Network Observability 1.8 release notes 4.12-4.16

observability/network_observability/network-observability-operator-release-notes.adoc

@@ -12,6 +12,60 @@ The Network Observability Operator enables administrators to observe and analyze
 These release notes track the development of the Network Observability Operator in the {product-title}.
 
 For an overview of the Network Observability Operator, see xref:../../observability/network_observability/network-observability-overview.adoc#dependency-network-observability[About Network Observability Operator].
+
+[id="network-observability-operator-release-notes-1-8_{context}"]
+== Network Observability Operator 1.8.0
+The following advisory is available for the Network Observability Operator 1.8.0:
+
+* link:https://access.redhat.com/errata/RHSA-2024:8014[Network Observability Operator 1.8.0]
+
+[id="network-observability-operator-1.8.0-features-enhancements_{context}"]
+=== New features and enhancements
+
+[id="network-observability-operator-pkt-xlat-1-8_{context}"]
+==== Packet translation
+You can now enrich network flows with translated endpoint information, showing not only the service but also the specific backend pod, so you can see which pod served a request.
+
+[id="network-observability-cli-1-8_{context}"]
+==== Network Observability CLI
+The following new features, options, and filters are added to the Network Observability CLI for this release:
+
+* Capture metrics with filters enabled by running the `oc netobserv metrics` command.
+* Run the CLI in the background by using the `--background` option with flows and packets capture and running `oc netobserv follow` to see the progress of the background run and `oc netobserv copy` to download the generated logs.
+* Enrich flows and metrics capture with Machines, Pods, and Services subnets by using the `--get-subnets` option.
+* New filtering options available with packets, flows, and metrics capture:
+
+** On custom nodes using `--node-selector`
+** On drops only using `--drops`
+** By any field using `--regexes`
+
+
+[id="network-observability-operator-1-8-bug-fixes_{context}"]
+=== Bug fixes
+* Previously, the Network Observability Operator came with a "kube-rbac-proxy" container to manage RBAC for its metrics server. Since this external component is deprecated, it was necessary to remove it. It is now replaced with direct TLS and RBAC management through Kubernetes controller-runtime, without the need for a side-car proxy. (link:https://issues.redhat.com/browse/NETOBSERV-1999[*NETOBSERV-1999*])
+
+* Previously in the {product-title} console plugin, filtering on a key that was not equal to multiple values would not filter anything. With this fix, the expected results are returned, which is all flows not having any of the filtered values. (link:https://issues.redhat.com/browse/NETOBSERV-1990[*NETOBSERV-1990*])
+
+* Previously in the {product-title} console plugin with disabled Loki, it was very likely to generate a "Can't build query" error due to selecting an incompatible set of filters and aggregations. Now this error is avoided avoid by automatically disabling incompatible filters while still making the user aware of the filter incompatibility. (link:https://issues.redhat.com/browse/NETOBSERV-1977[*NETOBSERV-1977*])
+
+* Previously, when viewing flow details from the console plugin, the ICMP info was always displayed in the side panel, showing "undefined" values for non-ICMP flows. With this fix, ICMP info is not displayed for non-ICMP flows. (link:https://issues.redhat.com/browse/NETOBSERV-1969[*NETOBSERV-1969*])
+
+* Previously, the "Export data" link from the *Traffic flows* view did not work as intended, generating empty CSV reports. Now, the export feature is restored, generating non-empty CSV data. (link:https://issues.redhat.com/browse/NETOBSERV-1958[*NETOBSERV-1958*])
+
+* Previously, it was possible to configure the `FlowCollector` with `processor.logTypes` `Conversations`, `EndedConversations` or `All` with `loki.enable` set to `false`, despite the conversation logs being only useful when Loki is enabled. This resulted in resource usage waste. Now, this configuration is invalid and is rejected by the validation webhook. (link:https://issues.redhat.com/browse/NETOBSERV-1957[*NETOBSERV-1957*])
+
+* Configuring the `FlowCollector` with `processor.logTypes` set to `All` consumes a lot more resources, such as CPU, memory and network bandwidth, than the other options. This was previously not documented. It is now documented, and triggers a warning from the validation webhook. (link:https://issues.redhat.com/browse/NETOBSERV-1956[*NETOBSERV-1956*])
+
+* Previously, under high stress, some flows generated by the eBPF agent were mistakenly dismissed, resulting in traffic bandwidth under-estimation. Now, those generated flows are not dismissed. (link:https://issues.redhat.com/browse/NETOBSERV-1954[*NETOBSERV-1954*])
+
+* Previously, when enabling the network policy in the `FlowCollector` configuration, the traffic to the Operator webhooks was blocked, breaking the `FlowMetrics` API validation. Now traffic to the webhooks is allowed. (link:https://issues.redhat.com/browse/NETOBSERV-1934[*NETOBSERV-1934*])
+
+* Previously, when deploying the default network policy, namespaces `openshift-console` and `openshift-monitoring` were set by default in the `additionalNamespaces` field, resulting in duplicated rules. Now there is no additional namespace set by default, which helps avoid getting duplicated rules.(link:https://issues.redhat.com/browse/NETOBSERV-1933[*NETOBSERV-1933*])
+
+* Previously from the {product-title} console plugin, filtering on TCP flags would match flows having only the exact desired flag. Now, any flow having at least the desired flag appears in filtered flows. (link:https://issues.redhat.com/browse/NETOBSERV-1890[*NETOBSERV-1890*])
+
+//made it to page 3 but need to circle back to page 1 & 2 with `missing RN` label
+
 [id="network-observability-operator-release-notes-1-7_{context}"]
 == Network Observability Operator 1.7.0
 The following advisory is available for the Network Observability Operator 1.7.0: