QKView and iHealth

Overview

The Cloud-Native Network Functions (CNFs) Cluster Wide Controller (CWC) has been enhanced to support the qkview API to run the qkview command.

The purpose of QKView collection is to facilitate collection and packaging of diagnostic information from running containers within an mBIP deployment.

Note: The CRs or ConfigMaps are not collected by default, to collect them, they have to be included in the API request. For more information on how to collect CRs and ConfigMaps, see QKview API

This document guides you through understanding and running the qkview API from CWC.

QKView REST APIs

Use the Procedure section to see how the QKView API can be used to run jobs.

Command Examples

POST Request

Use the POST request to create new job IDs. You can request from the CWC to run a QKView job on a container by POSTing a request using /QKView API.

Note: You can create only single job running at a time.

POST Request CWC API Endpoint

https://f5-spk-cwc.f5-utils:30881/qkview?namespace=""

_images/spk_info.png Note: QKview will collect data from the namespace if a namespace is specified in the POST request. If the namespace is not specified in the POST request, data is collected from all the available namespaces in the cluster.

POST Request Body

{
 filename: <name_of_tar_file_that_gets_generated_from_qkview>
}

QKVIEW

curl -X POST https://f5-spk-cwc.f5-utils:30881/v1/qkview  --cert client_certificate --cacert ca_certificate --key client_key -k

Sample output:

{"id":"7af760ad-815b-471e-a6ba-d94a7d9c4c6a", "filename":"7af760ad-815b-471e-a6ba-d94a7d9c4c6a"}

GET Requests

Get Request to obtain the QKview Status

Use the QKView GET API to retrieve the status.

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id>/status --cert client_certificate --cacert ca_certificate --key client_key -k

Example:

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a/status --cert client_certificate --cacert ca_certificate --key client_key -k

If the status is complete, QKview tarball can be downloaded.

GET API Request to download the QKview tar

Use the following query to download the QKview tar.

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id>/download --cert client_certificate --cacert ca_certificate --key client_key -k --output qkview.tar.gz 

Example:

curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a/download --cert client_certificat--cacert ca_certificate --key client_key -k --output qkview.tar.gz

_images/spk_info.png Note: You can query even without Job ID as a query parameter, then it takes latest jobId into consideration.

DELETE Requests

Use the QKView DELETE API to delete all jobIds or a particular jobId from the persistent volume.

Delete a specific qkview by its unique identifier

curl -X DELETE https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id> --cert client_certificate --cacert ca_certificate --key client_key -k

Example:

curl -X DELETE https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a --cert client_certificat--cacert ca_certificate --key client_key -k --output qkview.tar.gz

Procedures

Following is the procedure to ping a remote host from the QKView sidecar using the CWC QKView API.

  1. As described in the CNFs Licensing guide, create a new directory for the CWC REST API certificates.

    mkdir cwc_api
    
  2. Copy each of the certificates into the new directory.

    cp api-server-secrets/ssl/client/certs/client_certificate.pem cwc_api
    
    cp api-server-secrets/ssl/ca/certs/ca_certificate.pem cwc_api
    
    cp api-server-secrets/ssl/client/secrets/client_key.pem cwc_api
    
  3. To get the unique identifier, execute the POST Request described in the POST Request section.

  4. To download the QKview tar, execute the GET Request, mentioned in the GET Request section.

  5. Add the CNF CWC serviceAccount to the project’s privileged security context constraint (SCC):

    _images/spk_info.png Note: The cnf-cwc serviceAccount name is based on the Helm release name. For more information, see Step 6.

    kubectl adm policy add-scc-to-user privileged -n <project> -z <serviceaccount>
    

    In this example, the cnf-cwc serviceAccount is added to the cnf-telemetry Project’s privileged SCC:

    kubectl adm policy add-scc-to-user privileged -n cnf-telemetry -z cnf-cwc
    
  6. Enable the CWC persistence. Following is an example cwc-values.yaml file with the CWC persistence and collectPodInfoOnly parameters enabled.

    Copy the following in cwc-values.yaml file:

    persistence:
      enabled: true storageclass: mylocalfl
      accessMode: Realwritence size: 3Gi
      csm_qkview:
      enabled: true
    collectPodInfoOnly:
        enabled: true
    

Uploading the QKView File to iHealth

_images/spk_warn.png Important: The maximum file size for a QKView diagnostic tarball uploaded to iHealth is 4GB.

If the QKView diagnostic tarball size exceeds 4GB, we recommend users apply the following filtering options available in the QKView API to reduce the file size:

• Limit collection to only the relevant pods instead of the entire cluster.
• Collect only specific logs instead of all container logs.
• Apply log filters (e.g., only error or warning level entries) to avoid collecting unnecessary data.

These filtering options help tailor the QKView output to what’s actually needed, significantly reducing the tarball size. Users should refer to the QKView API documentation to explore and apply these and other options effectively.

To upload the QKView diagnostic tarball to the iHealth website, follow the below instructions:

  1. Log in to the iHealth website at https://ihealth.f5.com/qkview-analyzer/.
  2. Click Upload toward the top left.
  3. Click Choose and navigate to the iHealth_qkview-packaging.tar.gz file on your local workstation.
  4. Click Open.
  5. If you opened a support case, add the case number to the F5 Support Case (SR) field.
  6. Click Upload QKView(s).
  7. The uploaded qkview link will appear at the top of the list and can be used to view the collected data.

Feedback

Provide feedback to improve this document by emailing cnfdocs@f5.com.

Supplemental