F5BigHttp2Setting¶
The F5BigHttp2Setting CR provides many options to fine-tune how Traffic Management Microkernel (TMM) handles Http2 connections. Once configured and installed, the F5BigHttp2Setting CR can be referenced by one of the CNF CRs listed in the Additional CRs section below.
This document guides you through understanding, configuring, and installing a F5BigHttp2Setting CR.
CR parameters¶
The following table describes the CR spec parameters:
| Parameter | Description |
|---|---|
activationModes |
Specifies whether to enable all HTTP2 modes, or only the Selected Modes listed in the Enabled column. |
concurrentStreamsPerConnection |
Specifies the number of outstanding concurrent requests that are allowed on a single HTTP/2 connection. The default value is 10. |
connectionIdleTimeout |
Specifies the number of seconds an HTTP2 connection is ideally open before being shut down. The default is 300 seconds. |
frameSize |
Specifies the size of data frames that HTTP2 sends to the client in bytes. The default value is 2048 bytes. Larger frame sizes improve network utilization, but can affect concurrency. |
insertHeader |
Specifies whether an HTTP header indicating the use of HTTP2 should be included in the request that goes to the server. The default value is disabled for this parameter. |
insertHeaderName |
Specifies the name of the HTTP header controlled by Insert Header. The default is X-HTTP2. |
receiveWindow |
Specifies how the HTTP2 profile performs flow control. The default value is 32 KB for this parameter. The receive window allows HTTP2 to stall individual upload streams when needed. This functionality applies to HTTP2 and to SPDY version 3. |
writeSize |
Specifies the total size of combined data frames (in bytes) that the HTTP2 sends in a single write. The default value is 16384 bytes. |
headerTableSize |
Specifies the size of the header table in bytes. The default value is 4096 bytes. |
enforceTlsRequirements |
Specifies whether the system requires TLS for communications between specified senders and recipients. |
CR Example¶
Following is an example F5BigHttp2Setting CR:
apiVersion: k8s.f5net.com/v1
kind: F5BigHttp2Setting
metadata:
name: "cnf-http2-profile"
namespace: "cnf-gateway"
spec:
concurrentStreamsPerConnection: 20
connectionIdleTimeout:400
frameSize: 4098
CR shortName¶
CR shortNames provide an easy way to view installed CRs, and their configuration parameters. The CR shortName can also be used to delete the CR instance. The F5BigHttp2Setting CR shortName is http2set.
View CR instance:
oc get http2set -n <namespace>
View CR configuration:
oc get http2set -n <namespace> -o yaml
Default profile¶
After installing the BIG-IP Controller, a default F5BigHttp2Setting CR is created in each new namespace. In this example, a default F5BigHttp2Setting CR exists in the cnf-gateway namespace:
oc get f5-big-http2-settings -n cnf-gateway
NAME
sys-default-http2
Installation¶
Following are the steps to install the F5BigHttp2Setting CR:
The example
F5BigHttp2SettingCR modifies the concurrentStreamsPerConnection sizes, connectionIdleTimeout and frameSize parameters. Copy and paste the following example to a YAML file:apiVersion: k8s.f5net.com/v1 kind: F5BigHttp2Setting metadata: name: "cnf-http2-profile" namespace: "cnf-gateway" spec: concurrentStreamsPerConnection: 20 connectionIdleTimeout:400 frameSize: 4098
Install the
F5BigHttp2SettingCR:oc apply -f cnf-http2-cr.yaml
Following is an example F5BigDnsApp CR using the HTTP2 profile.
apiVersion: "k8s.f5net.com/v1" kind: F5BigDnsApp metadata: name: "cnf-dohapp" namespace: "cnf-gateway" spec: ipProtocol: "http2" dohProtocol: "udp" destination: ipv6Address: "2002::192:168:100:202" port: 443 dns: dnsCache: "cnf-dnscache" dns64Mode: "secondary" dns64Prefix: "64:ff9b::" dns64AdditionalSectionRewrite: "v4-only" http2Settings: clientSide: "cnf-http2-profile" pool: members: - address: "2002::10:10:10:100" - address: "2002::10:10:10:101"
Install F5BigDnsApp CR, run the following command:
oc apply -f f5-cnf-dohapp.yaml
In this example, the BIG-IP Controller logs indicate the F5BigDnsApp CR was added/updated:
I0202 12:00:00:12350 1 event.go:282] Event(v1.ObjectReference{Kind:"F5DnsApp", DnsApp cnf-gateway/cnf-dohapp was added/updated
The TMM Proxy Pod can now process application traffic using the F5BigHttp2Setting CR.
Additional CRs¶
The F5BigHttp2Setting CR can be referenced by the F5BigDnsApp (High-performance DNS resolution, caching, and DNS64 translations) CR.
Feedback¶
Provide feedback to improve this document by emailing cnfdocs@f5.com.
