Cloud-Native Network Functions (CNFs) Custom Resource Definitions (CRDs) extend the Kubernetes API; enabling AFM and TMM to be configured using CNFs Custom Resources (CRs). CNFs CRs configure AFM and TMM to support low-latency 5G application traffic, and apply networking configurations such as interface IP addresses and static routes.
This document describes the available CNFs CRs, and lists them in the order they should be configured and installed.
Protection and NAT¶
Protection and NAT CRs can be referenced by Traffic Management CRs to protect applications from unauthorized and malignant network traffic.
- F5BigDdosPolicy - Denial of Service (DoS/DDoS) event detection and mitigation.
- F5BigFwPolicy - Granular stateful-flow filtering based on access control list (ACL) policies.
- F5BigIpsPolicy - Intelligent packet inspection protects applications from malignant network traffic.
- F5BigNatPolicy - Carrier-grade NAT (CG-NAT) using large-scale NAT (LSN) pools.
Traffic management CRs configure TMM to provide secure application layer gateway services to remote subscribers.
- F5BigContextSecure - Full proxy TCP and UDP application layer gateway services.
- F5BigZeroratingPolicy - Part of Zero-Rating DNS solution; enabling subscribers to bypass rate limits.
- F5BigDnsApp - High-performance DNS resolution, caching, and DNS64 translations.
- F5BigAlgFtp - File Transfer Protocol (FTP) application layer gateway services.
- F5BigAlgTftp - Trivial File Transfer Protocol (TFTP) application layer gateway services.
- F5BigAlgPptp - Point-to-Point Tunneling Protocol (PPTP) application layer gateway services.
- F5BigAlgRtsp - Real Time Streaming Protocol (RTSP) application layer gateway services.
Networking CRs configure TMM’s networking components such as network interfaces and static routes.
Available network management CRs:
- F5BigNetVlan - TMM interface configuration: VLANs, Self IP addresses, MTU sizes, etc.
- F5BigCneSnatpool - Modify the source IP address of egress packets to TMM self IP address.
- F5BigNetStaticroute - TMM static routing table management.
Profiles and global settings¶
Profiles and global setting CRs can be reference by CNFs Traffic Management CRs to customize and enhance traffic processing.
- F5BigTcpSetting - TCP options to fine-tune how application traffic is managed.
- F5BigUdpSetting - UDP options to fine-tune how application traffic is managed.
- F5BigFastl4Setting - FastL4 option to fine-tune how application traffic is managed.
- F5BigContextGlobal - Modifies the default firewall rule.
Event logging CRs can be referenced by Traffic Management CRs to log a wide variety of application traffic events to remote logging servers.
- F5BigLogProfile - Specifies subscriber connection information sent to remote logging servers.
- F5BigLogHslpub - Defines remote logging server endpoints for the F5BigLogProfile.
Once a CNFs Custom Resource (CR) has been installed, you can view the status of the installation using the following command:
oc get <cr type> <cr name> -n <namespace>
oc get natpol cnf-46-nat -n cnf-gateway
NAME STATUS MESSAGE cnf-46-nat SUCCESS CR config sent to all grpc endpoints
Provide feedback to improve this document by emailing email@example.com.