Skip to content

HCCDOC3084 Add missing release notes for Insights Operator enhancements including rapid recommendations #83273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 29, 2024
Merged

HCCDOC3084 Add missing release notes for Insights Operator enhancements including rapid recommendations #83273

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 41 additions & 3 deletions release_notes/ocp-4-17-release-notes.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -538,9 +538,47 @@ Starting in {product-title} 4.14, Extended Update Support (EUS) is extended to t
[id="ocp-4-17-insights-operator-enhancements_{context}"]
=== Insights Operator

* The Insights Operator now collects the `haproxy_exporter_server_threshold` metric. (link:https://issues.redhat.com/browse/OCPBUGS-36687[*OCPBUGS-36687*])
Copy link
Contributor Author

@michelle-purcell michelle-purcell Oct 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI anyone 👀 - This line item has actually been moved down to line 570.

// Engineering reference CCXDEV-12582

* Previously, the Insights Operator gathered information about all Ingress Controller certificates, including their `NotBefore` and `NotAfter` dates. This data is now compiled into a `JSON` file located at `aggregated/ingress_controllers_certs.json` for easier monitoring of certificate validity across the cluster. (link:https://issues.redhat.com/browse/OCPBUGS-35727[*OCPBUGS-35727*])
Copy link
Contributor Author

@michelle-purcell michelle-purcell Oct 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI anyone 👀 - This line item has actually been moved down to line 576.

The Insights Operator now collects more {product-title} container log data from namespaces prefixed with either the `openshift-` or `kube-` prefix and generates recommendations much faster.
Enhancements have also been made to give you more flexibility in how the data to be collected gets defined for your service.

==== Rapid Recommendations

This release introduces a new feature called Rapid Recommendations, which provides a more dynamic and version-independent mechanism for remotely configuring the rules that determine which data the Insights Operator collects.

Rapid Recommendations builds on the existing conditional data gathering mechanism.
The Insights Operator connects to a secure remote endpoint service running on `/console.redhat.com` to retrieve definitions that contain the rules for determining which container log messages are filtered and collected by Red Hat.

The conditional data-gathering definitions, also referred to as rules, get configured through an attribute named `conditionalGathererEndpoint` in the link:https://github.com/openshift/insights-operator/blob/master/config/pod.yaml[`pod.yml`] configuration file.

[source,bash]
----
conditionalGathererEndpoint: https://console.redhat.com/api/gathering/v2/%s/gathering_rules
----

[NOTE]
====
Previously, the rules for determining the data that the Insights Operator collects were hard-coded and tied to the corresponding {product-title} version.
====
The preconfigured endpoint URL now provides a placeholder (`%s`) for defining a target version of {product-title}.

==== More data collected and recommendations added

The Insights Operator now gathers more data to detect the following scenarios, which other applications can use to generate remedial recommendations to proactively manage your {product-title} deployments:

// Engineering reference: CCXDEV-12899
* Detects pods and namespaces that use the link:https://access.redhat.com/articles/7065170[deprecated OpenShift SDN CNI plugin] and generates a recommendation for the possible actions you should take depending on the data collected from your deployment.
// Engineering reference: OSPRH-5904
* Collects custom resource definitions (CRD) from {rh-openstack}.
// Engineering reference: CCXDEV-13001
* Collects the `haproxy_exporter_server_threshold` metric to detect the problem and remediation reported in link:https://issues.redhat.com/browse/OCPBUGS-36687[*OCPBUGS-36687*].
// Engineering reference: CCXDEV-12758
* Collects data to detect custom Prometheus Alertmanager instances that are not in the `openshift-monitoring` namespace because they could potentially impact the management of corresponding resources.
// Engineering reference: CCXDEV-12503
* Detects the upcoming expiry of the default Ingress Controller expiration certificate, which other applications and services can use to generate recommendations to renew the certificate before the expiry date.
// Engineering reference: OCPBUGS-35727
** Before this update, the Insights Operator gathered information about all Ingress Controller certificates, including their `NotBefore` and `NotAfter` dates. This data is now compiled into a `JSON` file located at `aggregated/ingress_controllers_certs.json` for easier monitoring of certificate validity across the cluster. (link:https://issues.redhat.com/browse/OCPBUGS-35727[*OCPBUGS-35727*])

[id="ocp-4-17-installation-and-update_{context}"]
=== Installation and update
Expand Down Expand Up @@ -2877,7 +2915,7 @@ $ oc adm release info 4.17.2 --pullspecs

* Previously, for managed services on {hcp}, audit logs were sent to a local webhook service, `audit-webhook`. This caused issues for {hcp} pods that sent audit logs through the `konnectivity` service. With this release, `audit-webhook` is added to the list of `no_proxy` hosts so that {hcp} pods can send auti logs to the `audit-webhook` service. (link:https://issues.redhat.com/browse/OCPBUGS-42974[*OCPBUGS-42974*])

* Previously, when you used the Agent-based Installer to install a cluster, `assisted-installer-controller` timed out or exited the installation process depending on whether `assisted-service` was unavailable on the rendezvous host. This situation caused the cluster installation to fail during CSR approval checks. With this release, an update to `assisted-installer-controller` ensures that the controller does not timeout or exit if `assisted-service` is unavailable. The CSR approval check now works as expected. (link:https://issues.redhat.com/browse/OCPBUGS-42839[*OCPBUGS-42839*])
* Previously, when you used the Agent-based Installer to install a cluster, `assisted-installer-controller` timed out or exited the installation process depending on whether `assisted-service` was unavailable on the rendezvous host. This situation caused the cluster installation to fail during CSR approval checks. With this release, an update to `assisted-installer-controller` ensures that the controller does not timeout or exit if `assisted-service` is unavailable. The CSR approval check now works as expected. (link:https://issues.redhat.com/browse/OCPBUGS-42839[*OCPBUGS-42839*])

* Previously, running the `openshift-install gather bootstrap --dir <workdir>` command might cause the installation program to skip the analysis of the collected logs. The command would output the following message:
+
Expand Down