Telemetry for remote health monitoring
Telemetry is a remote health monitoring feature that collects anonymized aggregated data about your cluster, such as the health of your components and the number and types of resources in use. If you have a public cluster that runs version 4.14 or later and was provisioned on or after 28 Feb 2024, you can elect to have your own Telemetry data visible in the Red Hat Hybrid Console under your Red Hat account for your use. For more information on Telemetry, such as the type of data collected, see About Telemetry in the Red Hat OpenShift documentation.
Enabling Telemetry
To enable Telemetry, update your pull secret by adding your OpenShift access token to allow remote health reporting. The exact steps to follow depend on your cluster version and when the cluster was created. If you are not sure if your cluster has Telemetry enabled already, see Checking if Telemetry is enabled for a cluster.
For version 4.13 or earlier, or version 4.14 clusters that were created before 29 Feb 2024: If your cluster was created before 29 Feb 2024, open a support ticket and indicate that you want to enable Telemetry in your cluster. When the ticket is resolved, continue with the following steps.
For version 4.14 clusters created on or after 29 Feb 2024: Continue with the following steps.
-
Log into the Red Hat OpenShift console.
-
Navigate to Downloads > Tokens > Pull Secret and download the pull secret as a JSON file.
-
Get your current pull secret and store it in a JSON file. Consider naming the JSON file something like
pull-secret-original.json
.oc get secrets pull-secret -n openshift-config -o template='{{index .data ".dockerconfigjson"}}' | base64 -d > pull-secret-original.json
-
Append the downloaded JSON file to your existing pull secret and apply the changes to the cluster.
oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=./<downloaded-pull-secret-name>.json
-
Verify that the existing pull secret is updated. Look for the
auths
section that contains the access token.oc get secret pull-secret -n openshift-config --output="jsonpath={.data.\.dockerconfigjson}" | base64 --decode
Example
auths
section.{ "auths": { "cloud.openshift.com": { "auth": "<your_token>", "email": "<email_address>" } } }
-
For classic infrastructure, reload all worker nodes in your cluster. For VPC infrastructure, replace all worker nodes in your cluster.
-
Open the Red Hat OpenShift console and navigate to the Clusters page. Telemetry is enabled when your cluster type is
RHOIC
. Note that it might take a few minutes for the changes to reflect in the console. If you want to verify Telemetry enablement in the CLI, see Checking if Telemetry is enabled for a cluster.
Disabling Telemetry
You might want to disable this remote health reporting to comply with privacy laws, organizational standards, or data governance practices. To disable Telemetry, modify the global configuration for the cluster and reload or reboot all worker nodes on the cluster.
-
Check that the telemetry reporting pod runs in your cluster.
oc get pods -n openshift-monitoring
Example output
NAME READY STATUS RESTARTS AGE telemeter-client-7cfd7cb85-lm9dt 3/3 Running 0 4d13h ...
-
Follow the Red Hat OpenShift instructions to update the global pull secret in the cluster to disable remote health reporting.
-
To pick up the global configuration changes by reloading or rebooting the worker nodes in your cluster. reload all the worker nodes in your cluster. For VPC infrastructure, replace all worker nodes in your cluster.
- Note the ID of the worker nodes in your cluster.
ibmcloud oc worker ls -c <cluster_name_or_ID>
- For classic infrastructure, reload all the worker nodes in your cluster. For VPC infrastructure, replace all worker nodes in your cluster. Make sure to leave enough worker nodes running at the same time for you apps to avoid an outage.
- Note the ID of the worker nodes in your cluster.
-
After the worker nodes are back in a healthy state, verify that the telemetry reporting pod no longer runs in your cluster.
oc get pods -n openshift-monitoring
Checking if Telemetry is enabled for a cluster
If you are not sure whether Telemetry is already enabled for a cluster, follow these steps to see if the Telemetry configuration is present in your cluster pull secret. If the configuration is present in the pull secret, Telemetry is enabled for the cluster.
-
In the CLI, set the context for your cluster and include the
--admin
option.ibmcloud oc cluster config -c CLUSTER-ID --admin
-
Get the pull secret located in the
openshift-config
namespace. Note that this command extracts the data from the secret, base64 decodes it, and then outputs the info into a file.oc get secrets pull-secret -n openshift-config -o template='{{index .data ".dockerconfigjson"}}' | base64 -d > pull-secret.json
-
View the contents of the file. In the pull secret, look for the
cloud.openshift.com
authorization. If it exists, Telemetry is enabled on the cluster.cat pull-secret.json
Example authorization in pull secret file.
"auths": { "cloud.openshift.com": { "auth": "xyz123...", "email": "user@us.ibm.com" }