[enterprise-4.19] OSDOCS-15824 [NETOBSERV] Refactor release notes 1.3.0

modules/network-observability-release-notes-1-1-0-bug-fixes.adoc

@@ -1,5 +1,5 @@
 // Module included in the following assemblies:
-// * network_observability/network-observability-operator-release-notes-archive.adoc
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="network-observability-release-notes-1-1-0-fixed-issues_{context}"]

modules/network-observability-release-notes-1-1-0-enhancements.adoc

@@ -1,5 +1,5 @@
 // Module included in the following assemblies:
-// * network_observability/network-observability-release-notes-archive.adoc
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="network-observability-release-notes-1-1-0-enhancements_{context}"]

modules/network-observability-release-notes-1-2-0-advisory.adoc

@@ -1,5 +1,5 @@
 // Module included in the following assemblies:
-// * network_observability/network-observability-operator-release-notes-archive.adoc
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="network-observability-release-notes-1-2-0-advisory_{context}"]

modules/network-observability-release-notes-1-2-0-bug-fixes.adoc

@@ -1,5 +1,5 @@
 // Module included in the following assemblies:
-// * network_observability/network-observability-operator-release-notes-archive.adoc
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="network-observability-release-notes-1-2-0-bug-fixes_{context}"]

modules/network-observability-release-notes-1-2-0-known-issues.adoc

@@ -1,5 +1,5 @@
 // Module included in the following assemblies:
-// * network_observability/network-observability-operator-release-notes-archive.adoc
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="network-observability-release-notes-1-2-0-known-issues_{context}"]

modules/network-observability-release-notes-1-2-0-new-features-enhancements.adoc

@@ -1,6 +1,5 @@
 // Module included in the following assemblies:
-
-// * observability/network-observability-operator-release-notes-archive.adoc
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="network-observability-release-notes-new-features-enhancements-1-2-0_{context}"]

modules/network-observability-release-notes-1-2-0-preparing-for-next-update.adoc

@@ -1,5 +1,5 @@
 // Module included in the following assemblies:
-// * network_observability/network-observability-release-notes-archive.adoc
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="network-observability-release-notes-1-2-0-preparing-for-next-update_{context}"]

modules/network-observability-release-notes-1-3-0-advisory.adoc

@@ -0,0 +1,11 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-3-0-advisory_{context}"]
+= Network observability 1.3.0 advisory
+
+[role="_abstract"]
+You can review the following advisory in the Network Observability Operator 1.3.0 release.
+
+* link:https://access.redhat.com/errata/RHSA-2023:3905[RHSA-2023:3905 Network Observability Operator 1.3.0]

modules/network-observability-release-notes-1-3-0-deprecated-features.adoc

@@ -0,0 +1,17 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-3-0-deprecated-features_{context}"]
+= Network observability 1.3.0 deprecated features
+
+[role="_abstract"]
+You can review the following deprecated features in the Network Observability Operator 1.3.0 release.
+
+[id="network-observability-channel-deprecation_{context}"]
+== Channel deprecation
+You must switch your channel from `v1.0.x` to `stable` to receive future Operator updates. The `v1.0.x` channel is deprecated and planned for removal in the next release.
+
+[id="authToken-host_{context}"]
+== Deprecated configuration parameter setting
+The release of Network Observability Operator 1.3 deprecates the `spec.Loki.authToken` `HOST` setting. When using the {loki-op}, you must now only use the `FORWARD` setting.

modules/network-observability-release-notes-1-3-0-fixed-issues.adoc

@@ -0,0 +1,25 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-3-0-fixed-issues_{context}"]
+= Network observability 1.3.0 fixed issues
+
+[role="_abstract"]
+You can review the following fixed issues in the Network Observability Operator 1.3.0 release.
+
+* Previously, when the Operator was installed from the CLI, the `Role` and `RoleBinding` that are necessary for the {cmo-full} to read the metrics were not installed as expected. The issue did not occur when the operator was installed from the web console. Now, either way of installing the Operator installs the required `Role` and `RoleBinding`. (link:https://issues.redhat.com/browse/NETOBSERV-1003[*NETOBSERV-1003*])
+
+* Since version 1.2, the Network Observability Operator can raise alerts when a problem occurs with the flows collection. Previously, due to a bug, the related configuration to disable alerts, `spec.processor.metrics.disableAlerts` was not working as expected and sometimes ineffectual. Now, this configuration is fixed so that it is possible to disable the alerts. (link:https://issues.redhat.com/browse/NETOBSERV-976[*NETOBSERV-976*])
+
+* Previously, when network observability was configured with `spec.loki.authToken` set to `DISABLED`, only a `kubeadmin` cluster administrator was able to view network flows. Other types of cluster administrators received authorization failure. Now, any cluster administrator is able to view network flows. (link:https://issues.redhat.com/browse/NETOBSERV-972[*NETOBSERV-972*])
+
+* Previously, a bug prevented users from setting `spec.consolePlugin.portNaming.enable` to `false`. Now, this setting can be set to `false` to disable port-to-service name translation. (link:https://issues.redhat.com/browse/NETOBSERV-971[*NETOBSERV-971*])
+
+* Previously, the metrics exposed by the console plugin were not collected by the {cmo-full} (Prometheus), due to an incorrect configuration. Now the configuration has been fixed so that the console plugin metrics are correctly collected and accessible from the {product-title} web console. (link:https://issues.redhat.com/browse/NETOBSERV-765[*NETOBSERV-765*])
+
+* Previously, when `processor.metrics.tls` was set to `AUTO` in the `FlowCollector`, the `flowlogs-pipeline servicemonitor` did not adapt the appropriate TLS scheme, and metrics were not visible in the web console. Now the issue is fixed for AUTO mode. (link:https://issues.redhat.com/browse/NETOBSERV-1070[*NETOBSERV-1070*])
+
+* Previously, certificate configuration, such as used for Kafka and Loki, did not allow specifying a namespace field, implying that the certificates had to be in the same namespace where network observability is deployed. Moreover, when using Kafka with TLS/mTLS, the user had to manually copy the certificate(s) to the privileged namespace where the `eBPF` agent pods are deployed and manually manage certificate updates, such as in the case of certificate rotation. Now, network observability setup is simplified by adding a namespace field for certificates in the `FlowCollector` resource. As a result, users can now install Loki or Kafka in different namespaces without needing to manually copy their certificates in the network observability namespace. The original certificates are watched so that the copies are automatically updated when needed. (link:https://issues.redhat.com/browse/NETOBSERV-773[*NETOBSERV-773*])
+
+* Previously, the SCTP, ICMPv4 and ICMPv6 protocols were not covered by the network observability agents, resulting in a less comprehensive network flows coverage. These protocols are now recognized to improve the flows coverage. (link:https://issues.redhat.com/browse/NETOBSERV-934[*NETOBSERV-934*])

modules/network-observability-release-notes-1-3-0-known-issues.adoc

@@ -0,0 +1,15 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-3-0-known-issues_{context}"]
+= Network observability 1.3.0 known issues
+
+[role="_abstract"]
+You can review the following issues and their workarounds, if available, to troubleshoot issues with the Network Observability Operator 1.3.0 release.
+
+* When `processor.metrics.tls` is set to `PROVIDED` in the `FlowCollector`, the `flowlogs-pipeline` `servicemonitor` is not adapted to the TLS scheme. (link:https://issues.redhat.com/browse/NETOBSERV-1087[*NETOBSERV-1087*])
+
+* Since the 1.2.0 release of the Network Observability Operator, using {loki-op} 5.6, a Loki certificate change periodically affects the `flowlogs-pipeline` pods and results in dropped flows rather than flows written to Loki. The problem self-corrects after some time, but it still causes temporary flow data loss during the Loki certificate change. This issue has only been observed in large-scale environments of 120 nodes or greater.(link:https://issues.redhat.com/browse/NETOBSERV-980[*NETOBSERV-980*])
+
+* When you install the Operator, a warning kernel taint can appear. The reason for this error is that the network observability eBPF agent has memory constraints that prevent preallocating the entire hashmap table. The Operator eBPF agent sets the `BPF_F_NO_PREALLOC` flag so that pre-allocation is disabled when the hashmap is too memory expansive.

modules/network-observability-release-notes-1-3-0-new-features-and-enhancements.adoc

@@ -0,0 +1,25 @@
+// Module included in the following assemblies:
+// * network_observability/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-3-0-features-enhancements_{context}"]
+= Network observability 1.3.0 new features and enhancements
+
+[role="_abstract"]
+You can review the following new features and enhancements in the Network Observability Operator 1.3.0 release.
+
+[id="multi-tenancy-1.3_{context}"]
+== Multi-tenancy in network observability
+* System administrators can allow and restrict individual user access, or group access, to the flows stored in Loki. For more information, see "Multi-tenancy in network observability".
+
+[id="flow-based-dashboard-1.3_{context}"]
+== Flow-based metrics dashboard
+* This release adds a new dashboard, which provides an overview of the network flows in your {product-title} cluster. For more information, see "Network observability metrics dashboards".
+
+[id="must-gather-1.3_{context}"]
+== Troubleshooting with the must-gather tool
+* Information about the Network Observability Operator can now be included in the must-gather data for troubleshooting. For more information, see "Network observability must-gather".
+
+[id="multi-arch-1.3_{context}"]
+== Multiple architectures now supported
+* Network Observability Operator can now run on an `amd64`, `ppc64le`, or `arm64` architectures. Previously, it only ran on `amd64`.

observability/network_observability/network-observability-operator-release-notes.adoc

@@ -660,58 +660,4 @@ The following advisory is available for the Network Observability Operator 1.3.0
 
 * link:https://access.redhat.com/errata/RHSA-2023:3905[RHSA-2023:3905 Network Observability Operator 1.3.0]
 
-[id="network-observability-channel-deprecation"]
-=== Channel deprecation
-You must switch your channel from `v1.0.x` to `stable` to receive future Operator updates. The `v1.0.x` channel is deprecated and planned for removal in the next release.
 
-[id="network-observability-operator-1.3.0-features-enhancements"]
-=== New features and enhancements
-
-[id="multi-tenancy-1.3"]
-==== Multi-tenancy in network observability
-* System administrators can allow and restrict individual user access, or group access, to the flows stored in Loki. For more information, see xref:../../observability/network_observability/installing-operators.adoc#network-observability-multi-tenancy_network_observability[Multi-tenancy in network observability].
-
-[id="flow-based-dashboard-1.3"]
-==== Flow-based metrics dashboard
-* This release adds a new dashboard, which provides an overview of the network flows in your {product-title} cluster. For more information, see xref:../../observability/network_observability/network-observability-overview.adoc#network-observability-dashboards_network-observability-overview[Network observability metrics dashboards].
-
-[id="must-gather-1.3"]
-==== Troubleshooting with the must-gather tool
-* Information about the Network Observability Operator can now be included in the must-gather data for troubleshooting. For more information, see xref:../../observability/network_observability/troubleshooting-network-observability.adoc#network-observability-must-gather_network-observability-troubleshooting[Network observability must-gather].
-
-[id="multi-arch-1.3"]
-==== Multiple architectures now supported
-* Network Observability Operator can now run on an `amd64`, `ppc64le`, or `arm64` architectures. Previously, it only ran on `amd64`.
-
-[id="deprecated-features-1.3"]
-=== Deprecated features
-
-[id="authToken-host"]
-==== Deprecated configuration parameter setting
-The release of Network Observability Operator 1.3 deprecates the `spec.Loki.authToken` `HOST` setting. When using the {loki-op}, you must now only use the `FORWARD` setting.
-
-[id="network-observability-operator-1.3.0-bug-fixes"]
-=== Bug fixes
-* Previously, when the Operator was installed from the CLI, the `Role` and `RoleBinding` that are necessary for the {cmo-full} to read the metrics were not installed as expected. The issue did not occur when the operator was installed from the web console. Now, either way of installing the Operator installs the required `Role` and `RoleBinding`. (link:https://issues.redhat.com/browse/NETOBSERV-1003[*NETOBSERV-1003*])
-
-* Since version 1.2, the Network Observability Operator can raise alerts when a problem occurs with the flows collection. Previously, due to a bug, the related configuration to disable alerts, `spec.processor.metrics.disableAlerts` was not working as expected and sometimes ineffectual. Now, this configuration is fixed so that it is possible to disable the alerts. (link:https://issues.redhat.com/browse/NETOBSERV-976[*NETOBSERV-976*])
-
-* Previously, when network observability was configured with `spec.loki.authToken` set to `DISABLED`, only a `kubeadmin` cluster administrator was able to view network flows. Other types of cluster administrators received authorization failure. Now, any cluster administrator is able to view network flows. (link:https://issues.redhat.com/browse/NETOBSERV-972[*NETOBSERV-972*])
-
-* Previously, a bug prevented users from setting `spec.consolePlugin.portNaming.enable` to `false`. Now, this setting can be set to `false` to disable port-to-service name translation. (link:https://issues.redhat.com/browse/NETOBSERV-971[*NETOBSERV-971*])
-
-* Previously, the metrics exposed by the console plugin were not collected by the {cmo-full} (Prometheus), due to an incorrect configuration. Now the configuration has been fixed so that the console plugin metrics are correctly collected and accessible from the {product-title} web console. (link:https://issues.redhat.com/browse/NETOBSERV-765[*NETOBSERV-765*])
-
-* Previously, when `processor.metrics.tls` was set to `AUTO` in the `FlowCollector`, the `flowlogs-pipeline servicemonitor` did not adapt the appropriate TLS scheme, and metrics were not visible in the web console. Now the issue is fixed for AUTO mode. (link:https://issues.redhat.com/browse/NETOBSERV-1070[*NETOBSERV-1070*])
-
-* Previously, certificate configuration, such as used for Kafka and Loki, did not allow specifying a namespace field, implying that the certificates had to be in the same namespace where network observability is deployed. Moreover, when using Kafka with TLS/mTLS, the user had to manually copy the certificate(s) to the privileged namespace where the `eBPF` agent pods are deployed and manually manage certificate updates, such as in the case of certificate rotation. Now, network observability setup is simplified by adding a namespace field for certificates in the `FlowCollector` resource. As a result, users can now install Loki or Kafka in different namespaces without needing to manually copy their certificates in the network observability namespace. The original certificates are watched so that the copies are automatically updated when needed. (link:https://issues.redhat.com/browse/NETOBSERV-773[*NETOBSERV-773*])
-
-* Previously, the SCTP, ICMPv4 and ICMPv6 protocols were not covered by the network observability agents, resulting in a less comprehensive network flows coverage. These protocols are now recognized to improve the flows coverage. (link:https://issues.redhat.com/browse/NETOBSERV-934[*NETOBSERV-934*])
-
-[id="network-observability-operator-1.3.0-known-issues"]
-=== Known issues
-* When `processor.metrics.tls` is set to `PROVIDED` in the `FlowCollector`, the `flowlogs-pipeline` `servicemonitor` is not adapted to the TLS scheme. (link:https://issues.redhat.com/browse/NETOBSERV-1087[*NETOBSERV-1087*])
-
-* Since the 1.2.0 release of the Network Observability Operator, using {loki-op} 5.6, a Loki certificate change periodically affects the `flowlogs-pipeline` pods and results in dropped flows rather than flows written to Loki. The problem self-corrects after some time, but it still causes temporary flow data loss during the Loki certificate change. This issue has only been observed in large-scale environments of 120 nodes or greater.(link:https://issues.redhat.com/browse/NETOBSERV-980[*NETOBSERV-980*])
-
-* When you install the Operator, a warning kernel taint can appear. The reason for this error is that the network observability eBPF agent has memory constraints that prevent preallocating the entire hashmap table. The Operator eBPF agent sets the `BPF_F_NO_PREALLOC` flag so that pre-allocation is disabled when the hashmap is too memory expansive.