Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 1. Network Observability Operator release notes
The Network Observability Operator enables administrators to observe and analyze network traffic flows for OpenShift Container Platform clusters.
These release notes track the development of the Network Observability Operator in the OpenShift Container Platform.
For an overview of the Network Observability Operator, see About network observability.
1.1. Network Observability Operator 1.11 advisory
You can review the advisory for Network Observability Operator 1.11 release.
1.2. Network Observability Operator 1.11 new features and enhancements
Learn about the new features and enhancements in the Network Observability Operator 1.11 release, including hierarchical governance with the
FlowCollectorSlice- Per-tenant hierarchical governance with the FlowCollectorSlice resource
This release introduces the
API to support hierarchical governance, allowing project administrators to independently manage sampling and subnet labeling for their specific namespaces.FlowCollectorSliceThis feature was implemented to reduce global processing overhead and provide tenant autonomy in large-scale environments where individual teams require self-service visibility without cluster-wide configuration changes. As a result, organizations can selectively collect traffic and delegate data enrichment tasks to the project level while maintaining centralized cluster control.
- New Service deployment model for the
FlowCollectorresource This release introduces a new
deployment model in theServicecustom resource. This model provides an intermediate option between theFlowCollectorandDirectmodels. In theKafkamodel, the eBPF agent is deployed as aServiceset, and thedaemoncomponent is deployed as a scalable service.flowlogs-pipelineThis model offers improved performance in large clusters by reducing cache duplication across component instances.
- Health rules are generally available
The health alerts feature, introduced in previous versions as a Technology Preview feature, is fully supported as health rules in the Network Observability Operator 1.11 release.
ImportantNetwork Observability health rules are available on OpenShift Container Platform 4.16 and later.
This eBPF-based system correlates network metrics with infrastructure metadata to provide proactive notifications and automated insights into cluster health, such as traffic surges or latency trends. As a result, you can use the Network Health dashboard in the OpenShift Container Platform web console to manage categorized alerts, customize thresholds, and create recording rules for improved visualization performance.
- Enhanced network traffic visualization and filtering
This release introduces enhanced visualization and filtering tools in the OpenShift Container Platform web console.
- Inline filter editing: You can now edit filter chips directly within the filter input field. This enhancement provides a more efficient method for modifying long filter values that were previously truncated, eliminating the need to manually copy and paste values. This update adopts an inline editing convention consistent with the Saved filters feature.
- External traffic quick filters: New quick filters allow you to monitor external ingress and egress traffic actively. This enhancement streamlines network management, enabling you to identify and address issues related to external network communication quickly.
- Intuitive resource iconography: The OpenShift Container Platform console now uses specific icons for Kubernetes kinds, groups, and filters. These icons provide a more intuitive and visually consistent experience, making it easier to navigate the network topology and identify applied filters at a glance.
- DNS resolution analysis
This release includes eBPF-based DNS tracking to enrich network flow records with domain names.
This feature was implemented to reduce the mean time to identify (MTTI) by allowing administrators to immediately distinguish between network routing failures and service discovery issues, such as
errors.NXDOMAIN- Integration with Gateway API
This release introduces automatic integration between the Network Observability Operator and the Gateway API when a
resource is created. This feature provides high-level traffic attribution for cluster ingress and egress traffic without requiring manual configuration of theGatewayClassresource.FlowCollectorImportantIntegration with Gateway API is available on OpenShift Container Platform 4.19 and later.
You can verify the automated mapping of network flows to Gateway API resources in the Observe
Network Traffic view of the OpenShift Container Platform web console. The Owner column displays the Gateway name, providing a direct link to the associated Gateway resource page. - Improved data resilience in the Overview and Topology views
With this release, functional data remains visible in the Overview and Topology views even if some background queries fail. This enhancement ensures that the scope and group drop-down menus in the Topology view remain accessible during partial service disruptions.
Additionally, the Overview page now displays active error messages to assist with troubleshooting, providing better visibility into system health without interrupting the monitoring workflow.
- Improved categorization of unknown network flows
With this release, network flows from unknown sources are categorized into four distinct groups: external, unknown service, unknown node, and unknown pod.
This enhancement uses subnet labels to separate unknown IP subnets, providing a clearer network topology. This improved visibility helps to identify potential security threats and allows for a more targeted analysis of unknown elements within the cluster.
- Improved performance for new Network Observability installations
The default performance of the Network Observability Operator is improved for new installations. The default value for
is increased from 5 to 15 seconds, and thecacheActiveTimeoutvalue is increased from 100,000 to 120,000 to accommodate higher flow volumes.cacheMaxFlowsImportantThese new default values apply only to new installations; existing installations retain their current configurations.
These changes reduce CPU load by up to 40%.
- Improved LokiStack status monitoring and reporting
With this release, the Network Observability Operator monitors the status of the
resource and reports errors or configuration issues. The Network Observability Operator verifiesLokiStackconditions, including pending or failed pods and specific warning conditions.LokiStackThis enhancement provides more actionable information in the
status, allowing for more effective troubleshooting of theFlowCollectorcomponent within network observability.LokiStack- Visual indicators for Loki indexed fields in the filter menu
With this release, functional data remains visible in the Overview and Topology views even if some background queries fail. This enhancement ensures that the scope and group drop-down menus in the Topology view remain accessible during partial service disruptions.
This enhancement improves query performance by indicating which fields are indexed for faster data retrieval. Using indexed fields when filtering data reduces the time required to browse and analyze network flows within the console.
1.3. Network Observability Operator 1.11 known issues
The following known issues affect the Network Observability Operator 1.11 release.
- Health rules do not trigger when the sampling rate increases because of
lowVolumeThreshold Network observability alerts might not trigger when an elevated sampling rate causes the volume to fall below the
filter. This results in fewer alerts being evaluated or displayed.lowVolumeThresholdTo work around this problem, adjust the
value to align with the sampling rate to ensure consistent alert evaluation.lowVolumeThreshold- DNS metrics unavailable when Loki is disabled
When the
feature is enabled in a "Loki-less" installation, the required metrics for DNS graphs are unavailable. As a consequence, you cannot view DNS latency and response codes in the dashboard.DNSTrackingTo work around this problem, you must either disable the
option or enable Loki in theDNSTrackingresource by settingFlowCollectorto true.spec.loki.enable
1.4. Network Observability Operator 1.11 fixed issues
The Network Observability Operator 1.11 release contains several fixed issues that improve performance and the user experience.
- Missing dates in charts
Before this update, the chart tooltip date was not displayed as intended, due to a breaking change in a dependency. As a consequence, users experienced missing date information in the OpenShift Container Platform web console plugin’s Overview tab chart, affecting data context.
With this release, the chart tooltip date display is restored.
- Warning message for Direct mode not refreshed after upscaling
Before this update, cluster information was not refreshed after scaling, causing a warning message to persist in large clusters, not updating with changes.
With this release, cluster information is now refreshed when it changes, resulting in the warning message for large clusters in
mode updating with changes in cluster size, improving user visibility.Direct- Unenriched OVN IPs
Before this update, some IPs declared by OVN-Kubernetes were not enriched, causing unenriched IPs like
to not appear in100.64.0.xnetwork. As a consequence, IPs not enriched caused the wrong network visibility for users.MachinesWith this release, missing IPs in OVN-Kubernetes are now enriched. As a result, IPs declared by OVN-Kubernetes are correctly enriched and appear in the
network improving the visibility of network traffic sources in theMachinesnetwork.Machines- Improved Operator API discovery reliability
Before this update, a race condition during Network Observability Operator startup could cause API discovery to fail silently. As a consequence, the operator could fail to recognize the OpenShift Container Platform cluster, leading to missing mandatory
resources and preventing components from functioning correctly.ClusterRoleBindingWith this release, the Network Observability Operator continues to check for API availability over time and reconciliation is blocked if discovery fails. As a result, the operator correctly identifies the environment and ensures all required roles are created.
- Added missing translation fields to IPFIX exports
Before this update, some network flow fields were missing translations during the IPFIX export process. As a result, exported IPFIX data was incomplete or difficult to interpret in external collectors.
With this release, the missing translation fields (xlat) have been added to the
IPFIX exporter. IPFIX exports now provide a complete set of translated fields for consistent network observability.flowlogs-pipeline- Fixed FlowMetric form creation link and defaults
Before this update, the link to create a
custom resource incorrectly directed users to a YAML editor instead of the intended form view. Additionally, the editor was pre-filled with incorrect default values.FlowMetricWith this release, the link correctly leads to the
resource creation form with the expected default settings. As a result, users can now easily createFlowMetricresources through the user interface.FlowMetric- Virtual machine resource type icon in Topology view
Before this update, virtual machine (VM) owner types incorrectly displayed a generic question mark (?) icon in the Topology view.
With this release, the user interface now includes a specific icon for VM resources. As a result, users can more easily identify and distinguish VM traffic within the network topology.
- DNS optimization, update DNS Alerts
Before this update, many DNS "NXDOMAIN" errors were returned due to ambiguous URLs being used in network observability.
With this release, these URLs have been disambiguated, resulting in a more optimal use of DNS.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}