OSDOCS-10882 [NETOBSERV] bpfman Support TP

gwynnemonahan · gwynnemonahan · commit 60c3a8183b6f · 2025-07-02T11:17:44.000-05:00
diff --git a/modules/network-observability-ebpf-manager-operator.adoc b/modules/network-observability-ebpf-manager-operator.adoc
@@ -0,0 +1,38 @@
+// Module included in the following assemblies:
+//
+// * network_observability/observing-network-traffic.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="network-observability-ebpf-manager-operator_{context}"]
+= Working with the eBPF Manager Operator
+
+The eBPF Manager Operator reduces the attack surface and ensures compliance, security, and conflict prevention by managing all eBPF programs. Network observability can use the eBPF Manager Operator to load hooks. As a result, you no longer need to provide the eBPF Agent with privileged mode or additional Linux capabilities such as `CAP_BPF` and `CAP_PERFMON`. The eBPF Manager Operator with network observability is only supported on 64-bit AMD architecture.
+
+:FeatureName: eBPF Manager Operator with network observability
+include::snippets/technology-preview.adoc[]
+
+.Procedure
+. In the web console, navigate to *Operators* -> *Operator Hub*.
+. Install *eBPF Manager*.
+. Check *Workloads* -> *Pods* in the `bpfman` namespace to make sure they are all up and running.
+. Configure the `FlowCollector` custom resource to use the eBPF Manager Operator:
++
+.Example `FlowCollector` configuration
+[source,yaml]
+----
+apiVersion: flows.netobserv.io/v1beta2
+kind: FlowCollector
+metadata:
+  name: cluster
+spec:
+  agent:
+    ebpf:
+      features:
+        - EbpfManager
+----
+
+.Verification
+. In the web console, navigate to *Operators* -> *Installed Operators*.
+. Click *eBPF Manager Operator* -> *All instances* tab.
++
+For each node, verify that a `BpfApplication` named `netobserv` and a pair of `BpfProgram` objects, one for Traffic Control (TCx) ingress and another for TCx egress, exist. If you enable other eBPF Agent features, you might have more objects.
diff --git a/observability/network_observability/observing-network-traffic.adoc b/observability/network_observability/observing-network-traffic.adoc
@@ -69,6 +69,14 @@ include::modules/network-observability-working-with-conversations.adoc[leveloffs
 include::modules/network-observability-packet-drops.adoc[leveloffset=+2]
 include::modules/network-observability-dns-tracking.adoc[leveloffset=+2]
 include::modules/network-observability-RTT.adoc[leveloffset=+2]
+include::modules/network-observability-ebpf-manager-operator.adoc[leveloffset=+2]
+
+//eBPF Manager Operator in OCP > Networking
+[role="_additional-resources"]
+.Additional resources
+* xref:../../networking/networking_operators/ebpf_manager/ebpf-manager-operator-install.adoc[Installing the eBPF Manager Operator]
+
+//Traffic flows continued
 include::modules/network-observability-histogram-trafficflow.adoc[leveloffset=+2]
 include::modules/network-observability-working-with-zones.adoc[leveloffset=+2]
 include::modules/network-observability-filtering-ebpf-rule.adoc[leveloffset=+2]
