Release Notes¶
This Limited Availability (LA) release of BIG-IP Next for Kubernetes, introduces a solution that maximizes the use of BlueField-3 (BF3) Data Processing Units (DPUs) to offload the network traffic from the Host (CPU), allowing CPU resources to be dedicated strictly to running applications.
These BIG-IP Next for Kubernetes release notes describe the features and known issues included in this release.
Known Issues¶
Refer to the Known Issues section for information about known issues in this BIG-IP Next for Kubernetes release.
New Features¶
Installation made easy with the F5 Orchestrator¶
The F5 Orchestrator is an Operator Lifecycle Manager (OLM) compliant operator designed to assist with the installation and management of F5 BIG-IP Next for Kubernetes. It converts configurations from value files used in helm charts into CRDs, making it Kubernetes native. For more information, see F5 Orchestrator.
Whole Cluster Mode¶
BIG-IP Next for Kubernetes is configurable to operate in Whole Cluster mode. This mode deploys TMM pods as a DaemonSet, where the BIG-IP Next for Kubernetes Controller functions as a single instance and provides ingress and egress for all namespaces in the cluster. For more information, see Whole Cluster Mode in BIG-IP Next for Kubernetes.
Enhanced Egress Traffic Management with Flow-Forwarding¶
Implemented the support for flow-forwarding configuration into the F5SPKEgress, F5SPKVLAN, and F5SPKSnatpool CRDs. This enables the TMM to accurately forward egress traffic to the correct TMM pod, which then delivers it to the CNF pod. For more information, see the Flow-Forwarding Architecture: Egress Traffic section in F5SPKEgress and SharedSnatAddressEnabled parameter available in F5SPKSnatpool.
Streamlined Egress Traffic with PseudoCNI¶
Added support for PseudoCNI configuration of Calico Static Route Configuration (CSRC) to the F5SPKEgress CRD, enabling the differentiation of egress traffic from different namespaces by VLAN/VXLAN ID. For more information, see the Configure PseudoCNI section in F5SPKEgress.
L4 Traffic Routing through Nvidia BlueField-3 Data Processing Units (DPUs)¶
Added support for the L4 traffic routing through BlueField-3 (BF3) Data Processing Units (DPUs), allowing direct and effective connections between applications and external ports by bypassing the TMM. For more information, see L4Route and F5SPKIngressTCP.
Crypto hardware acceleration on the Nvidia BF3 DPU¶
The F5SPKGlobalOptions CR configures the Traffic Management Microkernel (TMM) to enable or disable crypto hardware acceleration on the BF3 DPU through Data Center Operations and Communications Acceleration (DOCA) APIs. By default, this feature is disabled. For more information, see F5SPKGlobalOptions.
Support for Gateway API community CRs¶
The F5 Gateway API CRs are designed and developed based on the Kubernetes Gateway API community to adhere to industry standards. BIG-IP Next for Kubernetes uses the CNE Controller to monitor and process the resources. Using F5 Orchestrator, you can now configure and deploy the Gateway API CRDs. For more information, see Gateway API
Simplified VXLAN tunnel creation for Kubernetes and TMM communication¶
The F5SPKVXLAN CR establishes a VXLAN tunnel between the Traffic Management Microkernel (TMM) and Kubernetes worker nodes. This ensures a reliable, seamless, and efficient data transmission pathway between TMM and Kubernetes worker nodes. For more information, see F5SPKVXLAN CR.