-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OSDOCS-3917:Installing and Configuring the Network Observability operator #53263
Conversation
abe6776
to
3f2c897
Compare
b26040e
to
7998664
Compare
🤖 Updated build preview is available at: Build log: https://circleci.com/gh/ocpdocs-previewbot/openshift-docs/6245 |
7998664
to
0d3f7d7
Compare
004c14c
to
9b5a08d
Compare
174181c
to
b20cd5a
Compare
414fb41
to
1992a46
Compare
@@ -0,0 +1,18 @@ | |||
// Module included in the following assemblies: | |||
|
|||
// * configuring-operators.adoc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add the full directory path.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK, addressed globally.
// * configuring-operators.adoc | ||
|
||
:_content-type: PROCEDURE | ||
[id="network-observability-config-FLP-sampling{context}"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add an underscore before {context}, and remove the carriage return between the anchor tag and title.
[id="network-observability-config-FLP-sampling{context}"] | ||
|
||
= Updating the Flow Collector resource | ||
As an alternative to editing YAML in the {product-title} web console, you can do configure specifications, such as eBPF sampling, by patching the `flowcollector` custom resource (CR): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider s/you can do configure/you can configure/
@@ -0,0 +1,79 @@ | |||
// Module included in the following assemblies: | |||
|
|||
// * configuring-operators.adoc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add the directory path.
|
||
:_content-type: PROCEDURE | ||
[id="network-observability-config-quick-filters_{context}"] | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove the extra carriage return between the anchor tag and title.
---- | ||
<1> The Agent specification, `spec.agent.type`, must be `EBPF`. eBPF is the only {product-title} supported option. | ||
<2> You can set the Sampling specification, `spec.agent.ebpf.sampling`, to manage resources. Lower sampling values might consume a large amount of computational, memory and storage resources. You can mitigate this by setting a sampling ratio. A value of 100 means one flow every 100 is sampled. A value of 0 or 1 means all flows are captured. The lower the value, the increase in returned flows and the accuracy of derived metrics. By default, eBPF sampling is set to a value of 50, for example 1:50. Note that more sampled flows also means more storage needed. It is recommend to start with default values and refine empirically, to determine which setting your cluster can manage. | ||
<3> The Loki specification, `spec.loki` the Loki client. The default values match the Loki install paths mentioned in the Installing the Loki Operator section, but you might have to configure differently if you used another installation method. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
configure it differently?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, yea I do think this can be reworked so it seems less vague. However, it will still be vague because we are not providing any installation guidelines if users choose to install Loki from a 3rd party like Helm or Garfana. This documentation only supports installing Loki via the Red Hat Loki Operator
<1> The Agent specification, `spec.agent.type`, must be `EBPF`. eBPF is the only {product-title} supported option. | ||
<2> You can set the Sampling specification, `spec.agent.ebpf.sampling`, to manage resources. Lower sampling values might consume a large amount of computational, memory and storage resources. You can mitigate this by setting a sampling ratio. A value of 100 means one flow every 100 is sampled. A value of 0 or 1 means all flows are captured. The lower the value, the increase in returned flows and the accuracy of derived metrics. By default, eBPF sampling is set to a value of 50, for example 1:50. Note that more sampled flows also means more storage needed. It is recommend to start with default values and refine empirically, to determine which setting your cluster can manage. | ||
<3> The Loki specification, `spec.loki` the Loki client. The default values match the Loki install paths mentioned in the Installing the Loki Operator section, but you might have to configure differently if you used another installation method. | ||
<4> The `spec.quickFilters` specification defines filters that show up in the web console. The `Application` filter keys,`src_namespace` and `dst_namespace`, are negated `!`, so the `Application` filter shows all traffic that _do not_ originate from, nor have a destination of, any `openshift-` or `netobserv` namespaces. For more information see Configuring quick filters below. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does not ? nor has a destination of? For more information, ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ooof, I am thinking does not originate from, or have a destination to,...
@@ -0,0 +1,14 @@ | |||
// Module included in the following assemblies: | |||
|
|||
// * installing-operators.adoc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add the full directory path.
|
||
:_content-type: CONCEPT | ||
[id="network-observability-kafka-option_{context}"] | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Omit the carriage return.
@@ -0,0 +1,56 @@ | |||
// Module included in the following assemblies: | |||
|
|||
// * installing-operators.adoc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add the full directory path.
/remove-label peer-review-in-progress |
/remove-label peer-review-in-progress |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@skrthomas - LGTM! I'll let @nathan-weinberg do final QE Approval on this, thanks!
|
||
= Create roles for authentication and authorization | ||
Specify authentication and authorization configurations by defining `ClusterRole` and `ClusterRoleBinding`. You can create a YAML to define these roles. | ||
.Procedure |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
new line before this?
/label qe-approved |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
a9947ac
to
7007ab0
Compare
8bed042
to
3f90f24
Compare
:_content-type: PROCEDURE | ||
[id="network-observability-lokistack-configuring-ingestion{context}"] | ||
|
||
= Configuring LokiStack ingestion |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jotak Configuring ingestion topic
---- | ||
apiVersion: monitoring.coreos.com/v1 | ||
kind: PrometheusRule | ||
metadata: | ||
name: loki-alerts | ||
namespace: openshift-operators-redhat | ||
spec: | ||
groups: | ||
- name: LokiRateLimitAlerts | ||
rules: | ||
- alert: LokiTenantRateLimit | ||
annotations: | ||
message: |- | ||
{{ $labels.job }} {{ $labels.route }} is experiencing 429 errors. | ||
summary: "At any number of requests are responded with the rate limit error code." | ||
expr: sum(irate(loki_request_duration_seconds_count{status_code="429"}[1m])) by (job, namespace, route) / sum(irate(loki_request_duration_seconds_count[1m])) by (job, namespace, route) * 100 > 0 | ||
for: 10s | ||
labels: | ||
severity: warning | ||
---- |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems like there was indentation lost during the copy. Cf the original: https://github.com/netobserv/documents/blob/main/examples/distributed-loki/alerting/loki-ratelimit-alert.yaml
---- | |
apiVersion: monitoring.coreos.com/v1 | |
kind: PrometheusRule | |
metadata: | |
name: loki-alerts | |
namespace: openshift-operators-redhat | |
spec: | |
groups: | |
- name: LokiRateLimitAlerts | |
rules: | |
- alert: LokiTenantRateLimit | |
annotations: | |
message: |- | |
{{ $labels.job }} {{ $labels.route }} is experiencing 429 errors. | |
summary: "At any number of requests are responded with the rate limit error code." | |
expr: sum(irate(loki_request_duration_seconds_count{status_code="429"}[1m])) by (job, namespace, route) / sum(irate(loki_request_duration_seconds_count[1m])) by (job, namespace, route) * 100 > 0 | |
for: 10s | |
labels: | |
severity: warning | |
---- | |
---- | |
apiVersion: monitoring.coreos.com/v1 | |
kind: PrometheusRule | |
metadata: | |
name: loki-alerts | |
namespace: openshift-operators-redhat | |
spec: | |
groups: | |
- name: LokiRateLimitAlerts | |
rules: | |
- alert: LokiTenantRateLimit | |
annotations: | |
message: |- | |
{{ $labels.job }} {{ $labels.route }} is experiencing 429 errors. | |
summary: "At any number of requests are responded with the rate limit error code." | |
expr: sum(irate(loki_request_duration_seconds_count{status_code="429"}[1m])) by (job, namespace, route) / sum(irate(loki_request_duration_seconds_count[1m])) by (job, namespace, route) * 100 > 0 | |
for: 10s | |
labels: | |
severity: warning | |
---- |
/cherrypick enterprise-4.12 |
@skrthomas: new pull request created: #54263 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Contains documentation for the following Network Observability topic areas:
-installing Loki for NOO/ installing NOO/uninstalling
-configuring
-API Reference
Version(s):
4.12 only
Issue:
https://issues.redhat.com/browse/OSDOCS-3917
Link to docs preview:
https://53263--docspreview.netlify.app/openshift-enterprise/latest/networking/network_observability/installing-operators.html
QE review:
Additional information: