mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
65 lines
2.9 KiB
Plaintext
65 lines
2.9 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * network_observability/observing-network-traffic.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="network-observability-viewing-network-events_{context}"]
|
|
= Viewing network events
|
|
|
|
[role="_abstract"]
|
|
Configure the `FlowCollector` custom resource to enable network event tracking for auditing how security policies, firewalls, and isolation rules affect traffic flows in the web console.
|
|
|
|
:FeatureName: OVN-Kubernetes networking events tracking
|
|
include::snippets/technology-preview.adoc[]
|
|
|
|
You can edit the `FlowCollector` to view information about network traffic events, such as network flows that are dropped or allowed by the following resources:
|
|
|
|
* `NetworkPolicy`
|
|
* `AdminNetworkPolicy`
|
|
* `BaselineNetworkPolicy`
|
|
* `EgressFirewall`
|
|
* `UserDefinedNetwork` isolation
|
|
* Multicast ACLs
|
|
|
|
.Prerequisites
|
|
* You must have `OVNObservability` enabled by setting the `TechPreviewNoUpgrade` feature set in the `FeatureGate` custom resource (CR) named `cluster`. For more information, see "Enabling feature sets using the CLI" and "Checking OVN-Kubernetes network traffic with OVS sampling using the CLI".
|
|
* You have created at least one of the following network APIs: `NetworkPolicy`, `AdminNetworkPolicy`, `BaselineNetworkPolicy`, `UserDefinedNetwork` isolation, multicast, or `EgressFirewall`.
|
|
|
|
.Procedure
|
|
. In the web console, navigate to *Ecosystem* -> *Installed Operators*.
|
|
. In the *Provided APIs* heading for the *NetObserv Operator*, select *Flow Collector*.
|
|
. Select *cluster*, and then select the *YAML* tab.
|
|
. Configure the `FlowCollector` CR to enable viewing `NetworkEvents`, for example:
|
|
+
|
|
[id="network-observability-flowcollector-configuring-networkevents_{context}"]
|
|
.Example `FlowCollector` configuration
|
|
[source, yaml]
|
|
----
|
|
apiVersion: flows.netobserv.io/v1beta2
|
|
kind: FlowCollector
|
|
metadata:
|
|
name: cluster
|
|
spec:
|
|
agent:
|
|
type: eBPF
|
|
ebpf:
|
|
# sampling: 1 <1>
|
|
privileged: true <2>
|
|
features:
|
|
- "NetworkEvents"
|
|
----
|
|
<1> Optional: The `sampling` parameter is set to a value of 1 so that all network events are captured. If sampling `1` is too resource heavy, set sampling to something more appropriate for your needs.
|
|
<2> The `privileged` parameter is set to `true` because the `OVN observability` library needs to access local Open vSwitch (OVS) socket and OpenShift Virtual Network (OVN) databases.
|
|
|
|
.Verification
|
|
. Navigate to the *Network Traffic* view and select the *Traffic flows* table.
|
|
. You should see the new column, *Network Events*, where you can view information about impacts of one of the following network APIs you have enabled: `NetworkPolicy`, `AdminNetworkPolicy`, `BaselineNetworkPolicy`, `UserDefinedNetwork` isolation, multicast, or egress firewalls.
|
|
|
|
An example of the kind of events you could see in this column is as follows:
|
|
|
|
.Example of Network Events output
|
|
[source,text]
|
|
----
|
|
<Dropped_or_Allowed> by <network_event_and_event_name>, direction <Ingress_or_Egress>
|
|
----
|