Packages:
Resource Types:
FlowCollector is the Schema for the flowcollectors API, which pilots and configures netflow collection.
| Name | Type | Description | Required |
|---|---|---|---|
| apiVersion | string | flows.netobserv.io/v1alpha1 | true |
| kind | string | FlowCollector | true |
| metadata | object | Refer to the Kubernetes API documentation for the fields of the `metadata` field. | true |
| spec | object |
FlowCollectorSpec defines the desired state of FlowCollector |
false |
| status | object |
FlowCollectorStatus defines the observed state of FlowCollector |
false |
FlowCollectorSpec defines the desired state of FlowCollector
| Name | Type | Description | Required |
|---|---|---|---|
| agent | enum |
Select the flows tracing agent. Possible values are "ipfix" (default) to use the IPFIX collector, or "ebpf" to use NetObserv eBPF agent. When using IPFIX with OVN-Kubernetes CNI, NetObserv will configure OVN's IPFIX exporter. Other CNIs are not supported, they could work but necessitate manual configuration. Enum: ipfix, ebpf Default: ipfix |
true |
| clusterNetworkOperator | object |
Settings related to the OpenShift Cluster Network Operator, when available. |
false |
| consolePlugin | object |
Settings related to the OpenShift Console plugin, when available. |
false |
| ebpf | object |
Settings related to eBPF-based flow reporter when the "agent" property is set to "ebpf". Default: map[imagePullPolicy:IfNotPresent] |
false |
| flowlogsPipeline | object |
Settings related to the flowlogs-pipeline component, which collects and enriches the flows, and produces metrics. |
false |
| ipfix | object |
Settings related to IPFIX-based flow reporter when the "agent" property is set to "ipfix". Default: map[sampling:400] |
false |
| kafka | object |
Kafka configuration, allowing to use Kafka as a broker as part of the flow collection pipeline. This is a new and experimental feature, not yet recommended to use in production. |
false |
| loki | object |
Settings related to the Loki client, used as a flow store. |
false |
| namespace | string |
Namespace where NetObserv pods are deployed. If empty, the namespace of the operator is going to be used. Default: |
false |
| ovnKubernetes | object |
Settings related to OVN-Kubernetes CNI, when available. This configuration is used when using OVN's IPFIX exports, without OpenShift. When using OpenShift, refer to the `clusterNetworkOperator` property instead. |
false |
Settings related to the OpenShift Cluster Network Operator, when available.
| Name | Type | Description | Required |
|---|---|---|---|
| namespace | string |
Namespace where the configmap is going to be deployed. Default: openshift-network-operator |
false |
Settings related to the OpenShift Console plugin, when available.
| Name | Type | Description | Required |
|---|---|---|---|
| register | boolean |
Automatically register the provided console plugin with the OpenShift Console operator. When set to false, you can still register it manually by editing console.operator.openshift.io/cluster. E.g: oc patch console.operator.openshift.io cluster --type='json' -p '[{"op": "add", "path": "/spec/plugins/-", "value": "network-observability-plugin"}]' Default: true |
true |
| hpa | object |
HPA spec of an horizontal pod autoscaler to set up for the plugin Deployment. |
false |
| image | string |
Image is the plugin image (including domain and tag) Default: quay.io/netobserv/network-observability-console-plugin:main |
false |
| imagePullPolicy | enum |
ImagePullPolicy is the Kubernetes pull policy for the image defined above Enum: IfNotPresent, Always, Never Default: IfNotPresent |
false |
| logLevel | enum |
LogLevel defines the log level for the console plugin backend Enum: trace, debug, info, warn, error, fatal, panic Default: info |
false |
| port | integer |
Port is the plugin service port Format: int32 Default: 9001 Minimum: 1 Maximum: 65535 |
false |
| portNaming | object |
Configuration of the port to service name translation Default: map[enable:true] |
false |
| replicas | integer |
Replicas defines the number of replicas (pods) to start. Format: int32 Default: 1 Minimum: 0 |
false |
| resources | object |
Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ Default: map[limits:map[memory:100Mi] requests:map[cpu:100m memory:50Mi]] |
false |
HPA spec of an horizontal pod autoscaler to set up for the plugin Deployment.
| Name | Type | Description | Required |
|---|---|---|---|
| maxReplicas | integer |
upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas. Format: int32 |
true |
| metrics | []object |
Metrics used by the pod autoscaler |
false |
| minReplicas | integer |
minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available. Format: int32 |
false |
MetricSpec specifies how to scale based on a single metric (only type and one other matching field should be set at once).
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type is the type of metric source. It should be one of "ContainerResource", "External", "Object", "Pods" or "Resource", each mapping to a matching field in the object. Note: "ContainerResource" type is available on when the feature-gate HPAContainerMetrics is enabled |
true |
| containerResource | object |
container resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag. |
false |
| external | object |
external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). |
false |
| object | object |
object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object). |
false |
| pods | object |
pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value. |
false |
| resource | object |
resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. |
false |
container resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag.
| Name | Type | Description | Required |
|---|---|---|---|
| container | string |
container is the name of the container in the pods of the scaling target |
true |
| name | string |
name is the name of the resource in question. |
true |
| target | object |
target specifies the target value for the given metric |
true |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).
| Name | Type | Description | Required |
|---|---|---|---|
| metric | object |
metric identifies the target metric by name and selector |
true |
| target | object |
target specifies the target value for the given metric |
true |
metric identifies the target metric by name and selector
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the given metric |
true |
| selector | object |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. |
false |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.
| Name | Type | Description | Required |
|---|---|---|---|
| matchExpressions | []object |
matchExpressions is a list of label selector requirements. The requirements are ANDed. |
false |
| matchLabels | map[string]string |
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. |
false |
FlowCollector.spec.consolePlugin.hpa.metrics[index].external.metric.selector.matchExpressions[index]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
key is the label key that the selector applies to. |
true |
| operator | string |
operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. |
true |
| values | []string |
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. |
false |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).
| Name | Type | Description | Required |
|---|---|---|---|
| describedObject | object |
CrossVersionObjectReference contains enough information to let you identify the referred resource. |
true |
| metric | object |
metric identifies the target metric by name and selector |
true |
| target | object |
target specifies the target value for the given metric |
true |
CrossVersionObjectReference contains enough information to let you identify the referred resource.
| Name | Type | Description | Required |
|---|---|---|---|
| kind | string |
Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" |
true |
| name | string |
Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names |
true |
| apiVersion | string |
API version of the referent |
false |
metric identifies the target metric by name and selector
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the given metric |
true |
| selector | object |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. |
false |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.
| Name | Type | Description | Required |
|---|---|---|---|
| matchExpressions | []object |
matchExpressions is a list of label selector requirements. The requirements are ANDed. |
false |
| matchLabels | map[string]string |
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. |
false |
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
key is the label key that the selector applies to. |
true |
| operator | string |
operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. |
true |
| values | []string |
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. |
false |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.
| Name | Type | Description | Required |
|---|---|---|---|
| metric | object |
metric identifies the target metric by name and selector |
true |
| target | object |
target specifies the target value for the given metric |
true |
metric identifies the target metric by name and selector
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the given metric |
true |
| selector | object |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. |
false |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.
| Name | Type | Description | Required |
|---|---|---|---|
| matchExpressions | []object |
matchExpressions is a list of label selector requirements. The requirements are ANDed. |
false |
| matchLabels | map[string]string |
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. |
false |
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
key is the label key that the selector applies to. |
true |
| operator | string |
operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. |
true |
| values | []string |
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. |
false |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the resource in question. |
true |
| target | object |
target specifies the target value for the given metric |
true |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
Configuration of the port to service name translation
| Name | Type | Description | Required |
|---|---|---|---|
| enable | boolean |
Should this feature be enabled Default: true |
false |
| portNames | map[string]string |
Additional port name to use in the console E.g. portNames: {"3100": "loki"} |
false |
Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
| Name | Type | Description | Required |
|---|---|---|---|
| limits | map[string]int or string |
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
| requests | map[string]int or string |
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
Settings related to eBPF-based flow reporter when the "agent" property is set to "ebpf".
| Name | Type | Description | Required |
|---|---|---|---|
| cacheActiveTimeout | string |
CacheActiveTimeout is the max period during which the reporter will aggregate flows before sending Default: 5s |
false |
| cacheMaxFlows | integer |
CacheMaxFlows is the max number of flows in an aggregate; when reached, the reporter sends the flows Format: int32 Default: 1000 Minimum: 1 |
false |
| env | map[string]string |
Env allows passing custom environment variables to the NetObserv Agent. Useful for passing some very concrete performance-tuning options (e.g. GOGC, GOMAXPROCS) that shouldn't be publicly exposed as part of the FlowCollector descriptor, as they are only useful in edge debug/support scenarios. |
false |
| excludeInterfaces | []string |
ExcludeInterfaces contains the interface names that will be excluded from flow tracing. If an entry is enclosed by slashes (e.g. `/br-/`), it will match as regular expression, otherwise it will be matched as a case-sensitive string. Default: [lo] |
false |
| image | string |
Image is the NetObserv Agent image (including domain and tag) Default: quay.io/netobserv/netobserv-ebpf-agent:main |
false |
| imagePullPolicy | enum |
ImagePullPolicy is the Kubernetes pull policy for the image defined above Enum: IfNotPresent, Always, Never Default: IfNotPresent |
false |
| interfaces | []string |
Interfaces contains the interface names from where flows will be collected. If empty, the agent will fetch all the interfaces in the system, excepting the ones listed in ExcludeInterfaces. If an entry is enclosed by slashes (e.g. `/br-/`), it will match as regular expression, otherwise it will be matched as a case-sensitive string. |
false |
| logLevel | enum |
LogLevel defines the log level for the NetObserv eBPF Agent Enum: trace, debug, info, warn, error, fatal, panic Default: info |
false |
| privileged | boolean |
Privileged mode for the eBPF Agent container. If false, the operator will add the following capabilities to the container, to enable its correct operation: BPF, PERFMON, NET_ADMIN, SYS_RESOURCE. |
false |
| resources | object |
Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
| sampling | integer |
Sampling is the sampling rate on the reporter. 100 means one flow on 100 is sent. 0 or 1 means disabled. Format: int32 |
false |
Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
| Name | Type | Description | Required |
|---|---|---|---|
| limits | map[string]int or string |
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
| requests | map[string]int or string |
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
Settings related to the flowlogs-pipeline component, which collects and enriches the flows, and produces metrics.
| Name | Type | Description | Required |
|---|---|---|---|
| dropUnusedFields | boolean |
Set true to drop fields that are known to be unused by OVS, in order to save storage space. Default: true |
false |
| enableKubeProbes | boolean |
EnableKubeProbes is a flag to enable or disable Kubernetes liveness/readiness probes Default: true |
false |
| healthPort | integer |
HealthPort is a collector HTTP port in the Pod that exposes the health check API Format: int32 Default: 8080 Minimum: 1 Maximum: 65535 |
false |
| hpa | object |
HPA spec of an horizontal pod autoscaler to set up for the collector Deployment. Ignored for DaemonSet. |
false |
| ignoreMetrics | []string |
IgnoreMetrics is a list of tags to specify which metrics to ignore |
false |
| image | string |
Image is the collector image (including domain and tag) Default: quay.io/netobserv/flowlogs-pipeline:main |
false |
| imagePullPolicy | enum |
ImagePullPolicy is the Kubernetes pull policy for the image defined above Enum: IfNotPresent, Always, Never Default: IfNotPresent |
false |
| kind | enum |
Kind is the workload kind, either DaemonSet or Deployment. When DaemonSet is used, each pod will receive flows from the node it is running on. When Deployment is used, the flows traffic received from nodes will be load-balanced. Note that in such a case, the number of replicas should be less or equal to the number of nodes, as extra-pods would be unused due to session affinity with the node IP. When using Kafka, this option only affects the flowlogs-pipeline ingester, not the transformer. Enum: DaemonSet, Deployment Default: DaemonSet |
false |
| logLevel | enum |
LogLevel defines the log level for the collector runtime Enum: trace, debug, info, warn, error, fatal, panic Default: info |
false |
| port | integer |
Port is the collector port: either a service port for Deployment kind, or host port for DaemonSet kind By conventions, some value are not authorized port must not be below 1024 and must not equal this values: 4789,6081,500, and 4500 Format: int32 Default: 2055 Minimum: 1025 Maximum: 65535 |
false |
| prometheusPort | integer |
PrometheusPort is the prometheus HTTP port: this port exposes prometheus metrics Format: int32 Default: 9102 Minimum: 1 Maximum: 65535 |
false |
| replicas | integer |
Replicas defines the number of replicas (pods) to start for Deployment kind. Ignored for DaemonSet. Format: int32 Default: 1 Minimum: 0 |
false |
| resources | object |
Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ Default: map[limits:map[memory:300Mi] requests:map[cpu:100m memory:100Mi]] |
false |
HPA spec of an horizontal pod autoscaler to set up for the collector Deployment. Ignored for DaemonSet.
| Name | Type | Description | Required |
|---|---|---|---|
| maxReplicas | integer |
upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas. Format: int32 |
true |
| metrics | []object |
Metrics used by the pod autoscaler |
false |
| minReplicas | integer |
minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available. Format: int32 |
false |
MetricSpec specifies how to scale based on a single metric (only type and one other matching field should be set at once).
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type is the type of metric source. It should be one of "ContainerResource", "External", "Object", "Pods" or "Resource", each mapping to a matching field in the object. Note: "ContainerResource" type is available on when the feature-gate HPAContainerMetrics is enabled |
true |
| containerResource | object |
container resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag. |
false |
| external | object |
external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). |
false |
| object | object |
object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object). |
false |
| pods | object |
pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value. |
false |
| resource | object |
resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. |
false |
container resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag.
| Name | Type | Description | Required |
|---|---|---|---|
| container | string |
container is the name of the container in the pods of the scaling target |
true |
| name | string |
name is the name of the resource in question. |
true |
| target | object |
target specifies the target value for the given metric |
true |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).
| Name | Type | Description | Required |
|---|---|---|---|
| metric | object |
metric identifies the target metric by name and selector |
true |
| target | object |
target specifies the target value for the given metric |
true |
metric identifies the target metric by name and selector
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the given metric |
true |
| selector | object |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. |
false |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.
| Name | Type | Description | Required |
|---|---|---|---|
| matchExpressions | []object |
matchExpressions is a list of label selector requirements. The requirements are ANDed. |
false |
| matchLabels | map[string]string |
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. |
false |
FlowCollector.spec.flowlogsPipeline.hpa.metrics[index].external.metric.selector.matchExpressions[index]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
key is the label key that the selector applies to. |
true |
| operator | string |
operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. |
true |
| values | []string |
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. |
false |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).
| Name | Type | Description | Required |
|---|---|---|---|
| describedObject | object |
CrossVersionObjectReference contains enough information to let you identify the referred resource. |
true |
| metric | object |
metric identifies the target metric by name and selector |
true |
| target | object |
target specifies the target value for the given metric |
true |
CrossVersionObjectReference contains enough information to let you identify the referred resource.
| Name | Type | Description | Required |
|---|---|---|---|
| kind | string |
Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" |
true |
| name | string |
Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names |
true |
| apiVersion | string |
API version of the referent |
false |
metric identifies the target metric by name and selector
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the given metric |
true |
| selector | object |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. |
false |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.
| Name | Type | Description | Required |
|---|---|---|---|
| matchExpressions | []object |
matchExpressions is a list of label selector requirements. The requirements are ANDed. |
false |
| matchLabels | map[string]string |
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. |
false |
FlowCollector.spec.flowlogsPipeline.hpa.metrics[index].object.metric.selector.matchExpressions[index]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
key is the label key that the selector applies to. |
true |
| operator | string |
operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. |
true |
| values | []string |
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. |
false |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.
| Name | Type | Description | Required |
|---|---|---|---|
| metric | object |
metric identifies the target metric by name and selector |
true |
| target | object |
target specifies the target value for the given metric |
true |
metric identifies the target metric by name and selector
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the given metric |
true |
| selector | object |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. |
false |
selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.
| Name | Type | Description | Required |
|---|---|---|---|
| matchExpressions | []object |
matchExpressions is a list of label selector requirements. The requirements are ANDed. |
false |
| matchLabels | map[string]string |
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. |
false |
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
key is the label key that the selector applies to. |
true |
| operator | string |
operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. |
true |
| values | []string |
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. |
false |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
name is the name of the resource in question. |
true |
| target | object |
target specifies the target value for the given metric |
true |
target specifies the target value for the given metric
| Name | Type | Description | Required |
|---|---|---|---|
| type | string |
type represents whether the metric type is Utilization, Value, or AverageValue |
true |
| averageUtilization | integer |
averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type Format: int32 |
false |
| averageValue | int or string |
averageValue is the target value of the average of the metric across all relevant pods (as a quantity) |
false |
| value | int or string |
value is the target value of the metric (as a quantity). |
false |
Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
| Name | Type | Description | Required |
|---|---|---|---|
| limits | map[string]int or string |
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
| requests | map[string]int or string |
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
Settings related to IPFIX-based flow reporter when the "agent" property is set to "ipfix".
| Name | Type | Description | Required |
|---|---|---|---|
| cacheActiveTimeout | string |
CacheActiveTimeout is the max period during which the reporter will aggregate flows before sending Default: 20s |
false |
| cacheMaxFlows | integer |
CacheMaxFlows is the max number of flows in an aggregate; when reached, the reporter sends the flows Format: int32 Default: 400 Minimum: 0 |
false |
| forceSampleAll | boolean |
It is not recommended to sample all the traffic with IPFIX, as it may generate cluster instability. If you REALLY want to do that, set this flag to true. Use at your own risks. When it is set to true, the value of "sampling" is ignored. Default: false |
false |
| sampling | integer |
Sampling is the sampling rate on the reporter. 100 means one flow on 100 is sent. To ensure cluster stability, it is not possible to set a value below 2. If you really want to sample every packet, which may impact the cluster stability, refer to "forceSampleAll". Alternatively, you can use the eBPF Agent instead of IPFIX. Format: int32 Default: 400 Minimum: 2 |
false |
Kafka configuration, allowing to use Kafka as a broker as part of the flow collection pipeline. This is a new and experimental feature, not yet recommended to use in production.
| Name | Type | Description | Required |
|---|---|---|---|
| address | string |
Address of the Kafka server Default: |
true |
| topic | string |
Kafka topic to use. It must exist, NetObserv will not create it. Default: |
true |
| enable | boolean |
Set true to use Kafka as part of the flow collection pipeline. When enabled, the pipeline is split in two parts: ingestion and transformation, connected by Kafka. The ingestion is either done by a specific flowlogs-pipeline workload, or by the eBPF agent, depending on the value of `spec.agent`. The transformation is done by a new flowlogs-pipeline deployment. Default: false |
false |
| tls | object |
TLS client configuration. |
false |
TLS client configuration.
| Name | Type | Description | Required |
|---|---|---|---|
| caCert | object |
CA certificate reference |
false |
| enable | boolean |
Enable TLS Default: false |
false |
| insecureSkipVerify | boolean |
Skip client-side verification of the server certificate Default: false |
false |
| userCert | object |
User certificate reference |
false |
CA certificate reference
| Name | Type | Description | Required |
|---|---|---|---|
| certFile | string |
Certificate file name within the ConfigMap / Secret |
false |
| certKey | string |
Certificate private key file name within the ConfigMap / Secret. Omit when the key is not necessary. |
false |
| name | string |
Name of the ConfigMap or Secret containing certificates |
false |
| type | enum |
Reference type: configmap or secret Enum: configmap, secret |
false |
User certificate reference
| Name | Type | Description | Required |
|---|---|---|---|
| certFile | string |
Certificate file name within the ConfigMap / Secret |
false |
| certKey | string |
Certificate private key file name within the ConfigMap / Secret. Omit when the key is not necessary. |
false |
| name | string |
Name of the ConfigMap or Secret containing certificates |
false |
| type | enum |
Reference type: configmap or secret Enum: configmap, secret |
false |
Settings related to the Loki client, used as a flow store.
| Name | Type | Description | Required |
|---|---|---|---|
| batchSize | integer |
BatchSize is max batch size (in bytes) of logs to accumulate before sending Format: int64 Default: 102400 Minimum: 1 |
false |
| batchWait | string |
BatchWait is max time to wait before sending a batch Default: 1s |
false |
| maxBackoff | string |
MaxBackoff is the maximum backoff time for client connection between retries Default: 300s |
false |
| maxRetries | integer |
MaxRetries is the maximum number of retries for client connections Format: int32 Default: 10 Minimum: 0 |
false |
| minBackoff | string |
MinBackoff is the initial backoff time for client connection between retries Default: 1s |
false |
| querierUrl | string |
QuerierURL specifies the address of the Loki querier service, in case it is different from the Loki ingester URL. If empty, the URL value will be used (assuming that the Loki ingester and querier are int he same host). |
false |
| staticLabels | map[string]string |
StaticLabels is a map of common labels to set on each flow Default: map[app:netobserv-flowcollector] |
false |
| tenantID | string |
TenantID is the Loki X-Scope-OrgID that identifies the tenant for each request. it will be ignored if instanceSpec is specified Default: netobserv |
false |
| timeout | string |
Timeout is the maximum time connection / request limit A Timeout of zero means no timeout. Default: 10s |
false |
| tls | object |
TLS client configuration. |
false |
| url | string |
URL is the address of an existing Loki service to push the flows to. Default: http://loki:3100/ |
false |
TLS client configuration.
| Name | Type | Description | Required |
|---|---|---|---|
| caCert | object |
CA certificate reference |
false |
| enable | boolean |
Enable TLS Default: false |
false |
| insecureSkipVerify | boolean |
Skip client-side verification of the server certificate Default: false |
false |
| userCert | object |
User certificate reference |
false |
CA certificate reference
| Name | Type | Description | Required |
|---|---|---|---|
| certFile | string |
Certificate file name within the ConfigMap / Secret |
false |
| certKey | string |
Certificate private key file name within the ConfigMap / Secret. Omit when the key is not necessary. |
false |
| name | string |
Name of the ConfigMap or Secret containing certificates |
false |
| type | enum |
Reference type: configmap or secret Enum: configmap, secret |
false |
User certificate reference
| Name | Type | Description | Required |
|---|---|---|---|
| certFile | string |
Certificate file name within the ConfigMap / Secret |
false |
| certKey | string |
Certificate private key file name within the ConfigMap / Secret. Omit when the key is not necessary. |
false |
| name | string |
Name of the ConfigMap or Secret containing certificates |
false |
| type | enum |
Reference type: configmap or secret Enum: configmap, secret |
false |
Settings related to OVN-Kubernetes CNI, when available. This configuration is used when using OVN's IPFIX exports, without OpenShift. When using OpenShift, refer to the clusterNetworkOperator property instead.
| Name | Type | Description | Required |
|---|---|---|---|
| containerName | string |
Name of the container to configure for IPFIX. Default: ovnkube-node |
false |
| daemonSetName | string |
Name of the DaemonSet controlling the OVN-Kubernetes pods. Default: ovnkube-node |
false |
| namespace | string |
Namespace where OVN-Kubernetes pods are deployed. Default: ovn-kubernetes |
false |
FlowCollectorStatus defines the observed state of FlowCollector
| Name | Type | Description | Required |
|---|---|---|---|
| conditions | []object |
Conditions represent the latest available observations of an object's state |
true |
| namespace | string |
Namespace where console plugin and flowlogs-pipeline have been deployed. |
false |
Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"
// other fields }
| Name | Type | Description | Required |
|---|---|---|---|
| lastTransitionTime | string |
lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. Format: date-time |
true |
| message | string |
message is a human readable message indicating details about the transition. This may be an empty string. |
true |
| reason | string |
reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. |
true |
| status | enum |
status of the condition, one of True, False, Unknown. Enum: True, False, Unknown |
true |
| type | string |
type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) |
true |
| observedGeneration | integer |
observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. Format: int64 Minimum: 0 |
false |