Release Notes

F5 Cloud-Native Network Functions (CNFs) for OpenShift - 1.2.0

New Features and Improvements

  • The configview utility can now be used to perform queries using the CRD (Custom Resource Definition) type to inspect the running TMM configuration. Refer to the Debug API guide.
  • The new Log Formats has been added for CNF CWC. Refer to the Log Formats guide.
  • The SPK Application traffic CRs have been added to the CNF release tarball to efficiently handle incoming traffic across various communication protocols. Refer to the Application traffic CRs section in the CNF CRs guide.
  • CNFs supports handling config inconsistency between controller and backend with the implementation of CR Finalizers. Refer to the Finalizers in the CNF CRs guide and the Uninstallation in the BIG-IP Controller guide.
  • In the OpenShift platform, core files are stored in the default location /var/lib/systemd/coredump, which is the default path for the systemd-coredump service.
  • CNF setup with SecureContext CRD can now discover pool members for Ingress traffic. Refer to the CR Parameters and Installation sections in the F5BigContextSecure guide.
  • Percontext DDoS enables CNF to apply DDoS protection for each application or per virtual server. Prior to this, only Global DDoS is supported to protect the BIG-IP Instance. Refer to the Global DDOS and Percontext DDoS sections in the guide.
  • CNF supports switch license in CWC. Refer to Switching License section in CNFs Licensing guide.
  • The Cert Manager section is updated with the information to configure a serviceAccount and how to add it to the privileged security context constraint (SCC) in OpenShift.

Bug Fixes

1289261 (Licensing)

When installing Cluster Wide Controller (CWC), image repository paths now need to be provided in an overrides file at deployment time.

1289249 (Licensing)

When installing RabbitMQ, image repository paths now need to be provided in an overrides file at deployment time.

1306985 (Ingress)

The status issue of applying multiple static routes is now resolved.

1286505 (Licensing)

The imagePullPolicy parameter is now configurable for rabbitmq charts.

1091169 (TMM)

The TMM container no longer fails to restart after killing the TMM process.

1089509-2 (Controller)

When an F5BigNetVlan CR is installed and the TMM container restarts, TMM now receives the network interface configuration.

1330065-2 (Toda)

The TMStatsd container now does not take several minutes to establish a connection with the Otel Service.

1359769 (Ingress)

When one of the irule has a tcl error, it fails to process the rest of the irules, and the connection gets RESET.

1319353 (DSSM)

The key is now the same at the time of session creation and deletion.

1320649 (DSSM)

In the DSSM pod now, HA bit values are seen as 00 in the PEM records.

1090249-2 (Ingress)

Virtual servers now get created on the TMM container restart.

1312117 (TMM)

CGNAT traffic no longer fails after configuring ECMP max-path.

Known Issues

1317993 (Dos)

Failure in deleting F5 CRDs

Workaround

The below are the mandated steps to be followed while cleaning up the product installations.

  1. All CR’s configured should be deleted.

    kubectl delete -f <cr-file> -n <*namespace>

  2. Then product can be uninstalled.

    helm uninstall <helm-installation-name> -n <*namespace>

  3. Then Namespace can be deleted.

    kubectl delete ns <*namespace>

  4. Then delete CRD’s.

    kubectl delete crd <crd-name>

Software upgrades

For assistance with software upgrades, refer to the Upgrading CNFs overview.

Note: The upgrade of CNF from v1.1.1 to v1.2.0 is no longer supported.

Next step

Continue to the Cluster Requirements guide to ensure the cluster has the required software components.