F5BigCnePortlist

Overview

The F5BigCnePortlist Custom Resource (CR) is useful for defining larger, more complex sets of service ports, that can then be referenced by any of the Service Proxy Kubernetes (SPK) CRs:

• F5BigFwPolicy - Granulalar packet filtering based on access control list (ACL) policies.

This document guides you through creating a simple F5BigCnePortlist.

Note: The F5BigCneAddresslist CR is useful for defining lists of IP addresses ports.

Parameters

The CR spec parameters used to configure the Service Proxy TMM static routing table are:

Parameter	Description
ports	The service ports included in the port list. Port 0 is not a valid value, and is not allowed.
portLists	This is a string which refers to another portlist that consists of either ports or child portlists.

Requirements

Ensure you have:

• Have a Linux based workstation.

Installation

Use the following steps to install the F5BigCnePortlist CR:

Tip: Open a second shell to view the BIG-IP Next for Kubernetes Event Logs while installing.

1. Copy the example CR into a YAML file:

   apiVersion: "k8s.f5net.com/v1"
   kind: F5BigCnePortlist
   metadata:
      name: "allow-5000-80"
      namespace: "gateway"
   spec:
      ports:
        - "5000-5500"
        - "80"
      portLists:
        -	“portList1”
        -	“portList2”
   apiVersion: "k8s.f5net.com/v1"
   kind: F5BigCnePortlist
   metadata:
      name: "portList1"
      namespace: "gateway"
   spec:
      ports:
        - "4000-4100"
        - "8080"
      portLists:
        -	“portList3”
        -	“portList4”
   

2. Install the F5BigCnePortlist CR:

   kubectl apply -f spk-port-list.yaml
   

   In this example, the BIG-IP Controller logs indicate the F5BigCneAddresslist CR was added/updated:

   I0607 12:00:00.12345   1 event.go:282] Event(v1.ObjectReference{Kind:"F5PortList", 
   F5PortList gateway/allow-5000-80 was added/updated
   

Feedback

Provide feedback to improve this document by emailing spkdocs@f5.com.