QKView and iHealth

Overview

The Cloud-Native Network Functions (CNFs) Cluster Wide Controller (CWC) has been enhanced to support the qkview API to run the qkview command.

The purpose of QKView collection is to facilitate collection and packaging of diagnostic information from running containers within an mBIP deployment.

Note: The CRs or ConfigMaps are not collected by default, to collect them, they have to be included in the API request. For more information on how to collect CRs and ConfigMaps, see QKview API

This document guides you through understanding and running the qkview API from CWC.

QKView REST APIs

Use the Procedure section to see how the QKView API can be used to run jobs.

Command Examples

POST Request

Use the POST request to create new job IDs. You can request from the CWC to run a QKView job on a container by POSTing a request using /QKView API.

Note: You can create only single job running at a time.

POST Request CWC API Endpoint

https://f5-spk-cwc.f5-utils:30881/qkview?namespace=""

_images/spk_info.png Note: QKview will collect data from the namespace if a namespace is specified in the POST request. If the namespace is not specified in the POST request, data is collected from all the available namespaces in the cluster.

POST Request Body

{
 filename: <name_of_tar_file_that_gets_generated_from_qkview>
}

QKVIEW

curl -X POST https://f5-spk-cwc.f5-utils:30881/v1/qkview  --cert client_certificate --cacert ca_certificate --key client_key -k

Sample output:

{"id":"7af760ad-815b-471e-a6ba-d94a7d9c4c6a", "filename":"7af760ad-815b-471e-a6ba-d94a7d9c4c6a"}

GET Requests

Get Request to obtain the QKview Status

Use the QKView GET API to retrieve the status.

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id>/status --cert client_certificate --cacert ca_certificate --key client_key -k

Example:

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a/status --cert client_certificate --cacert ca_certificate --key client_key -k

If the status is complete, QKview tarball can be downloaded.

GET API Request to download the QKview tar

Use the following query to download the QKview tar.

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id>/download --cert client_certificate --cacert ca_certificate --key client_key -k --output qkview.tar.gz

Example:

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a/download --cert client_certificat--cacert ca_certificate --key client_key -k --output qkview.tar.gz

_images/spk_info.png Note: You can query even without Job ID as a query parameter, then it takes latest jobId into consideration.

DELETE Requests

Use the QKView DELETE API to delete all jobIds or a particular jobId from the persistent volume.

Delete a specific qkview by its unique identifier

curl -X DELETE https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id> --cert client_certificate --cacert ca_certificate --key client_key -k

Example:

curl -X DELETE https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a --cert client_certificat--cacert ca_certificate --key client_key -k --output qkview.tar.gz

Procedures

Following is the procedure to ping a remote host from the QKView sidecar using the CWC QKView API.

  1. As described in the CNFs Licensing guide, create a new directory for the CWC REST API certificates.

    mkdir cwc_api

  2. Copy each of the certificates into the new directory.

    cp api-server-secrets/ssl/client/certs/client_certificate.pem cwc_api

    cp api-server-secrets/ssl/ca/certs/ca_certificate.pem cwc_api

    cp api-server-secrets/ssl/client/secrets/client_key.pem cwc_api

  3. To get the unique identifier, execute the POST Request described in the POST Request section.

  4. To download the QKview tar, execute the GET Request, mentioned in the GET Request section.

  5. Add the CNF CWC serviceAccount to the project’s privileged security context constraint (SCC):

    _images/spk_info.png Note: The spk-cwc serviceAccount name is based on the Helm release name. For more information, see Step 6.

    oc adm policy add-scc-to-user privileged -n <project> -z <serviceaccount>

    In this example, the cnf-cwc serviceAccount is added to the cnf-telemetry Project’s privileged SCC:

    oc adm policy add-scc-to-user privileged -n spk-telemetry -z spk-cwc

  6. Enable the CWC persistence. Following is an example cwc-values.yaml file with the CWC persistence and collectPodInfoOnly parameters enabled.

    Copy the following in cwc-values.yaml file:

    persistence:
  enabled: true storageclass: mylocalfl
  accessMode: Realwritence size: 3Gi
  csm_qkview:
  enabled: true
collectPodInfoOnly:
    enabled: true

Uploading to iHealth

Use these steps to upload the QKView diagnostic tarball to the iHealth website.

  1. Log in to the iHealth website at https://ihealth.f5.com/qkview-analyzer/.
  2. Click Upload toward the top left.
  3. Click Choose and navigate to the iHealth_qkview-packaging.tar.gz file on your local workstation.
  4. Click Open.
  5. If you opened a support case, add the case number to the F5 Support Case (SR) field.
  6. Click Upload QKView(s).
  7. The uploaded qkview link will appear at the top of the list and can be used to view the collected data.

Feedback

Provide feedback to improve this document by emailing cnfdocs@f5.com.

Supplemental