diff --git a/api/flowcollector/v1beta2/flowcollector_types.go b/api/flowcollector/v1beta2/flowcollector_types.go
index 4052bfc9a..1ddffaba5 100644
--- a/api/flowcollector/v1beta2/flowcollector_types.go
+++ b/api/flowcollector/v1beta2/flowcollector_types.go
@@ -1392,6 +1392,7 @@ type AdvancedProcessorConfig struct {
// Defines secondary networks to be checked for resources identification.
// To guarantee a correct identification, indexed values must form an unique identifier across the cluster.
// If the same index is used by several resources, those resources might be incorrectly labeled.
+ // If not provided and `spec.agent.ebpf.privileged` is `true`, secondary networks are detected automatically.
// +optional
SecondaryNetworks []SecondaryNetwork `json:"secondaryNetworks,omitempty"`
}
@@ -1407,8 +1408,8 @@ const (
)
type SecondaryNetwork struct {
- // `name` should match the network name as visible in the pods annotation 'k8s.v1.cni.cncf.io/network-status'.
- // +kubebuilder:validation:Required
+ // Deprecated: `name` is unused.
+ // +optional
Name string `json:"name,omitempty"`
// `index` is a list of fields to use for indexing the pods. They should form a unique Pod identifier across the cluster.
diff --git a/api/flowcollector/v1beta2/helper.go b/api/flowcollector/v1beta2/helper.go
index 43de81880..d7e02f087 100644
--- a/api/flowcollector/v1beta2/helper.go
+++ b/api/flowcollector/v1beta2/helper.go
@@ -149,8 +149,18 @@ func (spec *FlowCollectorFLP) IsSubnetLabelsEnabled() bool {
return spec.HasAutoDetectOpenShiftNetworks() || len(spec.SubnetLabels.CustomLabels) > 0
}
-func (spec *FlowCollectorFLP) HasSecondaryIndexes() bool {
- return spec.Advanced != nil && len(spec.Advanced.SecondaryNetworks) > 0
+func (spec *FlowCollectorSpec) GetSecondaryIndexes() []SecondaryNetwork {
+ if spec.Processor.Advanced != nil && len(spec.Processor.Advanced.SecondaryNetworks) > 0 {
+ return spec.Processor.Advanced.SecondaryNetworks
+ }
+ if spec.Agent.EBPF.Privileged {
+ // Turn-on auto-detection in FLP by interface+MAC or interface+IP
+ return []SecondaryNetwork{
+ {Index: []SecondaryNetworkIndex{SecondaryNetworkIndexByInterface, SecondaryNetworkIndexByIP}},
+ {Index: []SecondaryNetworkIndex{SecondaryNetworkIndexByInterface, SecondaryNetworkIndexByMAC}},
+ }
+ }
+ return nil
}
func (spec *FlowCollectorFLP) HasAutoDetectOpenShiftNetworks() bool {
diff --git a/bundle/manifests/flows.netobserv.io_flowcollectors.yaml b/bundle/manifests/flows.netobserv.io_flowcollectors.yaml
index a3a1705e2..ca990d379 100644
--- a/bundle/manifests/flows.netobserv.io_flowcollectors.yaml
+++ b/bundle/manifests/flows.netobserv.io_flowcollectors.yaml
@@ -5374,6 +5374,7 @@ spec:
Defines secondary networks to be checked for resources identification.
To guarantee a correct identification, indexed values must form an unique identifier across the cluster.
If the same index is used by several resources, those resources might be incorrectly labeled.
+ If not provided and `spec.agent.ebpf.privileged` is `true`, secondary networks are detected automatically.
items:
properties:
index:
@@ -5392,12 +5393,10 @@ spec:
type: string
type: array
name:
- description: '`name` should match the network name as
- visible in the pods annotation ''k8s.v1.cni.cncf.io/network-status''.'
+ description: 'Deprecated: `name` is unused.'
type: string
required:
- index
- - name
type: object
type: array
type: object
diff --git a/config/crd/bases/flows.netobserv.io_flowcollectors.yaml b/config/crd/bases/flows.netobserv.io_flowcollectors.yaml
index 6c2e14ff6..c0733e1e7 100644
--- a/config/crd/bases/flows.netobserv.io_flowcollectors.yaml
+++ b/config/crd/bases/flows.netobserv.io_flowcollectors.yaml
@@ -4959,6 +4959,7 @@ spec:
Defines secondary networks to be checked for resources identification.
To guarantee a correct identification, indexed values must form an unique identifier across the cluster.
If the same index is used by several resources, those resources might be incorrectly labeled.
+ If not provided and `spec.agent.ebpf.privileged` is `true`, secondary networks are detected automatically.
items:
properties:
index:
@@ -4975,11 +4976,10 @@ spec:
type: string
type: array
name:
- description: '`name` should match the network name as visible in the pods annotation ''k8s.v1.cni.cncf.io/network-status''.'
+ description: 'Deprecated: `name` is unused.'
type: string
required:
- index
- - name
type: object
type: array
type: object
diff --git a/docs/FlowCollector.md b/docs/FlowCollector.md
index 8d2dbca5b..d50b5778a 100644
--- a/docs/FlowCollector.md
+++ b/docs/FlowCollector.md
@@ -8724,7 +8724,8 @@ By convention, some values are forbidden. It must be greater than 1024 and diffe
Defines secondary networks to be checked for resources identification.
To guarantee a correct identification, indexed values must form an unique identifier across the cluster.
-If the same index is used by several resources, those resources might be incorrectly labeled.
+If the same index is used by several resources, those resources might be incorrectly labeled.
+If not provided and `spec.agent.ebpf.privileged` is `true`, secondary networks are detected automatically.
|
false |
@@ -10500,9 +10501,9 @@ Fields absent from the 'k8s.v1.cni.cncf.io/network-status' annotation must not b
name |
string |
- `name` should match the network name as visible in the pods annotation 'k8s.v1.cni.cncf.io/network-status'.
+ Deprecated: `name` is unused.
|
- true |
+ false |
diff --git a/helm/crds/flows.netobserv.io_flowcollectors.yaml b/helm/crds/flows.netobserv.io_flowcollectors.yaml
index 78da58a49..7766485cb 100644
--- a/helm/crds/flows.netobserv.io_flowcollectors.yaml
+++ b/helm/crds/flows.netobserv.io_flowcollectors.yaml
@@ -4963,6 +4963,7 @@ spec:
Defines secondary networks to be checked for resources identification.
To guarantee a correct identification, indexed values must form an unique identifier across the cluster.
If the same index is used by several resources, those resources might be incorrectly labeled.
+ If not provided and `spec.agent.ebpf.privileged` is `true`, secondary networks are detected automatically.
items:
properties:
index:
@@ -4979,11 +4980,10 @@ spec:
type: string
type: array
name:
- description: '`name` should match the network name as visible in the pods annotation ''k8s.v1.cni.cncf.io/network-status''.'
+ description: 'Deprecated: `name` is unused.'
type: string
required:
- index
- - name
type: object
type: array
type: object
diff --git a/internal/controller/consoleplugin/consoleplugin_objects.go b/internal/controller/consoleplugin/consoleplugin_objects.go
index 1440baed3..c5254b853 100644
--- a/internal/controller/consoleplugin/consoleplugin_objects.go
+++ b/internal/controller/consoleplugin/consoleplugin_objects.go
@@ -478,7 +478,7 @@ func (b *builder) setFrontendConfig(fconf *cfg.FrontendConfig) error {
fconf.Features = append(fconf.Features, "udnMapping")
}
- if b.desired.Agent.EBPF.IsUDNMappingEnabled() || b.desired.Processor.HasSecondaryIndexes() {
+ if b.desired.Agent.EBPF.IsUDNMappingEnabled() || len(b.desired.GetSecondaryIndexes()) > 0 {
fconf.Features = append(fconf.Features, "multiNetworks")
}
diff --git a/internal/controller/flp/flp_pipeline_builder.go b/internal/controller/flp/flp_pipeline_builder.go
index 281989bd8..d039241fe 100644
--- a/internal/controller/flp/flp_pipeline_builder.go
+++ b/internal/controller/flp/flp_pipeline_builder.go
@@ -177,17 +177,12 @@ func (b *PipelineBuilder) addEnrichStage(previous config.PipelineBuilderStage) c
// Propagate 2dary networks config
var secondaryNetworks []api.SecondaryNetwork
- if b.desired.Processor.Advanced != nil && len(b.desired.Processor.Advanced.SecondaryNetworks) > 0 {
- for _, sn := range b.desired.Processor.Advanced.SecondaryNetworks {
- flpSN := api.SecondaryNetwork{
- Name: sn.Name,
- Index: map[string]any{},
- }
- for _, index := range sn.Index {
- flpSN.Index[strings.ToLower(string(index))] = nil
- }
- secondaryNetworks = append(secondaryNetworks, flpSN)
+ for _, sn := range b.desired.GetSecondaryIndexes() {
+ flpSN := api.SecondaryNetwork{Index: map[string]any{}}
+ for _, index := range sn.Index {
+ flpSN.Index[strings.ToLower(string(index))] = nil
}
+ secondaryNetworks = append(secondaryNetworks, flpSN)
}
if b.desired.Agent.EBPF.IsUDNMappingEnabled() {
secondaryNetworks = append(secondaryNetworks, api.SecondaryNetwork{