CNF Fixes and Known Issues¶
This list highlights fixes and known issues for this CNF release.
Version: 2.0.2
Build: 2.0.2
Note: This content is current as of the software release date
Updates to bug information occur periodically. For the most up-to-date bug data, see Bug Tracker.
| ID Number | Severity | Links to More Info | Description |
| 1968141-1 | 3-Major | Traffic interruption after f5ingress restart when using bonded VLANs |
Cumulative fix details for CNFs v2.0.2 that are included in this release
1968141-1 : Traffic interruption after f5ingress restart when using bonded VLANs.
Component: SPK
Symptoms:
After the f5ingress restarts, TMM pods may fail to pass traffic. This happens because bonded VLAN interfaces may be sent to TMM in a different order upon restart. The non-deterministic naming of bonded interfaces can cause internal conflicts in TMM, leading to traffic interruptions.
Conditions:
When using VLANs on bonded interfaces and f5ingress has recently been restarted.
Impact:
Traffic will not pass through TMM on the affected interfaces, causing loss of connectivity for applications using those VLANs.
Workaround:
To reduce the chance of this issue, apply VLANs in alphabetical order during initial configuration, and wait for each to reach a successful status before applying the next.
Fix:
The fix changes the algorithm used to name the bonded interface configuration to be deterministic.
Previously, bonded interfaces were named sequentially as trunk1, trunk2, etc. Now, the naming follows a consistent pattern like trunk-1-1_1-2, trunk-1-3_1-4, which aligns with the sorted order of the interfaces.
Upgrade instructions:
When upgrading from a version without this fix to a version with this fix:
- Upgrade the f5ingress first. During this step, expect a temporary traffic interruption on the TMM pods.
- After the old f5ingress pod is fully replaced, upgrade the TMM pods.
- The new TMM pods will restore traffic, and future f5ingress restarts will no longer cause traffic interruptions.
Known Issues in CNF v2.0.2
CNF Issues
| ID Number | Severity | Links to More Info | Description |
| 1991621-2 | 2-Critical | BT1991621 | Traffic drops (ingress and egress) observed during SPK upgrade from version 2.0.1 to 2.0.2 |
| 1991337-2 | 2-Critical | BT1991337 | Internal interface annotations missing from TMM after F5Ingress re-installation with MEG enabled and ICNI2.0 disabled |
| 1991853-2 | 2-Critical | TMM crash occurs during the modification of VLAN Custom Resources (CRs) |
Known Issue details for CNF v2.0.2
1991621-2 : Traffic drops (ingress and egress) observed during SPK upgrade from version 2.0.1 to 2.0.2
Component: SPK
Symptoms:
To ensure a deterministic name for the internal trunk object, the internal trunk ID format has been updated. This improvement enhances the TMM (dataplane) configuration process, ensuring consistent behavior across data plane and control plane (F5Ingress controller) restarts.
However, this change may lead to traffic disruption during the upgrade from a version using the old ID format to one using the new format. The disruption occurs during the upgrade window when the new F5Ingress controller starts and reconfigures the old TMMs. The updated configuration, which uses the new trunk ID format, conflicts with the existing configuration on the old TMMs, causing traffic failures.
Traffic is restored once the old TMMs are upgraded to the new version, resolving the mismatch between configurations. Once the setup is upgraded to the version using the new format, all future upgrades will not have this specific issue.
Conditions:
SPK Upgrade from versions that use the old trunk ID format for internal trunk objects to versions (v2.0.2) that use the updated trunk ID format.
Impact:
Partial network traffic disruption (traffic drop) observed during upgrade.
Workaround:
None
1991337-2 : Internal interface annotations missing from TMM after F5Ingress re-installation with MEG enabled and ICNI2.0 disabled.
Component: SPK
Symptoms:
When the F5Ingress Controller is reinstalled, the internal interface annotations needed for Multiple External Gateway (MEG) are not added to the Traffic Management Microkernel (TMM). This prevents the creation of Open Virtual Network (OVN) routes in the cluster, causing egress traffic to drop from application pods via TMM.
Conditions:
1.MEG is enabled.
2. ICNI 2.0 is disabled.
3. F5 CNE Controller is reinstalled.
Impact:
Missing internal interface annotations prevent OVN routes from being added in the OpenShift (OCP) cluster, which causes egress traffic to drop from application pods through TMM.
Workaround:
To mitigate the issue, use one of the following methods after reinstalling the F5Ingress Controller:
1. Delete the failed admin policies and reapply them.
2. Disable MEG and enable ICNI2.0.
This actions will add the OVN routes and restore egress traffic for the application pods.
1991853-2 : TMM crash occurs during the modification of VLAN Custom Resources (CRs)
Component: SPK
Symptoms:
TMM crash is observed when VLAN CRs are modified after upgrading to SPK 2.0.2.
Conditions:
When VLANs with bonded interfaces are present, and modifications are made to the VLANs.
Impact:
TMM crash resulting in traffic disruption.
Workaround:
To modify a VLAN Custom Resource (CR) with bonded interfaces, perform the following steps:
1. Delete all VLAN Custom Resources (CRs).
2. Restart the F5Ingress Controller.
3. Reapply the modified VLAN Custom Resources (CRs).
★ This issue may cause the configuration to fail to load or may significantly impact system performance after upgrade
For additional support resources and technical documentation, see:
- The F5 Technical Support website: http://www.f5.com/support/
- The MyF5 website: https://my.f5.com/manage/s/
- The F5 DevCentral website: http://community.f5.com/
Next step¶
Continue to the Cluster Requirements to ensure the cluster has the required software components.