-
Notifications
You must be signed in to change notification settings - Fork 1.8k
OSDOCS-15830 [NETOBSERV] Refactor release notes 1.9.0 #102641
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
gwynnemonahan
wants to merge
1
commit into
openshift:main
Choose a base branch
from
gwynnemonahan:OSDOCS-15830
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
11 changes: 11 additions & 0 deletions
11
modules/network-observability-operator-release-notes-1-9-0-cves.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| // Module included in the following assemblies: | ||
| // * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="network-observability-operator-release-notes-1-9-0-cves_{context}"] | ||
| = Network Observability Operator 1.9.0 CVEs | ||
|
|
||
| [role="_abstract"] | ||
| You can review the CVEs for the Network Observability Operator 1.9.0 release. | ||
|
|
||
| * link:https://access.redhat.com/security/cve/CVE-2025-26791[*CVE-2025-26791*] |
29 changes: 29 additions & 0 deletions
29
modules/network-observability-operator-release-notes-1-9-0-fixed-issues.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| // Module included in the following assemblies: | ||
| // * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="network-observability-operator-release-notes-1-9-0-fixed-issues_{context}"] | ||
| = Network Observability Operator 1.9.0 fixed issues | ||
|
|
||
| [role="_abstract"] | ||
| You can review the fixed issues for the Network Observability Operator 1.9.0 release. | ||
|
|
||
| * Previously, when filtering by source or destination IP from the console plugin, using a Classless Inter-Domain Routing (CIDR) notation such as `10.128.0.0/24` did not work, returning results that should be filtered out. With this update, it is now possible to use a CIDR notation, with the results being filtered as expected. (link:https://issues.redhat.com/browse/NETOBSERV-2276[NETOBSERV-2276]) | ||
|
|
||
| * Previously, network flows might have incorrectly identified the network interfaces in use, especially with a risk of mixing up `eth0` and `ens5`. This issue only occurred when the eBPF agents were configured as `Privileged`. With this update, it has been fixed partially, and almost all network interfaces are correctly identified. Refer to the known issues below for more details. (link:https://issues.redhat.com/browse/NETOBSERV-2257[NETOBSERV-2257]) | ||
|
|
||
| * Previously, when the Operator checked for available Kubernetes APIs in order to adapt its behavior, if there was a stale API, this resulted in an error that prevented the Operator from starting normally. With this update, the Operator ignores error on unrelated APIs, logs errors on related APIs, and continues to run normally. (link:https://issues.redhat.com/browse/NETOBSERV-2240[NETOBSERV-2240]) | ||
|
|
||
| * Previously, users could not sort flows by *Bytes* or *Packets* in the *Traffic* flows view of the Console plugin. With this update, users can sort flows by *Bytes* and *Packets*. (link:https://issues.redhat.com/browse/NETOBSERV-2239[NETOBSERV-2239]) | ||
|
|
||
| * Previously, when configuring the `FlowCollector` resource with an IPFIX exporter, MAC addresses in the IPFIX flows were truncated to their 2 first bytes. With this update, MAC addresses are fully represented in the IPFIX flows. (link:https://issues.redhat.com/browse/NETOBSERV-2208[NETOBSERV-2208]) | ||
|
|
||
| * Previously, some of the warnings sent from the Operator validation webhook could lack clarity on what needed to be done. With this update, some of these messages have been reviewed and amended to make them more actionable. (link:https://issues.redhat.com/browse/NETOBSERV-2178[NETOBSERV-2178]) | ||
|
|
||
| * Previously, it was not obvious to figure out there was an issue when referencing a `LokiStack` from the `FlowCollector` resource, such as in case of typing error. With this update, the `FlowCollector` status clearly states that the referenced `LokiStack` is not found in that case. (link:https://issues.redhat.com/browse/NETOBSERV-2174[NETOBSERV-2174]) | ||
|
|
||
| * Previously, in the console plugin *Traffic flows* view, in case of text overflow, text ellipses sometimes hid much of the text to be displayed. With this update, it displays as much text as possible. (link:https://issues.redhat.com/browse/NETOBSERV-2119[NETOBSERV-2119]) | ||
|
|
||
| * Previously, the console plugin for network observability 1.8.1 and earlier did not work with the {product-title} 4.19 web console, making the *Network Traffic* page inaccessible. With this update, the console plugin is compatible and the *Network Traffic* page is accessible in network observability 1.9.0. (link:https://issues.redhat.com/browse/NETOBSERV-2046[NETOBSERV-2046]) | ||
|
|
||
| * Previously, when using conversation tracking (`logTypes: Conversations` or `logTypes: All` in the `FlowCollector` resource), the *Traffic* rates metrics visible in the dashboards were flawed, wrongly showing an out-of-control increase in traffic. Now, the metrics show more accurate traffic rates. However, note that in `Conversations` and `EndedConversations` modes, these metrics are still not completely accurate as they do not include long-standing connections. This information has been added to the documentation. The default mode `logTypes: Flows` is recommended to avoid these inaccuracy. (link:https://issues.redhat.com/browse/NETOBSERV-1955[NETOBSERV-1955]) |
13 changes: 13 additions & 0 deletions
13
modules/network-observability-operator-release-notes-1-9-0-known-issues.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| // Module included in the following assemblies: | ||
| // * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="network-observability-operator-release-notes-1-9-0-known-issues_{context}"] | ||
| = Network Observability Operator 1.9.0 known issues | ||
|
|
||
| [role="_abstract"] | ||
| You can review the known issues for the Network Observability Operator 1.9.0 release. | ||
|
|
||
| * The user-defined network (UDN) feature displays a configuration issue and a warning when used with {product-title} 4.18, even though it is supported. This warning can be ignored. (link:https://issues.redhat.com/browse/NETOBSERV-2305[NETOBSERV-2305]) | ||
|
|
||
| * In some rare cases, the eBPF agent is unable to appropriately correlate flows with the involved interfaces when running in `privileged` modes with several network namespaces. A large part of these issues have been identified and resolved in this release, but some inconsistencies remain, especially with the `ens5` interface. (link:https://issues.redhat.com/browse/NETOBSERV-2287[NETOBSERV-2287]) |
40 changes: 40 additions & 0 deletions
40
...k-observability-operator-release-notes-1-9-0-new-features-and-enhancements.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| // Module included in the following assemblies: | ||
| // * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="network-observability-operator-release-notes-1-9-0-new-features-and-enhancements_{context}"] | ||
| = Network Observability Operator 1.9.0 new features and enhancements | ||
|
|
||
| [role="_abstract"] | ||
| You can review the new features and enhancements for the Network Observability Operator 1.9.0 release. | ||
|
|
||
| [id="user-defined-networks-with-network-observability_{context}"] | ||
| == User-defined networks with network observability | ||
| With this release, xref:../../../networking/multiple_networks/understanding-multiple-networks.adoc#understanding-multiple-networks[user-defined networks (UDN)] feature is generally available with network observability. When the `UDNMapping` feature is enabled in network observability, the *Traffic* flow table has a `UDN labels` column. You can filter logs on *Source Network Name* and *Destination Network Name* information. | ||
|
|
||
| [id="filter-flowlogs-at-ingestion_{context}"] | ||
| == Filter flowlogs at ingestion | ||
| With this release, you can create filters to reduce the number of generated network flows and the resource usage of network observability components. The following filters can be configured: | ||
|
|
||
| * eBPF Agent filters | ||
| * Flowlogs-pipeline filters | ||
|
|
||
| [id="ipsec-support_{context}"] | ||
| == IPsec support | ||
| This update brings the following enhancements to network observability when IPsec is enabled on {product-title}: | ||
|
|
||
| * A new column named *IPsec Status* is displayed in the network observability *Traffic* flows view to show whether a flow was successfully IPsec-encrypted or if there was an error during encryption/decryption. | ||
|
|
||
| * A new dashboard showing the percentage of encrypted traffic is generated. | ||
|
|
||
| [id="network-observability-cli-1-9_{context}"] | ||
| == Network Observability CLI | ||
| The following filtering options are now available for packets, flows, and metrics capture: | ||
|
|
||
| * Configure the ratio of packets being sampled by using the `--sampling` option. | ||
| * Filter flows using a custom query by using the `--query` option. | ||
| * Specify interfaces to monitor by using the `--interfaces` option. | ||
| * Specify interfaces to exclude by using the `--exclude_interfaces` option. | ||
| * Specify metric names to generate by using the `--include_list` option. | ||
|
|
||
| For more information, see xref:../../../observability/network_observability/netobserv_cli/netobserv-cli-reference.adoc#network-observability-netobserv-cli-reference_netobserv-cli-reference[Network Observability CLI reference]. | ||
gwynnemonahan marked this conversation as resolved.
Show resolved
Hide resolved
|
||
15 changes: 15 additions & 0 deletions
15
...twork-observability-operator-release-notes-1-9-0-notable-technical-changes.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| // Module included in the following assemblies: | ||
| // * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="network-observability-operator-release-notes-1-9-0-notable-technical-changes_{context}"] | ||
| = Network Observability Operator release notes 1.9.0 notable technical changes | ||
|
|
||
| [role="_abstract"] | ||
| You can review the notable technical changes for the Network Observability Operator 1.6.0 release. | ||
|
|
||
| * The `NetworkEvents` feature in network observability 1.9 has been updated to work with the newer Linux kernel of {product-title} 4.19. This update breaks compatibility with older kernels. As a result, the `NetworkEvents` feature can only be used with {product-title} 4.19. If you are using this feature with network observability 1.8 and {product-title} 4.18, consider avoiding a network observability upgrade or upgrade to network observability 1.9 and {product-title} to 4.19. | ||
|
|
||
| * The `netobserv-reader` cluster role has been renamed to `netobserv-loki-reader`. | ||
|
|
||
| * Improved CPU performance of the eBPF agents. |
18 changes: 18 additions & 0 deletions
18
...ork-observability-operator-release-notes-1-9-0-technology-preview-features.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| // Module included in the following assemblies: | ||
| // * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="network-observability-operator-release-notes-1-9-0-technology-preview-features_{context}"] | ||
| = Network Observability Operator 1.9.0 Technology Preview features | ||
|
|
||
| [role="_abstract"] | ||
| You can review the Technology Preview features for the Network Observability Operator 1.9.0 release. | ||
|
|
||
| Some features in this release are currently in Technology Preview. These experimental features are not intended for production use. Note the following scope of support on the Red Hat Customer Portal for these features: | ||
|
|
||
| link:https://access.redhat.com/support/offerings/techpreview[Technology Preview Features Support Scope] | ||
|
|
||
| [id="ebpf-manager-operator-with-network-observability_{context}"] | ||
| == eBPF Manager Operator with network observability | ||
|
|
||
| The eBPF Manager Operator reduces the attack surface and ensures compliance, security, and conflict prevention by managing all eBPF programs. Network observability can use the eBPF Manager Operator to load hooks. This eliminates the need to provide the eBPF Agent with privileged mode or additional Linux capabilities like `CAP_BPF` and `CAP_PERFMON`. The eBPF Manager Operator with network observability is only supported on 64-bit AMD architecture. |
11 changes: 11 additions & 0 deletions
11
modules/network-observability-operator-release-notes-1-9-0.adoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| // Module included in the following assemblies: | ||
| // * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="network-observability-operator-release-notes-1-9-0_{context}"] | ||
| = Network Observability Operator 1.9.0 advisory | ||
|
|
||
| [role="_abstract"] | ||
| You can review the advisory for the Network Observability Operator 1.9.0 release. | ||
|
|
||
| * link:https://access.redhat.com/errata/RHSA-2025:10020[Network Observability Operator 1.9] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.