, the pods running in the previous namespace are appropriately deleted. (link:https://issues.redhat.com/browse/NETOBSERV-774[*NETOBSERV-774*])
* Previously, after changing the `caCert.name` value in the FlowCollector spec (such as in Loki section), FlowLogs-Pipeline pods and Console plug-in pods were not restarted, therefore they were unaware of the configuration change. Now, the pods are restarted, so they get the configuration change. (link:https://issues.redhat.com/browse/NETOBSERV-772[*NETOBSERV-772*])
* Previously, network flows between pods running on different nodes were sometimes not correctly identified as being duplicates because they are captured by different network interfaces. This resulted in over-estimated metrics displayed in the console plug-in. Now, flows are correctly identified as duplicates, and the console plug-in displays accurate metrics. (link:https://issues.redhat.com/browse/NETOBSERV-755[*NETOBSERV-755*])
* The "reporter" option in the console plug-in is used to filter flows based on the observation point of either source node or destination node. Previously, this option mixed the flows regardless of the node observation point. This was due to network flows being incorrectly reported as Ingress or Egress at the node level. Now, the network flow direction reporting is correct. The "reporter" option filters for source observation point, or destination observation point, as expected. (link:https://issues.redhat.com/browse/NETOBSERV-696[*NETOBSERV-696*])
* Previously, for agents configured to send flows directly to the processor as gRPC+protobuf requests, the submitted payload could be too large and is rejected by the processors' GRPC server. This occurred under very-high-load scenarios and with only some configurations of the agent. The agent logged an error message, such as: _grpc: received message larger than max_. As a consequence, there was information loss about those flows. Now, the gRPC payload is split into several messages when the size exceeds a threshold. As a result, the server maintains connectivity. (link:https://issues.redhat.com/browse/NETOBSERV-617[*NETOBSERV-617*])
[id="network-observability-operator-1.2.0-known-issues"]
=== Known issue
* In the 1.2.0 release of the Network Observability Operator, using {loki-op} 5.6, a Loki certificate transition periodically affects the `flowlogs-pipeline` pods and results in dropped flows rather than flows written to Loki. The problem self-corrects after some time, but it still causes temporary flow data loss during the Loki certificate transition. (link:https://issues.redhat.com/browse/NETOBSERV-980[*NETOBSERV-980*])
[id="network-observability-operator-1.2.0-notable-technical-changes"]
=== Notable technical changes
* Previously, you could install the Network Observability Operator using a custom namespace. This release introduces the `conversion webhook` which changes the `ClusterServiceVersion`. Because of this change, all the available namespaces are no longer listed. Additionally, to enable Operator metrics collection, namespaces that are shared with other Operators, like the `openshift-operators` namespace, cannot be used. Now, the Operator must be installed in the `openshift-netobserv-operator` namespace. You cannot automatically upgrade to the new Operator version if you previously installed the Network Observability Operator using a custom namespace. If you previously installed the Operator using a custom namespace, you must delete the instance of the Operator that was installed and re-install your operator in the `openshift-netobserv-operator` namespace. It is important to note that custom namespaces, such as the commonly used `netobserv` namespace, are still possible for the `FlowCollector`, Loki, Kafka, and other plug-ins. (link:https://issues.redhat.com/browse/NETOBSERV-907[*NETOBSERV-907*])(link:https://https://issues.redhat.com/browse/NETOBSERV-956[*NETOBSERV-956*])
[id="network-observability-operatpr-1-1"]
== Network Observability Operator 1.1
include::modules/network-observability-release-notes-1-1-0-enhancements.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-1-0-bug-fixes.adoc[leveloffset=+1]
* When you install the Operator, a warning kernel taint can appear. The reason for this error is that the network observability eBPF agent has memory constraints that prevent preallocating the entire hashmap table. The Operator eBPF agent sets the `BPF_F_NO_PREALLOC` flag so that pre-allocation is disabled when the hashmap is too memory expansive.

1
observability/network_observability/release_notes/_attributes Symbolic link
View File

@@ -0,0 +1 @@
../../../_attributes/

1
observability/network_observability/release_notes/images Symbolic link
View File

@@ -0,0 +1 @@
../../../images/

1
observability/network_observability/release_notes/modules Symbolic link
View File

@@ -0,0 +1 @@
../../../modules/

17
observability/network_observability/release_notes/network-observability-operator-release-notes.adoc Normal file
View File

@@ -0,0 +1,17 @@
//Network Observability Operator Release Notes
:_mod-docs-content-type: ASSEMBLY
[id="network-observability-operator-release-notes"]
= Network Observability Operator release notes
:context: network-observability-operator-release-notes
include::_attributes/common-attributes.adoc[]
toc::[]
With the Network Observability Operator, administrators can observe and analyze network traffic flows for {product-title} clusters.
These release notes track the development of the Network Observability Operator in the {product-title}.
For an overview of the Network Observability Operator, see xref:../../../observability/network_observability/network-observability-overview.adoc#network-observability-operator_network-observability-overview[Network Observability Operator].
include::modules/network-observability-operator-release-notes-1-9-3-advisory.adoc[leveloffset=+1]

1
observability/network_observability/release_notes/snippets Symbolic link
View File

@@ -0,0 +1 @@
../../../snippets/

24
observability/network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
View File

@@ -20,10 +20,34 @@ include::modules/network-observability-operator-release-notes-1-9-2-advisory.ado
include::modules/network-observability-release-notes-1-9-2-bug-fixes.adoc[leveloffset=+1]
//netobserv 1.9.1
//netobserv 1.9.0
//netobserv 1.8.1
//netobserv 1.8.0
//netobserv 1.7.0
//netobserv 1.6.2
//netobserv 1.6.1
//netobserv 1.6.0
//netobserv 1.5.0
//netobserv 1.4.2
//netobserv 1.4.1
//netobserv 1.3.0
//It might make sense to have each release version start with some kind of overview at [leveloffset=+1] and then each module be [leveloffset=+2]. Also wonder if that is worth the effort if release-notes-archive is not migrated since the versions don't apply because the Network Observability Operator is a follows a rolling stream release.
//Something to ponder while working through modularizing the rest of the release notes.
include::modules/network-observability-release-notes-1-2-0-preparing-for-next-update.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-2-0-advisory.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-2-0-new-features-enhancements.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-2-0-bug-fixes.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-2-0-known-issues.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-2-0-notable-technical-changes.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-1-0-enhancements.adoc[leveloffset=+1]
include::modules/network-observability-release-notes-1-1-0-bug-fixes.adoc[leveloffset=+1]