QKView and iHealth¶
Overview¶
The Cloud-Native Network Functions (CNFs) Cluster Wide Controller (CWC) has been enhanced to support the qkview API to run the qkview command.
The purpose of QKView collection is to facilitate collection and packaging of diagnostic information from running containers within an mBIP deployment.
Note: The CRs or ConfigMaps are not collected by default, to collect them, they have to be included in the API request. For more information on how to collect CRs and ConfigMaps, see QKview API
This document guides you through understanding and running the qkview API from CWC.
Command Examples¶
POST Request¶
Use the POST request to create new job IDs. You can request from the CWC to run a QKView job on a container by POSTing a request using /QKView API.
Note: You can create only single job running at a time.
POST Request CWC API Endpoint
https://f5-spk-cwc.f5-utils:30881/qkview?namespace=""
Note: QKview will collect data from the namespace if a namespace is specified in the POST request. If the namespace is not specified in the POST request, data is collected from all the available namespaces in the cluster.
POST Request Body
{
filename: <name_of_tar_file_that_gets_generated_from_qkview>
}
QKVIEW
curl -X POST https://f5-spk-cwc.f5-utils:30881/v1/qkview --cert client_certificate --cacert ca_certificate --key client_key -k
Sample output:
{"id":"7af760ad-815b-471e-a6ba-d94a7d9c4c6a", "filename":"7af760ad-815b-471e-a6ba-d94a7d9c4c6a"}
GET Requests¶
Get Request to obtain the QKview Status
Use the QKView GET API to retrieve the status.
curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id>/status --cert client_certificate --cacert ca_certificate --key client_key -k
Example:
curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a/status --cert client_certificate --cacert ca_certificate --key client_key -k
If the status is complete, QKview tarball can be downloaded.
GET API Request to download the QKview tar
Use the following query to download the QKview tar.
curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id>/download --cert client_certificate --cacert ca_certificate --key client_key -k --output qkview.tar.gz
Example:
curl -X GET https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a/download --cert client_certificat--cacert ca_certificate --key client_key -k --output qkview.tar.gz
Note: You can query even without Job ID as a query parameter, then it takes latest jobId into consideration.
DELETE Requests¶
Use the QKView DELETE API to delete all jobIds or a particular jobId from the persistent volume.
Delete a specific qkview by its unique identifier
curl -X DELETE https://f5-spk-cwc.f5-utils:30881/v1/qkview/<job id> --cert client_certificate --cacert ca_certificate --key client_key -k
Example:
curl -X DELETE https://f5-spk-cwc.f5-utils:30881/v1/qkview/7af760ad-815b-471e-a6ba-d94a7d9c4c6a --cert client_certificat--cacert ca_certificate --key client_key -k --output qkview.tar.gz
Procedures¶
Following is the procedure to ping a remote host from the QKView sidecar using the CWC QKView API.
As described in the CNFs Licensing guide, create a new directory for the CWC REST API certificates.
mkdir cwc_apiCopy each of the certificates into the new directory.
cp api-server-secrets/ssl/client/certs/client_certificate.pem cwc_api
cp api-server-secrets/ssl/ca/certs/ca_certificate.pem cwc_api
cp api-server-secrets/ssl/client/secrets/client_key.pem cwc_api
To get the unique identifier, execute the POST Request described in the POST Request section.
To download the QKview tar, execute the GET Request, mentioned in the GET Request section.
Add the CNF CWC serviceAccount to the project’s privileged security context constraint (SCC):
Note: The cnf-cwc serviceAccount name is based on the Helm release name. For more information, see Step 6.kubectl adm policy add-scc-to-user privileged -n <project> -z <serviceaccount>
In this example, the cnf-cwc serviceAccount is added to the cnf-telemetry Project’s privileged SCC:
kubectl adm policy add-scc-to-user privileged -n cnf-telemetry -z cnf-cwc
Enable the CWC persistence. Following is an example
cwc-values.yamlfile with the CWC persistence andcollectPodInfoOnlyparameters enabled.Copy the following in
cwc-values.yamlfile:persistence: enabled: true storageclass: mylocalfl accessMode: Realwritence size: 3Gi csm_qkview: enabled: true collectPodInfoOnly: enabled: true
Uploading the QKView File to iHealth¶
Important: The maximum file size for a QKView diagnostic tarball uploaded to iHealth is 4GB.
If the QKView diagnostic tarball size exceeds 4GB, we recommend users apply the following filtering options available in the QKView API to reduce the file size:
• Limit collection to only the relevant pods instead of the entire cluster.
• Collect only specific logs instead of all container logs.
• Apply log filters (e.g., only error or warning level entries) to avoid collecting unnecessary data.
These filtering options help tailor the QKView output to what’s actually needed, significantly reducing the tarball size. Users should refer to the QKView API documentation to explore and apply these and other options effectively.
To upload the QKView diagnostic tarball to the iHealth website, follow the below instructions:
- Log in to the iHealth website at https://ihealth.f5.com/qkview-analyzer/.
- Click Upload toward the top left.
- Click Choose and navigate to the iHealth_qkview-packaging.tar.gz file on your local workstation.
- Click Open.
- If you opened a support case, add the case number to the F5 Support Case (SR) field.
- Click Upload QKView(s).
- The uploaded qkview link will appear at the top of the list and can be used to view the collected data.
Feedback
Provide feedback to improve this document by emailing cnfdocs@f5.com.
Supplemental