F5BigCnePortlist¶
Overview¶
The F5BigCnePortlist Custom Resource (CR) is useful for defining larger, more complex sets of service ports, that can then be referenced by any of the Service Proxy Kubernetes (SPK) CRs:
F5BigFwPolicy - Granular packet filtering based on access control list (ACL) policies.
This document guides you through creating a simple F5BigCnePortlist.
Note: The F5BigCneAddresslist CR is useful for defining lists of IP addresses ports.
Parameters¶
The CR spec parameters used to configure the Service Proxy TMM static routing table are:
| Parameter | Description |
|---|---|
ports |
The service ports included in the port list. Port 0 is not a valid value, and is not allowed. |
portLists |
This is a string which refers to another portlist that consists of either ports or child portlists. |
Sample¶
apiVersion: "k8s.f5net.com/v1"
kind: F5BigCnePortlist
metadata:
name: "allow-5000-80"
namespace: "my-gateway"
spec:
ports:
- "5000-5500"
- "80"
portLists:
- “portList1”
- “portList2”
apiVersion: "k8s.f5net.com/v1"
kind: F5BigCnePortlist
metadata:
name: "portList1"
namespace: "my-gateway"
spec:
ports:
- "4000-4100"
- "8080"
portLists:
- “portList3”
- “portList4”
Applying F5BigCnePortlist CR¶
To apply the CR in a namespace,
Copy the sample CR into a YAML /
file. Apply the F5BigCnePortlist CR:
kubectl apply -f bnk-port-list-cr.yaml
For example: This log indicates that the F5BigCnePortlist CR was added or updated.
I0607 12:00:00.12345 1 event.go:282] Event(v1.ObjectReference{Kind:"F5PortList",
F5PortList bnk-gateway/allow-5000-80 was added/updated
Feedback¶
Provide feedback to improve this document by emailing spkdocs@f5.com.