From 8cbcfdfea5e9032db089d1cfa29acbb2f97b386d Mon Sep 17 00:00:00 2001 From: Sara Thomas Date: Thu, 22 Aug 2024 16:44:01 -0400 Subject: [PATCH] OSDOCS-11625:Viewing Network events in Network Observability --- ...-observability-viewing-network-events.adoc | 54 +++++++++++++++++++ .../observing-network-traffic.adoc | 5 ++ 2 files changed, 59 insertions(+) create mode 100644 modules/network-observability-viewing-network-events.adoc diff --git a/modules/network-observability-viewing-network-events.adoc b/modules/network-observability-viewing-network-events.adoc new file mode 100644 index 000000000000..17a1bd6454d4 --- /dev/null +++ b/modules/network-observability-viewing-network-events.adoc @@ -0,0 +1,54 @@ +// Module included in the following assemblies: +// +// * network_observability/observing-network-traffic.adoc + +:_mod-docs-content-type: PROCEDURE +[id="network-observability-viewing-network-events_{context}"] += Viewing network events +You can view network events, such as network flows that are dropped or allowed by a network policy, by editing the `FlowCollector` to the specifications in the following YAML example. + +.Prerequisites +* Must have the `OVNObservability` specified in the `FeatureGate` custom resource. For more information, see "Enabling features using feature gates" in the "Additional resources" of this section. + +.Procedure +. In the web console, navigate to *Operators* -> *Installed Operators*. +. In the *Provided APIs* heading for the *NetObserv Operator*, select *Flow Collector*. +. Select *cluster*, and then select the *YAML* tab. +. Configure the `FlowCollector` custom resource to enable viewing `NetworkEvents`, for example: ++ +[id="network-observability-flowcollector-configuring-networkevents{context}"] +.Example `FlowCollector` configuration +[source, yaml] +---- +apiVersion: flows.netobserv.io/v1beta2 +kind: FlowCollector +metadata: + name: cluster +spec: + agent: + type: eBPF + ebpf: + privileged: true + features: + - "NetworkEvents" +---- + +.Verification +. Navigate to the *Network Traffic* view and select the *Traffic flows* table. +. You should see the new column, *Network Events*, where you can view information about impacts that network policies, admin policies, and egress firewalls have on network flows. ++ +.Examples of Network Events output +[source,text] +---- +Dropped by cluster multicast policy, direction Ingress +---- ++ +[source,text] +---- +Allowed by network policy iperf.iperf3-server-access-egress, direction Egress +---- ++ +[source,text] +---- +Allowed by admin network policy allow-egress-iperf, direction Egress +---- \ No newline at end of file diff --git a/observability/network_observability/observing-network-traffic.adoc b/observability/network_observability/observing-network-traffic.adoc index 362559bfefa5..452d12d28861 100644 --- a/observability/network_observability/observing-network-traffic.adoc +++ b/observability/network_observability/observing-network-traffic.adoc @@ -52,6 +52,11 @@ include::modules/network-observability-RTT.adoc[leveloffset=+2] include::modules/network-observability-histogram-trafficflow.adoc[leveloffset=+2] include::modules/network-observability-working-with-zones.adoc[leveloffset=+2] include::modules/network-observability-filtering-ebpf-rule.adoc[leveloffset=+2] +include::modules/network-observability-viewing-network-events.adoc[leveloffset=+2] + +[role="_additional-resources"] +.Additional resources +* Placeholder for link to OVN-K topic on `OVNObservability` //Topology include::modules/network-observability-topology.adoc[leveloffset=+1]