Chapter 3. Using observability with Red Hat Insights
Red Hat Insights is integrated with Red Hat Advanced Cluster Management observability, and is enabled to help identify existing or potential problems in your clusters. Red Hat Insights helps you to identify, prioritize, and resolve stability, performance, network, and security risks. Red Hat OpenShift Container Platform offers cluster health monitoring through Red Hat OpenShift Cluster Manager. Red Hat OpenShift Cluster Manager collects anonymized, aggregated information about the health, usage, and size of the clusters. For more information, see Red Hat Insights product documentation.
When you create or import an OpenShift cluster, anonymized data from your managed cluster is automatically sent to Red Hat. This information is used to create insights, which provide cluster health information. Red Hat Advanced Cluster Management administrator can use this health information to create alerts based on severity.
Required access: Cluster administrator
3.1. Prerequisites
- Ensure that Red Hat Insights is enabled. For more information, see Modifying the global cluster pull secret to disable remote health reporting.
- Install OpenShift Container Platform version 4.0 or later.
- Hub cluster user, who is registered to Red Hat OpenShift Cluster Manager, must be able to manage all the Red Hat Advanced Cluster Management managed clusters in Red Hat OpenShift Cluster Manager.
3.2. Managing insight PolicyReports
Red Hat Advanced Cluster Management for Kubernetes PolicyReports
are violations that are generated by the insights-client
. The PolicyReports
are used to define and configure alerts that are sent to incident management systems. When there is a violation, alerts from a PolicyReport
are sent to incident management system.
3.2.1. Searching for insight policy reports
You can search for a specific insight PolicyReport
that has a violation, across your managed clusters. Complete the following steps:
- Log in to your Red Hat Advanced Cluster Management hub cluster.
- Select Search from the navigation menu.
Enter the following query:
kind:PolicyReport
.Note: The
PolicyReport
name matches the name of the cluster.-
You can specify your query with the insight policy violation and categories. When you select a
PolicyReport
name, you are redirected to the Details page of the associated cluster. The Insights sidebar is automatically displayed. If the search service is disabled and you want to search for an insight, run the following command from your hub cluster:
oc get policyreport --all-namespaces
3.2.2. Viewing identified issues from the console
You can view the identified issues on a specific cluster. Complete the following steps:
- Log in to your Red Hat Advanced Cluster Management cluster.
- Select Overview from the navigation menu.
-
Check the Cluster issues summary card. Select a severity link to view the
PolicyReports
that are associated with that severity. Details of the cluster issues and the severities are displayed from the Search page. Policy reports that are associated with the severity and have one or more issues appear. - Select a policy report to view cluster details from the Clusters page. The Status card displays information about Nodes, Applications, Policy violations, and Identified issues.
Select the Number of identified issues to view details. The Identified issues card represents the information from Red Hat insights. The Identified issues status displays the number of issues by severity. The triage levels used for the issues are the following severity categories: Critical, Major, Low, and Warning.
- Alternatively, you can select Clusters from the navigation menu.
- Select a managed cluster from the table to view more details.
- From the Status card, view the number of identified issues.
- Select the number of potential issues to view the severity chart and recommended remediations for the issues from the Potential issue side panel. You can also use the search feature to search for recommended remediations. The remediation option displays the Description of the vulnerability, Category that vulnerability is associated with, and the Total risk.
Click the link to the vulnerability to view steps on How to remediate and the Reason for the vulnerability.
Note: When you resolve the issue, you receive the Red Hat Insights every 30 minutes, and Red Hat Insights is updated every two hours.
Be sure to verify which component sent the alert message from the
PolicyReport
.-
Navigate to the Governance page and select a specific
PolicyReport
. -
Select the Status tab and click the View details link to view the
PolicyReport
YAML file. -
Locate the
source
parameter, which informs you of the component that sent the violation. The value options aregrc
andinsights
.
-
Navigate to the Governance page and select a specific
3.2.3. Viewing update risk predictions
View the potential risks for updating your managed clusters. Complete the following steps:
- Log in to your managed cluster.
- Go to the Overview page.
- From the Powered by Insights section, you can view the percentage of clusters with predicted risks, which are listed by severity.
- Select the number for the severity to view the list of clusters from the Clusters page.
- Select the cluster that you want, then click the Actions drop-down button.
- Click Upgrade clusters to view the risk for the upgdate.
- From the Upgrade clusters modal, find the Upgrade risks column and click the link for the number of risks to view information in the Hybrid Cloud console.
3.3. Additional resources
-
Learn how to create custom alert rules for the
PolicyReports
, see Configuring Alertmanager for more information. - See Observability service.