openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 21:46:22 +01:00
Code Issues Releases Activity

OSDOCS-15129 [NETOBSERV] Refactor network-observability-overview.adoc

Browse Source
This commit is contained in:
Gwynne Monahan
2025-08-06 10:32:13 -05:00
committed by openshift-cherrypick-robot
parent 2eabc42e9f
commit a1f99722b0
9 changed files with 106 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
modules/network-observability-cli.adoc Normal file
View File

@@ -0,0 +1,9 @@
// Module included in the following assemblies:
//
// network_observability/network-observability-overview.adoc
:_mod-docs-content-type: CONCEPT
[id="network-observability-cli_{context}"]
= Network Observability CLI
You can quickly debug and troubleshoot networking issues with network observability by using the Network Observability command-line interface (CLI), `oc netobserv`. The Network Observability CLI is a flow and packet visualization tool that relies on eBPF agents to stream collected data to an ephemeral collector pod. It requires no persistent storage during the capture. After the run, the output is transferred to your local machine. This enables quick, live insight into packets and flow data without installing the Network Observability Operator.

11
modules/network-observability-dashboards.adoc Normal file
View File

@@ -0,0 +1,11 @@
// Module included in the following assemblies:
//
// network_observability/network-observability-overview.adoc
:_mod-docs-content-type: CONCEPT
[id="network-observability-dashboards_{context}"]
= Network observability metrics dashboards
In the {product-title} console on the *Overview* tab, you can view the overall aggregated metrics of the network traffic flow on the cluster. You can choose to display the information by cluster, node, namespace, owner, pod, and service. Filters and display options can further refine the metrics. For more information, see "Observing the network traffic from the Overview view".
In *Observe* -> *Dashboards*, the *Netobserv* dashboards provide a quick overview of the network flows in your {product-title} cluster. The *Netobserv/Health* dashboard provides metrics about the health of the Operator. For more information, see "Network observability metrics" and "Viewing health information".

13
modules/network-observability-dependency-network-observability-operator.adoc Normal file
View File

@@ -0,0 +1,13 @@
// Module included in the following assemblies:
//
// network_observability/network-observability-overview.adoc
:_mod-docs-content-type: CONCEPT
[id="network-observability-dependency-network-observability-operator_{context}"]
= Optional dependencies of the Network Observability Operator
You can optionally integrate the Network Observability Operator with other components to enhance its functionality and scalability. Supported optional dependencies include the {loki-op} for flow storage, and AMQ Streams for large-scale data handling with Kafka.
{loki-op}:: You can use Loki as the backend to store all collected flows with a maximal level of details. It is recommended to use the Red Hat supported {loki-op} to install Loki. You can also choose to use network observability without Loki, but you need to consider some factors. For more information, see "Network observability without Loki".
AMQ Streams Operator:: Kafka provides scalability, resiliency and high availability in the {product-title} cluster for large scale deployments. If you choose to use Kafka, it is recommended to use Red Hat supported AMQ Streams Operator.

14
modules/network-observability-openshift-console-integration.adoc Normal file
View File

@@ -0,0 +1,14 @@
// Module included in the following assemblies:
//
// network_observability/network-observability-overview.adoc
:_mod-docs-content-type: CONCEPT
[id="network-observability-openshift-console-integration_{context}"]
= {product-title} console integration
{product-title} console integration offers an overview, a topology view, and traffic flow tables. The Network observability metrics dashboards in *Observe* -> *Dashboards* are available only to users with administrator access.
[NOTE]
====
To enable multi-tenancy for developer access and for administrators with limited access to namespaces, you must specify permissions by defining roles. For more information, see "Enabling multi-tenancy in network observability".
====

11
modules/network-observability-operator.adoc Normal file
View File

@@ -0,0 +1,11 @@
// Module included in the following assemblies:
//
// network_observability/network-observability-overview.adoc
:_mod-docs-content-type: CONCEPT
[id="network-observability-operator_{context}"]
= Network Observability Operator
The Network Observability Operator provides the `FlowCollector` API custom resource. A `FlowCollector` instance is a cluster-scoped resource that enables configuration of network flow collection. This instance deploys pods and services that form a monitoring pipeline.
The `eBPF` agent is deployed as a `daemonset` object and creates the network flows. The pipeline collects and enriches network flows with Kubernetes metadata before storing them in Loki or generating Prometheus metrics.

9
modules/network-observability-topology-views.adoc Normal file
View File

@@ -0,0 +1,9 @@
// Module included in the following assemblies:
//
// network_observability/network-observability-overview.adoc
:_mod-docs-content-type: CONCEPT
[id="network-observability-topology-views_{context}"]
= Network observability topology views
The {product-title} console offers the *Topology* tab which displays a graphical representation of the network flows and the amount of traffic. The topology view represents traffic between the {product-title} components as a network graph. You can refine the graph by using the filters and display options. You can access the information for cluster, zone, udn, node, namespace, owner, pod, and service.

9
modules/network-observability-traffic-flow-tables.adoc Normal file
View File

@@ -0,0 +1,9 @@
// Module included in the following assemblies:
//
// network_observability/network-observability-overview.adoc
:_mod-docs-content-type: CONCEPT
[id="traffic-flow-tables_{context}"]
= Traffic flow tables
The *Traffic flow* table view provides a view for raw flows, non aggregated filtering options, and configurable columns. The {product-title} console offers the *Traffic flows* tab which displays the data of the network flows and the amount of traffic.

14
observability/network_observability/network-observability-operator-release-notes.adoc
View File

@@ -11,7 +11,7 @@ The Network Observability Operator enables administrators to observe and analyze
These release notes track the development of the Network Observability Operator in the {product-title}.
For an overview of the Network Observability Operator, see xref:../../observability/network_observability/network-observability-overview.adoc#dependency-network-observability[About Network Observability Operator].
For an overview of the Network Observability Operator, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-overview[About network observability].
[id="network-observability-operator-release-notes-1-9-1_{context}"]
== Network Observability Operator 1.9.1
@@ -241,7 +241,7 @@ You can now export enriched network flows to a compatible OpenTelemetry endpoint
[id="network-observability-operator-developer-perspective-1-7_{context}"]
==== Network observability Developer perspective
You can now use network observability in the *Developer* perspective. For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#no-console-integration[{product-title} console integration].
You can now use network observability in the *Developer* perspective. For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-openshift-console-integration_network-observability-overview[{product-title} console integration].
==== TCP flags filtering
You can now use the `tcpFlags` filter to limit the volume of packets processed by the eBPF program. For more information, see xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-flowcollector-flowfilter-parameters_nw-observe-network-traffic[Flow filter configuration parameters], xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-ebpf-flow-rule-filter_nw-observe-network-traffic[eBPF flow rule filter], and xref:../../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-tcp-flag-syn-flood_metrics-dashboards-alerts[Detecting SYN flooding using the FlowMetric API and TCP flags].
@@ -402,7 +402,7 @@ With the duplicated flows update, the *Interface* and *Interface Direction* fiel
=====
For more information, see xref:../../observability/network_observability/network-observability-operator-monitoring.adoc#network-observability-netobserv-dashboard-ebpf-agent-alerts_network_observability[Using the eBPF agent alert]
and xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-quickfilter_nw-observe-network-traffic[Quick filters].
and For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-dashboards_network-observability-overview[Network observability metrics dashboards] and xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-quickfilter_nw-observe-network-traffic[Filtering the network traffic].
[id="network-observability-ebpf-collection-filtering-1.6_{context}"]
@@ -456,11 +456,11 @@ You can use TCP handshake Round-Trip Time (RTT) captured from the `fentry/tcp_rc
[id="network-observability-metrics-dashboard-enhancements"]
==== Metrics, dashboards, and alerts enhancements
The network observability metrics dashboards in *Observe* → *Dashboards* → *NetObserv* have new metrics types you can use to create Prometheus alerts. You can now define available metrics in the `includeList` specification. In previous releases, these metrics were defined in the `ignoreTags` specification. For a complete list of these metrics, see xref:../../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-metrics_metrics-dashboards-alerts[Network observability Metrics].
The network observability metrics dashboards in *Observe* → *Dashboards* → *NetObserv* have new metrics types you can use to create Prometheus alerts. You can now define available metrics in the `includeList` specification. In previous releases, these metrics were defined in the `ignoreTags` specification. For a complete list of these metrics, see xref:../../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-metrics_metrics-dashboards-alerts[Network observability metrics].
[id="network-observability-improved-lokistack-integration"]
==== Improvements for network observability without Loki
You can create Prometheus alerts for the *Netobserv* dashboard using DNS, Packet drop, and RTT metrics, even if you don't use Loki. In the previous version of network observability, 1.4, these metrics were only available for querying and analysis in the *Network Traffic*, *Overview*, and *Topology* views, which are not available without Loki. For more information, see xref:../../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-metrics_metrics-dashboards-alerts[Network observability Metrics].
You can create Prometheus alerts for the *Netobserv* dashboard using DNS, Packet drop, and RTT metrics, even if you don't use Loki. In the previous version of network observability, 1.4, these metrics were only available for querying and analysis in the *Network Traffic*, *Overview*, and *Topology* views, which are not available without Loki. For more information, see xref:../../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-metrics_metrics-dashboards-alerts[Network observability metrics]
[id="network-observability-zones"]
==== Availability zones
@@ -583,7 +583,7 @@ The 1.4 release of the Network Observability Operator adds improvements and new
** The *NetObserv / Health* dashboard shows flows overhead as well as top flow rates per nodes, namespaces, and workloads.
** Infrastructure and Application metrics are shown in a split-view for namespaces and workloads.
For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-dashboards[Network observability metrics] and xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-quickfilter_nw-observe-network-traffic[Quick filters].
For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-dashboards_network-observability-overview[Network observability metrics dashboards] and xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-quickfilter_nw-observe-network-traffic[Quick filters].
[discrete]
[id="configuration-enhancements-1.4_{context}"]
@@ -665,7 +665,7 @@ You must switch your channel from `v1.0.x` to `stable` to receive future Operato
[id="flow-based-dashboard-1.3"]
==== Flow-based metrics dashboard
* This release adds a new dashboard, which provides an overview of the network flows in your {product-title} cluster. For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-dashboards[Network observability metrics].
* This release adds a new dashboard, which provides an overview of the network flows in your {product-title} cluster. For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-dashboards_network-observability-overview[Network observability metrics dashboards].
[id="must-gather-1.3"]
==== Troubleshooting with the must-gather tool

56
observability/network_observability/network-observability-overview.adoc
View File

@@ -1,52 +1,42 @@
:_mod-docs-content-type: ASSEMBLY
[id="network-observability-overview"]
= About Network Observability
= About network observability
include::_attributes/common-attributes.adoc[]
:context: network-observability-overview
toc::[]
Red Hat offers cluster administrators and developers the Network Observability Operator to observe the network traffic for {product-title} clusters. The Network Observability Operator uses the eBPF technology to create network flows. The network flows are then enriched with {product-title} information. They are available as Prometheus metrics or as logs in Loki. You can view and analyze the stored network flows information in the {product-title} console for further insight and troubleshooting.
Red Hat offers cluster administrators and developers the Network Observability Operator to observe the network traffic for {product-title} clusters. The Network Observability Operator uses the eBPF technology to create network flows, which are then enriched with {product-title} information. The flows are available as Prometheus metrics or as logs in Loki. You can view and analyze this stored information in the {product-title} console for further insight and troubleshooting.
[id="dependency-network-observability"]
== Optional dependencies of the Network Observability Operator
include::modules/network-observability-operator.adoc[leveloffset=+1]
* {loki-op}: Loki is the backend that can be used to store all collected flows with a maximal level of details. You can choose to use xref:../network_observability/installing-operators.adoc#network-observability-without-loki_network_observability[Network Observability without Loki], but there are some considerations for doing this, as described in the linked section. If you choose to install Loki, it is recommended to use the {loki-op}, which is supported by Red Hat.
* AMQ Streams Operator: Kafka provides scalability, resiliency and high availability in the {product-title} cluster for large scale deployments. If you choose to use Kafka, it is recommended to use the AMQ Streams Operator, because it is supported by Red Hat.
include::modules/network-observability-dependency-network-observability-operator.adoc[leveloffset=+1]
[id="network-observability-operator"]
== Network Observability Operator
[role="_additional-resources"]
[id="additional-resources-operator_{context}"]
.Additional resources
* xref:../network_observability/installing-operators.adoc#network-observability-without-loki_network_observability[Network observability without Loki]
The Network Observability Operator provides the Flow Collector API custom resource definition. A Flow Collector instance is a cluster-scoped resource that enables configuration of network flow collection. The Flow Collector instance deploys pods and services that form a monitoring pipeline where network flows are then collected and enriched with the Kubernetes metadata before storing in Loki or generating Prometheus metrics. The eBPF agent, which is deployed as a `daemonset` object, creates the network flows.
include::modules/network-observability-openshift-console-integration.adoc[leveloffset=+1]
[id="no-console-integration"]
== {product-title} console integration
[role="_additional-resources"]
[id="additional-resources-console_{context}"]
.Additional resources
* xref:../../observability/network_observability/installing-operators.adoc#network-observability-multi-tenancy_network_observability[Enabling multi-tenancy in network observability]
{product-title} console integration offers an overview, a topology view, and traffic flow tables. The Network Observability metrics dashboards in *Observe* -> *Dashboards* are available only to users with administrator access.
include::modules/network-observability-dashboards.adoc[leveloffset=+2]
[NOTE]
====
To enable multi-tenancy for developer access and for administrators with limited access to namespaces, you must specify permissions by defining roles. For more information, see xref:../../observability/network_observability/installing-operators.adoc#network-observability-multi-tenancy_network_observability[Enabling multi-tenancy in Network Observability].
====
[role="_additional-resources"]
[id="additional-resources-dashboards_{context}"]
.Additional resources
* xref:../../observability/network_observability/observing-network-traffic.adoc#network-observability-network-traffic-overview-view_nw-observe-network-traffic[Observing the network traffic from the Overview view]
* xref:../../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-metrics_metrics-dashboards-alerts[Network observability metrics]
* xref:../../observability/network_observability/network-observability-operator-monitoring.adoc#network-observability-health-dashboard-overview_network_observability[Health dashboards]
[id="network-observability-dashboards"]
=== Network Observability metrics dashboards
include::modules/network-observability-topology-views.adoc[leveloffset=+2]
On the *Overview* tab in the {product-title} console, you can view the overall aggregated metrics of the network traffic flow on the cluster. You can choose to display the information by zone, node, namespace, owner, pod, and service. Filters and display options can further refine the metrics. For more information, see xref:../network_observability/observing-network-traffic.adoc#network-observability-network-traffic-overview-view_nw-observe-network-traffic[Observing the network traffic from the Overview view].
include::modules/network-observability-traffic-flow-tables.adoc[leveloffset=+2]
In *Observe* -> *Dashboards*, the *Netobserv* dashboards provide a quick overview of the network flows in your {product-title} cluster. The *Netobserv/Health* dashboard provides metrics about the health of the Operator. For more information, see xref:../network_observability/metrics-alerts-dashboards.adoc#network-observability-metrics_metrics-dashboards-alerts[Network Observability Metrics] and xref:../network_observability/network-observability-operator-monitoring.adoc#network-observability-health-dashboard-overview_network_observability[Viewing health information].
include::modules/network-observability-cli.adoc[leveloffset=+1]
[id="network-observability-topology-views"]
=== Network Observability topology views
The {product-title} console offers the *Topology* tab which displays a graphical representation of the network flows and the amount of traffic. The topology view represents traffic between the {product-title} components as a network graph. You can refine the graph by using the filters and display options. You can access the information for zone, node, namespace, owner, pod, and service.
[id="traffic-flow-tables"]
=== Traffic flow tables
The *Traffic flow* table view provides a view for raw flows, non aggregated filtering options, and configurable columns. The {product-title} console offers the *Traffic flows* tab which displays the data of the network flows and the amount of traffic.
[id="network-observability-cli"]
== Network Observability CLI
You can quickly debug and troubleshoot networking issues with Network Observability by using the Network Observability CLI (`oc netobserv`). The Network Observability CLI is a flow and packet visualization tool that relies on eBPF agents to stream collected data to an ephemeral collector pod. It requires no persistent storage during the capture. After the run, the output is transferred to your local machine. This enables quick, live insight into packets and flow data without installing the Network Observability Operator.