Merge pull request #95578 from gwynnemonahan/mancual-cp-4-14-no-1-9-OSDOCS-14941

stevsmit · web-flow · commit ba74fcd13cfa · 2025-07-03T10:46:29.000-04:00
[enterprise-4.14] OSDOCS-14941 [NETOBSERV] Update API/CLI references
diff --git a/modules/network-observability-flowcollector-api-specifications.adoc b/modules/network-observability-flowcollector-api-specifications.adoc
@@ -180,7 +180,7 @@ Type::
 | `object`
 | `advanced` allows setting some aspects of the internal configuration of the eBPF agent.
 This section is aimed mostly for debugging and fine-grained performance optimizations,
-such as `GOGC` and `GOMAXPROCS` environment vars. Set these values at your own risk. You can also
+such as `GOGC` and `GOMAXPROCS` environment variables. Set these values at your own risk. You can also
 override the default Linux capabilities from there.
 
 | `cacheActiveTimeout`
@@ -206,14 +206,15 @@ Otherwise it is matched as a case-sensitive string.
 | List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are: +
 
 - `PacketDrop`: Enable the packets drop flows logging feature. This feature requires mounting
-the kernel debug filesystem, so the eBPF agent pods must run as privileged via `spec.agent.ebpf.privileged`. +
+the kernel debug filesystem, so the eBPF agent pods must run as privileged.
+If the `spec.agent.ebpf.privileged` parameter is not set, an error is reported. +
 
 - `DNSTracking`: Enable the DNS tracking feature. +
 
 - `FlowRTT`: Enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic. +
 
 - `NetworkEvents`: Enable the network events monitoring feature, such as correlating flows and network policies.
-This feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged via `spec.agent.ebpf.privileged`.
+This feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged.
 It requires using the OVN-Kubernetes network plugin with the Observability feature.
 IMPORTANT: This feature is available as a Technology Preview. +
 
@@ -223,7 +224,7 @@ IMPORTANT: This feature is available as a Technology Preview. +
 
 - `UDNMapping`: Enable interfaces mapping to User Defined Networks (UDN).  +
 
-This feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged via `spec.agent.ebpf.privileged`.
+This feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged.
 It requires using the OVN-Kubernetes network plugin with the Observability feature.  +
 
 - `IPSec`, to track flows between nodes with IPsec encryption.  +
@@ -280,7 +281,7 @@ Description::
 --
 `advanced` allows setting some aspects of the internal configuration of the eBPF agent.
 This section is aimed mostly for debugging and fine-grained performance optimizations,
-such as `GOGC` and `GOMAXPROCS` environment vars. Set these values at your own risk. You can also
+such as `GOGC` and `GOMAXPROCS` environment variables. Set these values at your own risk. You can also
 override the default Linux capabilities from there.
 --
 
@@ -800,7 +801,7 @@ Type::
 | `object`
 | `advanced` allows setting some aspects of the internal configuration of the console plugin.
 This section is aimed mostly for debugging and fine-grained performance optimizations,
-such as `GOGC` and `GOMAXPROCS` environment vars. Set these values at your own risk.
+such as `GOGC` and `GOMAXPROCS` environment variables. Set these values at your own risk.
 
 | `autoscaler`
 | `object`
@@ -842,7 +843,7 @@ Description::
 --
 `advanced` allows setting some aspects of the internal configuration of the console plugin.
 This section is aimed mostly for debugging and fine-grained performance optimizations,
-such as `GOGC` and `GOMAXPROCS` environment vars. Set these values at your own risk.
+such as `GOGC` and `GOMAXPROCS` environment variables. Set these values at your own risk.
 --
 
 Type::
@@ -2702,7 +2703,7 @@ This feature requires the "topology.kubernetes.io/zone" label to be set on nodes
 | `object`
 | `advanced` allows setting some aspects of the internal configuration of the flow processor.
 This section is aimed mostly for debugging and fine-grained performance optimizations,
-such as `GOGC` and `GOMAXPROCS` environment vars. Set these values at your own risk.
+such as `GOGC` and `GOMAXPROCS` environment variables. Set these values at your own risk.
 
 | `clusterName`
 | `string`
@@ -2782,7 +2783,7 @@ Description::
 --
 `advanced` allows setting some aspects of the internal configuration of the flow processor.
 This section is aimed mostly for debugging and fine-grained performance optimizations,
-such as `GOGC` and `GOMAXPROCS` environment vars. Set these values at your own risk.
+such as `GOGC` and `GOMAXPROCS` environment variables. Set these values at your own risk.
 --
 
 Type::
diff --git a/modules/network-observability-flowmetric-api-specifications.adoc b/modules/network-observability-flowmetric-api-specifications.adoc
@@ -103,13 +103,12 @@ When set to `Egress`, it is equivalent to adding the regular expression filter o
 
 | `filters`
 | `array`
-| `filters` is a list of fields and values used to restrict which flows are taken into account. Oftentimes, these filters must
-be used to eliminate duplicates: `Duplicate != "true"` and `FlowDirection = "0"`.
+| `filters` is a list of fields and values used to restrict which flows are taken into account.
 Refer to the documentation for the list of available fields: https://docs.openshift.com/container-platform/latest/observability/network_observability/json-flows-format-reference.html.
 
 | `flatten`
 | `array (string)`
-| `flatten` is a list of list-type fields that must be flattened, such as Interfaces and NetworkEvents. Flattened fields generate one metric per item in that field.
+| `flatten` is a list of array-type fields that must be flattened, such as Interfaces or NetworkEvents. Flattened fields generate one metric per item in that field.
 For instance, when flattening `Interfaces` on a bytes counter, a flow having Interfaces [br-ex, ens5] increases one counter for `br-ex` and another for `ens5`.
 
 | `labels`
@@ -131,9 +130,10 @@ Refer to the documentation for the list of available fields: https://docs.opensh
 
 | `type`
 | `string`
-| Metric type: "Counter" or "Histogram".
+| Metric type: "Counter", "Histogram" or "Gauge".
 Use "Counter" for any value that increases over time and on which you can compute a rate, such as Bytes or Packets.
 Use "Histogram" for any value that must be sampled independently, such as latencies.
+Use "Gauge" for other values that don't necessitate accuracy over time (gauges are sampled only every N seconds when Prometheus fetches the metric).
 
 | `valueField`
 | `string`
@@ -261,8 +261,7 @@ To learn more about `promQL`, refer to the Prometheus documentation: https://pro
 Description::
 +
 --
-`filters` is a list of fields and values used to restrict which flows are taken into account. Oftentimes, these filters must
-be used to eliminate duplicates: `Duplicate != "true"` and `FlowDirection = "0"`.
+`filters` is a list of fields and values used to restrict which flows are taken into account.
 Refer to the documentation for the list of available fields: https://docs.openshift.com/container-platform/latest/observability/network_observability/json-flows-format-reference.html.
 --
 
diff --git a/modules/network-observability-flows-format.adoc b/modules/network-observability-flows-format.adoc
@@ -155,13 +155,6 @@ The "Cardinality" column gives information about the implied metric cardinality
 | no
 | fine
 | n/a
-| `Duplicate`
-| boolean
-| Indicates if this flow was also captured from another interface on the same host
-| n/a
-| no
-| fine
-| n/a
 | `Flags`
 | string[]
 | List of TCP flags comprised in the flow, according to RFC-9293, with additional custom flags to represent the following per-packet combinations: +
@@ -182,6 +175,13 @@ The "Cardinality" column gives information about the implied metric cardinality
 | yes
 | fine
 | host.direction
+| `IPSecStatus`
+| string
+| Status of the IPsec encryption (on egress, given by the kernel xfrm_output function) or decryption (on ingress, via xfrm_input)
+| `ipsec_status`
+| no
+| fine
+| n/a
 | `IcmpCode`
 | number
 | ICMP code
@@ -242,7 +242,7 @@ The "Cardinality" column gives information about the implied metric cardinality
 | `Packets`
 | number
 | Number of packets
-| `pkt_drop_cause`
+| n/a
 | no
 | avoid
 | packets
@@ -423,35 +423,35 @@ The "Cardinality" column gives information about the implied metric cardinality
 | n/a
 | `XlatDstAddr`
 | string
-| Packet translation destination address
+| packet translation destination address
 | `xlat_dst_address`
 | no
 | avoid
 | n/a
 | `XlatDstPort`
 | number
-| Packet translation destination port
+| packet translation destination port
 | `xlat_dst_port`
 | no
 | careful
 | n/a
 | `XlatSrcAddr`
 | string
-| Packet translation source address
+| packet translation source address
 | `xlat_src_address`
 | no
 | avoid
 | n/a
 | `XlatSrcPort`
 | number
-| Packet translation source port
+| packet translation source port
 | `xlat_src_port`
 | no
 | careful
 | n/a
 | `ZoneId`
 | number
-| Packet translation zone id
+| packet translation zone id
 | `xlat_zone_id`
 | no
 | avoid
@@ -470,4 +470,4 @@ The "Cardinality" column gives information about the implied metric cardinality
 | yes
 | fine
 | n/a
-|=== 
+|===
