OSDOCS-3917:Installing and Configuring the Network Observability operator #53263
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openshift-ci
bot
added
the
size/M
skrthomas
force-pushed
the
OSDOCS-3917
branch
from
abe6776
to
3f2c897
Compare
openshift-ci
bot
added
size/L
skrthomas
force-pushed
the
OSDOCS-3917
branch
4 times, most recently
from
b26040e
to
7998664
Compare
|
🤖 Updated build preview is available at: Build log: https://circleci.com/gh/ocpdocs-previewbot/openshift-docs/6245 |
skrthomas
force-pushed
the
OSDOCS-3917
branch
from
7998664
to
0d3f7d7
Compare
skrthomas
added
branch/enterprise-4.12
do-not-merge/work-in-progress
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
skrthomas
force-pushed
the
OSDOCS-3917
branch
9 times, most recently
from
004c14c
to
9b5a08d
Compare
skrthomas
changed the title
skrthomas
force-pushed
the
OSDOCS-3917
branch
6 times, most recently
from
174181c
to
b20cd5a
Compare
skrthomas
force-pushed
the
OSDOCS-3917
branch
3 times, most recently
from
414fb41
to
1992a46
Compare
johnwilkins
reviewed
Jan 3, 2023
| @@ -0,0 +1,18 @@ | |||
| // Module included in the following assemblies: | |||
|
|
|||
| // * configuring-operators.adoc | |||
There was a problem hiding this comment.
Add the full directory path.
There was a problem hiding this comment.
ACK, addressed globally.
| // * configuring-operators.adoc | ||
|
|
||
| :_content-type: PROCEDURE | ||
| [id="network-observability-config-FLP-sampling{context}"] |
There was a problem hiding this comment.
Add an underscore before {context}, and remove the carriage return between the anchor tag and title.
| [id="network-observability-config-FLP-sampling{context}"] | ||
|
|
||
| = Updating the Flow Collector resource | ||
| As an alternative to editing YAML in the {product-title} web console, you can do configure specifications, such as eBPF sampling, by patching the `flowcollector` custom resource (CR): |
There was a problem hiding this comment.
Consider s/you can do configure/you can configure/
| @@ -0,0 +1,79 @@ | |||
| // Module included in the following assemblies: | |||
|
|
|||
| // * configuring-operators.adoc | |||
There was a problem hiding this comment.
Add the directory path.
|
|
||
| :_content-type: PROCEDURE | ||
| [id="network-observability-config-quick-filters_{context}"] | ||
|
|
There was a problem hiding this comment.
Remove the extra carriage return between the anchor tag and title.
| ---- | ||
| <1> The Agent specification, `spec.agent.type`, must be `EBPF`. eBPF is the only {product-title} supported option. | ||
| <2> You can set the Sampling specification, `spec.agent.ebpf.sampling`, to manage resources. Lower sampling values might consume a large amount of computational, memory and storage resources. You can mitigate this by setting a sampling ratio. A value of 100 means one flow every 100 is sampled. A value of 0 or 1 means all flows are captured. The lower the value, the increase in returned flows and the accuracy of derived metrics. By default, eBPF sampling is set to a value of 50, for example 1:50. Note that more sampled flows also means more storage needed. It is recommend to start with default values and refine empirically, to determine which setting your cluster can manage. | ||
| <3> The Loki specification, `spec.loki` the Loki client. The default values match the Loki install paths mentioned in the Installing the Loki Operator section, but you might have to configure differently if you used another installation method. |
There was a problem hiding this comment.
configure it differently?
There was a problem hiding this comment.
Ah, yea I do think this can be reworked so it seems less vague. However, it will still be vague because we are not providing any installation guidelines if users choose to install Loki from a 3rd party like Helm or Garfana. This documentation only supports installing Loki via the Red Hat Loki Operator
| <1> The Agent specification, `spec.agent.type`, must be `EBPF`. eBPF is the only {product-title} supported option. | ||
| <2> You can set the Sampling specification, `spec.agent.ebpf.sampling`, to manage resources. Lower sampling values might consume a large amount of computational, memory and storage resources. You can mitigate this by setting a sampling ratio. A value of 100 means one flow every 100 is sampled. A value of 0 or 1 means all flows are captured. The lower the value, the increase in returned flows and the accuracy of derived metrics. By default, eBPF sampling is set to a value of 50, for example 1:50. Note that more sampled flows also means more storage needed. It is recommend to start with default values and refine empirically, to determine which setting your cluster can manage. | ||
| <3> The Loki specification, `spec.loki` the Loki client. The default values match the Loki install paths mentioned in the Installing the Loki Operator section, but you might have to configure differently if you used another installation method. | ||
| <4> The `spec.quickFilters` specification defines filters that show up in the web console. The `Application` filter keys,`src_namespace` and `dst_namespace`, are negated `!`, so the `Application` filter shows all traffic that _do not_ originate from, nor have a destination of, any `openshift-` or `netobserv` namespaces. For more information see Configuring quick filters below. |
There was a problem hiding this comment.
does not ? nor has a destination of? For more information, ...
There was a problem hiding this comment.
Ooof, I am thinking does not originate from, or have a destination to,...
| @@ -0,0 +1,14 @@ | |||
| // Module included in the following assemblies: | |||
|
|
|||
| // * installing-operators.adoc | |||
There was a problem hiding this comment.
Add the full directory path.
|
|
||
| :_content-type: CONCEPT | ||
| [id="network-observability-kafka-option_{context}"] | ||
|
|
There was a problem hiding this comment.
Omit the carriage return.
| @@ -0,0 +1,56 @@ | |||
| // Module included in the following assemblies: | |||
|
|
|||
| // * installing-operators.adoc | |||
There was a problem hiding this comment.
Add the full directory path.
|
/remove-label peer-review-in-progress |
openshift-ci
bot
added
the
peer-review-done
|
/remove-label peer-review-in-progress |
openshift-ci
bot
removed
the
peer-review-in-progress
memodi
approved these changes
Jan 3, 2023
There was a problem hiding this comment.
@skrthomas - LGTM! I'll let @nathan-weinberg do final QE Approval on this, thanks!
memodi
reviewed
Jan 4, 2023
|
|
||
| = Create roles for authentication and authorization | ||
| Specify authentication and authorization configurations by defining `ClusterRole` and `ClusterRoleBinding`. You can create a YAML to define these roles. | ||
| .Procedure |
|
/label qe-approved |
openshift-ci
bot
added
the
qe-approved
skrthomas
force-pushed
the
OSDOCS-3917
branch
2 times, most recently
from
a9947ac
to
7007ab0
Compare
openshift-merge-robot
added
the
needs-rebase
skrthomas
force-pushed
the
OSDOCS-3917
branch
2 times, most recently
from
8bed042
to
3f90f24
Compare
openshift-merge-robot
removed
the
needs-rebase
skrthomas
commented
Jan 5, 2023
| :_content-type: PROCEDURE | ||
| [id="network-observability-lokistack-configuring-ingestion{context}"] | ||
|
|
||
| = Configuring LokiStack ingestion |
There was a problem hiding this comment.
@jotak Configuring ingestion topic
jotak
reviewed
Jan 5, 2023
Comment on lines
31
to
51
| ---- | ||
| apiVersion: monitoring.coreos.com/v1 | ||
| kind: PrometheusRule | ||
| metadata: | ||
| name: loki-alerts | ||
| namespace: openshift-operators-redhat | ||
| spec: | ||
| groups: | ||
| - name: LokiRateLimitAlerts | ||
| rules: | ||
| - alert: LokiTenantRateLimit | ||
| annotations: | ||
| message: |- | ||
| {{ $labels.job }} {{ $labels.route }} is experiencing 429 errors. | ||
| summary: "At any number of requests are responded with the rate limit error code." | ||
| expr: sum(irate(loki_request_duration_seconds_count{status_code="429"}[1m])) by (job, namespace, route) / sum(irate(loki_request_duration_seconds_count[1m])) by (job, namespace, route) * 100 > 0 | ||
| for: 10s | ||
| labels: | ||
| severity: warning | ||
| ---- |
There was a problem hiding this comment.
Seems like there was indentation lost during the copy. Cf the original: https://github.com/netobserv/documents/blob/main/examples/distributed-loki/alerting/loki-ratelimit-alert.yaml
Suggested change
| ---- | |
| apiVersion: monitoring.coreos.com/v1 | |
| kind: PrometheusRule | |
| metadata: | |
| name: loki-alerts | |
| namespace: openshift-operators-redhat | |
| spec: | |
| groups: | |
| - name: LokiRateLimitAlerts | |
| rules: | |
| - alert: LokiTenantRateLimit | |
| annotations: | |
| message: |- | |
| {{ $labels.job }} {{ $labels.route }} is experiencing 429 errors. | |
| summary: "At any number of requests are responded with the rate limit error code." | |
| expr: sum(irate(loki_request_duration_seconds_count{status_code="429"}[1m])) by (job, namespace, route) / sum(irate(loki_request_duration_seconds_count[1m])) by (job, namespace, route) * 100 > 0 | |
| for: 10s | |
| labels: | |
| severity: warning | |
| ---- | |
| ---- | |
| apiVersion: monitoring.coreos.com/v1 | |
| kind: PrometheusRule | |
| metadata: | |
| name: loki-alerts | |
| namespace: openshift-operators-redhat | |
| spec: | |
| groups: | |
| - name: LokiRateLimitAlerts | |
| rules: | |
| - alert: LokiTenantRateLimit | |
| annotations: | |
| message: |- | |
| {{ $labels.job }} {{ $labels.route }} is experiencing 429 errors. | |
| summary: "At any number of requests are responded with the rate limit error code." | |
| expr: sum(irate(loki_request_duration_seconds_count{status_code="429"}[1m])) by (job, namespace, route) / sum(irate(loki_request_duration_seconds_count[1m])) by (job, namespace, route) * 100 > 0 | |
| for: 10s | |
| labels: | |
| severity: warning | |
| ---- |
|
/cherrypick enterprise-4.12 |
|
@skrthomas: new pull request created: #54263 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contains documentation for the following Network Observability topic areas:
-installing Loki for NOO/ installing NOO/uninstalling
-configuring
-API Reference
Version(s):
4.12 only
Issue:
https://issues.redhat.com/browse/OSDOCS-3917
Link to docs preview:
https://53263--docspreview.netlify.app/openshift-enterprise/latest/networking/network_observability/installing-operators.html
QE review:
Additional information: