OSDOCS-15825 [NETOBSERV] Refactor release notes 1.4.0

Author: gwynnemonahan

modules/network-observability-release-notes-1-4-0-advisory.adoc

@@ -0,0 +1,11 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-4-0-advisory_{context}"]
+= Network observability release notes 1.4.0 advisory
+
+[role="_abstract"]
+You can review the following advisory for the Network Observability Operator 1.4.0 release.
+
+* link:https://access.redhat.com/errata/RHSA-2023:5379[RHSA-2023:5379 Network Observability Operator 1.4.0]

modules/network-observability-release-notes-1-4-0-fixed-issues.adoc

@@ -0,0 +1,24 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-4-0-fixed-issues_{context}"]
+= Network observability release notes 1.4.0 fixed issues
+
+[role="_abstract"]
+You can review the following fixed issues in the Network Observability Operator 1.4.0 release.
+
+* Previously, the Prometheus metrics exported by network observability were computed out of potentially duplicated network flows. In the related dashboards, from *Observe* -> *Dashboards*, this could result in potentially doubled rates. Note that dashboards from the *Network Traffic* view were not affected. Now, network flows are filtered to eliminate duplicates before metrics calculation, which results in correct traffic rates displayed in the dashboards. (link:https://issues.redhat.com/browse/NETOBSERV-1131[*NETOBSERV-1131*])
+
+* Previously, the Network Observability Operator agents were not able to capture traffic on network interfaces when configured with Multus or SR-IOV, non-default network namespaces. Now, all available network namespaces are recognized and used for capturing flows, allowing capturing traffic for SR-IOV. There are configurations needed for the `FlowCollector` and `SRIOVnetwork` custom resource to collect traffic. (link:https://issues.redhat.com/browse/NETOBSERV-1283[*NETOBSERV-1283*])
+
+////
+For more information, see the following link:
+* xref:../../../observability/network_observability/network-observability-secondary-networks.adoc#network-observability-SR-IOV-config_network-observability-secondary-networks[configurations needed]
+////
+
+* Previously, in the Network Observability Operator details from *Operators* -> *Installed Operators*, the `FlowCollector` *Status* field might have reported incorrect information about the state of the deployment. The status field now shows the proper conditions with improved messages. The history of events is kept, ordered by event date. (link:https://issues.redhat.com/browse/NETOBSERV-1224[*NETOBSERV-1224*])
+
+* Previously, during spikes of network traffic load, certain eBPF pods were OOM-killed and went into a `CrashLoopBackOff` state. Now, the `eBPF` agent memory footprint is improved, so pods are not OOM-killed and entering a `CrashLoopBackOff` state. (link:https://issues.redhat.com/browse/NETOBSERV-975[*NETOBSERV-975*])
+
+* Previously when `processor.metrics.tls` was set to `PROVIDED` the `insecureSkipVerify` option value was forced to be `true`. Now you can set `insecureSkipVerify` to `true` or `false`, and provide a CA certificate if needed. (link:https://issues.redhat.com/browse/NETOBSERV-1087[NETOBSERV-1087])

modules/network-observability-release-notes-1-4-0-known-issues.adoc

@@ -0,0 +1,21 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-4-0-known-issues_{context}"]
+= Network observability release notes 1.4.0 known issues
+
+[role="_abstract"]
+You can review the following known issues in the Network Observability Operator 1.4.0 release.
+
+* Since the 1.2.0 release of the Network Observability Operator, using {loki-op} 5.6, a Loki certificate change periodically affects the `flowlogs-pipeline` pods and results in dropped flows rather than flows written to Loki. The problem self-corrects after some time, but it still causes temporary flow data loss during the Loki certificate change. This issue has only been observed in large-scale environments of 120 nodes or greater. (link:https://issues.redhat.com/browse/NETOBSERV-980[*NETOBSERV-980*])
+
+* Currently, when `spec.agent.ebpf.features` includes DNSTracking, larger DNS packets require the `eBPF` agent to look for DNS header outside of the 1st socket buffer (SKB) segment. A new `eBPF` agent helper function needs to be implemented to support it. Currently, there is no workaround for this issue. (link:https://issues.redhat.com/browse/NETOBSERV-1304[*NETOBSERV-1304*])
+
+* Currently, when `spec.agent.ebpf.features` includes DNSTracking, DNS over TCP packets requires the `eBPF` agent to look for DNS header outside of the 1st SKB segment. A new `eBPF` agent helper function needs to be implemented to support it. Currently, there is no workaround for this issue. (link:https://issues.redhat.com/browse/NETOBSERV-1245[*NETOBSERV-1245*])
+
+* Currently, when using a `KAFKA` deployment model, if conversation tracking is configured, conversation events might be duplicated across Kafka consumers, resulting in inconsistent tracking of conversations, and incorrect volumetric data. For that reason, it is not recommended to configure conversation tracking when `deploymentModel` is set to `KAFKA`. (link:https://issues.redhat.com/browse/NETOBSERV-926[*NETOBSERV-926*])
+
+* Currently, when the `processor.metrics.server.tls.type` is configured to use a `PROVIDED` certificate, the operator enters an unsteady state that might affect its performance and resource consumption. It is recommended to not use a `PROVIDED` certificate until this issue is resolved, and instead using an auto-generated certificate, setting `processor.metrics.server.tls.type` to `AUTO`. (link:https://issues.redhat.com/browse/NETOBSERV-1293)[*NETOBSERV-1293*]
+
+* Since the 1.3.0 release of the Network Observability Operator, installing the Operator causes a warning kernel taint to appear. The reason for this error is that the network observability eBPF agent has memory constraints that prevent preallocating the entire hashmap table. The Operator eBPF agent sets the `BPF_F_NO_PREALLOC` flag so that pre-allocation is disabled when the hashmap is too memory expansive.

modules/network-observability-release-notes-1-4-0-new-features-and-enhancements.adoc

@@ -0,0 +1,84 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-4-0-new-features-and-enhancements_{context}"]
+= Network observability release notes 1.4.0 new features and enhancements
+
+[role="_abstract"]
+You can review the following new features and enhancements in the Network Observability Operator 1.4.0 release.
+
+[id="network-observability-enhanced-configuration-and-ui-1.4_{context}"]
+== Notable enhancements
+The 1.4 release of the Network Observability Operator adds improvements and new capabilities to the {product-title} web console plugin and the Operator configuration.
+
+[id="web-console-enhancements-1.4_{context}"]
+== Web console enhancements:
+* In the *Query Options*, the *Duplicate flows* checkbox is added to choose whether or not to show duplicated flows.
+* You can now filter source and destination traffic with image:arrow-up-long-solid.png[,10] *One-way*, image:arrow-up-long-solid.png[,10] image:arrow-down-long-solid.png[,10] *Back-and-forth*, and *Swap* filters.
+* The network observability metrics dashboards in *Observe* -> *Dashboards* -> *NetObserv* and *NetObserv / Health* are modified as follows:
+** The *NetObserv* dashboard shows top bytes, packets sent, packets received per nodes, namespaces, and workloads. Flow graphs are removed from this dashboard.
+** The *NetObserv / Health* dashboard shows flows overhead as well as top flow rates per nodes, namespaces, and workloads.
+** Infrastructure and Application metrics are shown in a split-view for namespaces and workloads.
+
+////
+For more information, see xref:../../../observability/network_observability/network-observability-overview.adoc#network-observability-dashboards_network-observability-overview[Network observability metrics dashboards] and xref:../../../observability/network_observability/observing-network-traffic.adoc#network-observability-quickfilter_nw-observe-network-traffic[Quick filters].
+////
+
+[id="configuration-enhancements-1.4_{context}"]
+== Configuration enhancements:
+* You now have the option to specify different namespaces for any configured ConfigMap or Secret reference, such as in certificates configuration.
+* The `spec.processor.clusterName` parameter is added so that the name of the cluster appears in the flows data. This is useful in a multi-cluster context. When using {product-title}, leave empty to make it automatically determined.
+
+////
+For more information, see the following links:
+* xref:../../../observability/network_observability/configuring-operator.adoc#network-observability-flowcollector-view_network_observability[Flow Collector sample resource]
+* xref:../../../observability/network_observability/flowcollector-api.adoc#network-observability-flowcollector-api-specifications_network_observability[Flow Collector API Reference].
+////
+
+[id="network-observability-without-loki-1.4_{context}"]
+== Network observability without Loki
+The Network Observability Operator is now functional and usable without Loki. If Loki is not installed, it can only export flows to KAFKA or IPFIX format and provide metrics in the network observability metrics dashboards.
+
+////
+For more information, see the following link:
+* xref:../../../observability/network_observability/installing-operators.adoc#network-observability-without-loki_network_observability[Network observability without Loki].
+////
+
+[id="network-observability-dns-tracking-1.4_{context}"]
+== DNS tracking
+In 1.4, the Network Observability Operator makes use of eBPF tracepoint hooks to enable DNS tracking. You can monitor your network, conduct security analysis, and troubleshoot DNS issues in the *Network Traffic* and *Overview* pages in the web console.
+
+////
+For more information, see the following links:
+* xref:../../../observability/network_observability/observing-network-traffic.adoc#network-observability-dns-overview_nw-observe-network-traffic[Configuring DNS tracking]
+* xref:../../../observability/network_observability/observing-network-traffic.adoc#network-observability-dns-tracking_nw-observe-network-traffic[Working with DNS tracking]
+////
+
+[id="SR-IOV-configuration-1.4_{context}"]
+== SR-IOV support
+You can now collect traffic from a cluster with Single Root I/O Virtualization (SR-IOV) device.
+
+////
+For more information, see xref:../../../observability/network_observability/network-observability-secondary-networks.adoc#network-observability-SR-IOV-config_network-observability-secondary-networks[Configuring the monitoring of SR-IOV interface traffic].
+////
+
+[id="IPFIX-support-1.4_{context}"]
+== IPFIX exporter support
+You can now export eBPF-enriched network flows to the IPFIX collector.
+
+////
+For more information, see xref:../../../observability/network_observability/configuring-operator.adoc#network-observability-enriched-flows_network_observability[Export enriched network flow data].
+////
+
+[id="network-observability-packet-drop-1.4_{context}"]
+== Packet drops
+In the 1.4 release of the Network Observability Operator, eBPF tracepoint hooks are used to enable packet drop tracking. You can now detect and analyze the cause for packet drops and make decisions to optimize network performance. In {product-title} 4.14 and later, both host drops and OVS drops are detected. In {product-title} 4.13, only host drops are detected.
+
+////
+For more information, see xref:../../../observability/network_observability/observing-network-traffic.adoc#network-observability-pktdrop-overview_nw-observe-network-traffic[Configuring packet drop tracking] and xref:../../../observability/network_observability/observing-network-traffic.adoc#network-observability-packet-drops_nw-observe-network-traffic[Working with packet drops].
+////
+
+[id="s390x-architecture-support_{context}"]
+== s390x architecture support
+Network Observability Operator can now run on `s390x` architecture. Previously it ran on `amd64`, `ppc64le`, or `arm64`.

modules/network-observability-release-notes-1-4-0-removed-features.adoc

@@ -0,0 +1,13 @@
+// Module included in the following assemblies:
+// * network_observability/release_notes_archive/network-observability-operator-release-notes-archive.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="network-observability-release-notes-1-4-0-removed-features_{context}"]
+= Network observability release notes 1.4.0 removed features
+
+[role="_abstract"]
+You can review the following removed features from the Network Observability Operator 1.4.0 release.
+
+[id="network-observability-channel-removal-1.4_{context}"]
+== Channel removal
+You must switch your channel from `v1.0.x` to `stable` to receive the latest Operator updates. The `v1.0.x` channel is now removed.