OSDOCS-14862 NETOBSERV 1.9 Features, Bugs, Known Issues #94440
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openshift-ci
bot
added
the
size/M
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
gwynnemonahan
force-pushed
the
OSDOCS-14862
branch
from
9e81da8 to
adcee66
Compare
openshift-ci
bot
added
size/L
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
jpinsonneau
reviewed
Jun 17, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
jpinsonneau
reviewed
Jun 17, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
openshift-ci
bot
added
size/M
Amoghrd
reviewed
Jun 18, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Show resolved
Hide resolved
jotak
reviewed
Jun 20, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
jotak
reviewed
Jun 20, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
jotak
reviewed
Jun 20, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Show resolved
Hide resolved
openshift-ci
bot
added
size/L
|
/cc @memodi |
Amoghrd
reviewed
Jun 25, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
gwynnemonahan
force-pushed
the
OSDOCS-14862
branch
from
6263e78 to
d0ef840
Compare
openshift-merge-robot
added
the
needs-rebase
gwynnemonahan
force-pushed
the
OSDOCS-14862
branch
from
d0ef840 to
dcdd600
Compare
openshift-merge-robot
removed
the
needs-rebase
openshift-ci
bot
added
the
qe-approved
gwynnemonahan
force-pushed
the
OSDOCS-14862
branch
from
0f20288 to
bf5497c
Compare
jpinsonneau
approved these changes
Jul 1, 2025
gwynnemonahan
force-pushed
the
OSDOCS-14862
branch
from
7b9c2de to
57d971c
Compare
Contributor
Author
|
/label peer-review-needed |
openshift-ci
bot
added
the
peer-review-needed
openshift-merge-robot
added
the
needs-rebase
gwynnemonahan
force-pushed
the
OSDOCS-14862
branch
2 times, most recently
from
8e6244b to
42dc68c
Compare
openshift-merge-robot
removed
the
needs-rebase
Contributor
Author
|
Advisory is available, link has been added, prompting new checks. PR also needed rebasing. |
stevsmit
added
peer-review-in-progress
stevsmit
reviewed
Jul 2, 2025
observability/network_observability/network-observability-operator-release-notes.adoc
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
observability/network_observability/network-observability-operator-release-notes.adoc
Outdated
Show resolved
Hide resolved
stevsmit
added
peer-review-done
gwynnemonahan
force-pushed
the
OSDOCS-14862
branch
from
b0d935e to
7689b91
Compare
|
@gwynnemonahan: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Contributor
Author
|
/label merge-review-needed |
openshift-ci
bot
added
the
merge-review-needed
JoeAldinger
added
merge-review-in-progress
JoeAldinger
reviewed
Jul 2, 2025
Contributor
JoeAldinger
left a comment
JoeAldinger
left a comment
There was a problem hiding this comment.
No big deal breakers, but some suggestions that might help.
|
|
||
| [id="filter-flowlogs-at-ingestion_{context}"] | ||
| ==== Filter flowlogs at ingestion | ||
| With this release, you can create filters to reduce the number of generated network flows and the resource usage of Network Observability components. |
Contributor
There was a problem hiding this comment.
Suggested change
| With this release, you can create filters to reduce the number of generated network flows and the resource usage of Network Observability components. | |
| With this release, you can create filters to reduce the number of generated network flows and the resource usage of Network Observability components. The following filters can be configured: |
| ==== Filter flowlogs at ingestion | ||
| With this release, you can create filters to reduce the number of generated network flows and the resource usage of Network Observability components. | ||
|
|
||
| You can configure the following filters: |
Contributor
There was a problem hiding this comment.
Suggested change
| You can configure the following filters: |
| ==== Network Observability CLI | ||
| New filtering options available with packets, flows, and metrics capture: | ||
|
|
||
| * Track IPsec using `--enable_ipsec` |
Contributor
There was a problem hiding this comment.
I agree with Steven here and think this needs to be updated if not for this release for future. If you aren't going to use the definition list these at least need nouns after the literals. I think command is the correct noun for all of these.
|
|
||
| [id="notable-technical-changes-1-9_{context}"] | ||
| === Notable technical changes | ||
| * The `NetworkEvents` feature in Network Observability 1.9 has been updated to work with the newer Linux kernel of {product-title} 4.19. This update breaks compatibility with older kernels. As a result, the `NetworkEvents` feature can only be used with {product-title} 4.19. If you are using this feature with Network Observability 1.8 and {product-title} 4.18, consider avoiding a Network Observability upgrade or upgrading Network Observability to 1.9 and {product-title} to 4.19. |
Contributor
There was a problem hiding this comment.
Suggested change
| * The `NetworkEvents` feature in Network Observability 1.9 has been updated to work with the newer Linux kernel of {product-title} 4.19. This update breaks compatibility with older kernels. As a result, the `NetworkEvents` feature can only be used with {product-title} 4.19. If you are using this feature with Network Observability 1.8 and {product-title} 4.18, consider avoiding a Network Observability upgrade or upgrading Network Observability to 1.9 and {product-title} to 4.19. | |
| * The `NetworkEvents` feature in Network Observability 1.9 has been updated to work with the newer Linux kernel of {product-title} 4.19. This update breaks compatibility with older kernels. As a result, the `NetworkEvents` feature can only be used with {product-title} 4.19. If you are using this feature with Network Observability 1.8 and {product-title} 4.18, consider avoiding a Network Observability upgrade or upgrade to Network Observability 1.9 and {product-title} to 4.19. |
| === Notable technical changes | ||
| * The `NetworkEvents` feature in Network Observability 1.9 has been updated to work with the newer Linux kernel of {product-title} 4.19. This update breaks compatibility with older kernels. As a result, the `NetworkEvents` feature can only be used with {product-title} 4.19. If you are using this feature with Network Observability 1.8 and {product-title} 4.18, consider avoiding a Network Observability upgrade or upgrading Network Observability to 1.9 and {product-title} to 4.19. | ||
|
|
||
| * The `netobserv-reader` `clusterrole` has been renamed to `netobserv-loki-reader`. |
Contributor
There was a problem hiding this comment.
What are these parameters, fields, values, CR? Can you add nouns to help the user understand what these are?
| [id="network-observability-technology-preview-1-9_{context}"] | ||
| === Technology Preview features | ||
| Some features in this release are currently in Technology Preview. These experimental features are not intended for production use. Note the following scope of support on the Red Hat Customer Portal for these features: | ||
|
|
Contributor
There was a problem hiding this comment.
69-71 seem redundant to me if you are going to use the TP snippet.
|
|
||
| * Previously, when the Operator checked for available Kubernetes APIs in order to adapt its behavior, if there was a stale API, this resulted in an error that prevented the Operator from starting normally. With this update, the Operator ignores error on unrelated APIs, logs errors on related APIs, and continues to run normally. (link:https://issues.redhat.com/browse/NETOBSERV-2240[*NETOBSERV-2240*]) | ||
|
|
||
| * Previously, users could not sort flows by *Bytes* or *Packets* in the *Traffic* flows view of the Console plugin. With this update, users can sort flows by *Bytes* and *Packets*.(link:https://issues.redhat.com/browse/NETOBSERV-2239[*NETOBSERV-2239*]) |
Contributor
There was a problem hiding this comment.
Suggested change
| * Previously, users could not sort flows by *Bytes* or *Packets* in the *Traffic* flows view of the Console plugin. With this update, users can sort flows by *Bytes* and *Packets*.(link:https://issues.redhat.com/browse/NETOBSERV-2239[*NETOBSERV-2239*]) | |
| * Previously, users could not sort flows by *Bytes* or *Packets* in the *Traffic* flows view of the Console plugin. With this update, users can sort flows by *Bytes* and *Packets*. (link:https://issues.redhat.com/browse/NETOBSERV-2239[*NETOBSERV-2239*]) |
|
|
||
| * Previously, when configuring the `FlowCollector` resource with an IPFIX exporter, MAC addresses in the IPFIX flows were truncated to their 2 first bytes. With this update, MAC addresses are fully represented in the IPFIX flows. (link:https://issues.redhat.com/browse/NETOBSERV-2208[*NETOBSERV-2208*]) | ||
|
|
||
| * Previously, some of the warnings sent from the Operator validation webhook could lack clarity, such as when not mentioning exactly which feature causes the warning, or what needed to be done. With this update, some of these messages have been reviewed and amended to make them more actionable. (link:https://issues.redhat.com/browse/NETOBSERV-2178[*NETOBSERV-2178*]) |
Contributor
There was a problem hiding this comment.
Suggested change
| * Previously, some of the warnings sent from the Operator validation webhook could lack clarity, such as when not mentioning exactly which feature causes the warning, or what needed to be done. With this update, some of these messages have been reviewed and amended to make them more actionable. (link:https://issues.redhat.com/browse/NETOBSERV-2178[*NETOBSERV-2178*]) | |
| * Previously, some of the warnings sent from the Operator validation webhook could lack clarity on what needed to be done. With this update, some of these messages have been reviewed and amended to make them more actionable. (link:https://issues.redhat.com/browse/NETOBSERV-2178[*NETOBSERV-2178*]) |
|
|
||
| * Previously, the console plugin for Network Observability 1.8.1 and earlier did not work with the {product-title} 4.19 web console, making the *Network Traffic* page inaccessible. With this update, the console plugin is compatible and the *Network Traffic* page is accessible in Network Observability 1.9.0. (link:https://issues.redhat.com/browse/NETOBSERV-2046[*NETOBSERV-2046*]) | ||
|
|
||
| * Previously, when using conversation tracking (`logTypes: Conversations` or `logTypes: All` in the `FlowCollector` resource), the *Traffic* rates metrics visible in the dashboards were flawed, wrongly showing an out-of-control increase in traffic. Now, the metrics show more accurate traffic rates. However, note that in `Conversations` and `EndedConversations` modes, these metrics are still not 100% accurate as they don't include long-standing connections. This information has been added to the documentation. The default mode `logTypes: Flows`, is recommended to avoid this kind of inaccuracy. (link:https://issues.redhat.com/browse/NETOBSERV-1955[*NETOBSERV-1955*]) |
Contributor
There was a problem hiding this comment.
Suggested change
| * Previously, when using conversation tracking (`logTypes: Conversations` or `logTypes: All` in the `FlowCollector` resource), the *Traffic* rates metrics visible in the dashboards were flawed, wrongly showing an out-of-control increase in traffic. Now, the metrics show more accurate traffic rates. However, note that in `Conversations` and `EndedConversations` modes, these metrics are still not 100% accurate as they don't include long-standing connections. This information has been added to the documentation. The default mode `logTypes: Flows`, is recommended to avoid this kind of inaccuracy. (link:https://issues.redhat.com/browse/NETOBSERV-1955[*NETOBSERV-1955*]) | |
| * Previously, when using conversation tracking (`logTypes: Conversations` or `logTypes: All` in the `FlowCollector` resource), the *Traffic* rates metrics visible in the dashboards were flawed, wrongly showing an out-of-control increase in traffic. Now, the metrics show more accurate traffic rates. However, note that in `Conversations` and `EndedConversations` modes, these metrics are still not completely accurate as they do not include long-standing connections. This information has been added to the documentation. The default mode `logTypes: Flows` is recommended to avoid these inaccuracy. (link:https://issues.redhat.com/browse/NETOBSERV-1955[*NETOBSERV-1955*]) |
| === Known issues | ||
| * The user-defined network (UDN) feature displays a configuration issue and a warning when used with {product-title} 4.18, even though it is supported. This warning can be ignored. (link:https://issues.redhat.com/browse/NETOBSERV-2305[*NETOBSERV-2305*]) | ||
|
|
||
| * In some rare cases, the eBPF agent is unable to appropriately correlate flows with the involved interfaces when running in privileged modes with several network namespaces. A large part of these issues have been identified and resolved in this release, but some inconsistencies remain, especially with the `ens5` interface. (link:https://issues.redhat.com/browse/NETOBSERV-2287[*NETOBSERV-2287*]) |
Contributor
There was a problem hiding this comment.
Suggested change
| * In some rare cases, the eBPF agent is unable to appropriately correlate flows with the involved interfaces when running in privileged modes with several network namespaces. A large part of these issues have been identified and resolved in this release, but some inconsistencies remain, especially with the `ens5` interface. (link:https://issues.redhat.com/browse/NETOBSERV-2287[*NETOBSERV-2287*]) | |
| * In some rare cases, the eBPF agent is unable to appropriately correlate flows with the involved interfaces when running in `privileged` modes with several network namespaces. A large part of these issues have been identified and resolved in this release, but some inconsistencies remain, especially with the `ens5` interface. (link:https://issues.redhat.com/browse/NETOBSERV-2287[*NETOBSERV-2287*]) |
JoeAldinger
removed
the
merge-review-in-progress
Contributor
|
merge review completed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://issues.redhat.com/browse/OSDOCS-14862 NETOBSERV 1.9 Features, Bugs, Known Issues
Version(s):
Merge to only the
no-1.9branch - no cherrypicks are required.I will open one PR against main to incorporate all of the NetObserv content just before its GA.
Issue:
https://issues.redhat.com/browse/OSDOCS-14862
Link to docs preview:
QE review:
Additional information:
06/24/2025:
See #95159. All content from previously merged PRs vanished from the
no-1.9branch, and are appearing in any open PR againstno-1.9. Hopefully merging 95159 and a rebase will resolve things.