F5BigFastl4Setting¶
The F5BigFastl4Setting CR currently provides one option to fine-tune how Traffic Management Microkernel (TMM) handles connections. Once configured and installed, the F5BigFastl4Setting CR can then be referenced by the F5BigContextSecure Custom Resource (CR).
This document guides you through understanding, configuring and installing a simple F5BigFastl4Setting CR.
CR parameters¶
The table below describes the CR spec
parameters:
Parameter | Description |
---|---|
idleTimeout |
Specifies the number of seconds that a connection is idle before the connection is eligible for deletion: 0 to 4294967295. The default value is 300. |
CR Example¶
apiVersion: "k8s.f5net.com/v1"
kind: F5BigFastl4Setting
metadata:
name: "cnf-fastl4-optimize"
namespace: "cnf-gateway"
spec:
idleTimeout: 150
Default profile¶
After installing the BIG-IP Controller, a default F5BigFastL4Setting CR is created in each new namespace. In this example, a default F5BigFastL4Setting CR exists in the cnf-gateway namespace:
kubectl get f5-big-fastl4-settings -n cnf-gateway
NAME
sys-default-fastl4
Installation¶
Use the steps below to install the F5BigTcpSetting CR.
Copy the example F5BigTcpSetting CR modifies the idleTimeout period. Copy and paste the example into a YAML file:
apiVersion: "k8s.f5net.com/v1" kind: F5BigFastl4Setting metadata: name: "cnf-fastl4-optimize" namespace: "cnf-gateway" spec: idleTimeout: 150
Install the CR:
kubectl apply -f cnf-fastl4-cr.yaml
In this example, the BIG-IP Controller logs indicate the F5BigTcpSetting CR was added/updated:
I0202 12:00:00.12349 1 event.go:282 Event(v1.ObjectReference{Kind:"F5TcpSetting", TcpSetting cnf-gateway/cnf-tcp-optimize was added/updated
The example F5BigContextSecure CR listens for connections destined to IP addresses in the 2002::200:200:200:0/112 subnet, using any protocol, and only on the subscriber-vlan interface. The CR also references the F5BigFastl4Setting profile. Copy and paste the example into a YAML file:
apiVersion: k8s.f5net.com/v1 kind: F5BigContextSecure metadata: name: "cnf-context" namespace: "cnf-gateway" spec: ipv6destinationAddress: "2002::200:200:200:0/112" destinationPort: 0 ipProtocol: "any" profile: "fastL4" fastL4Settings: profileName: "cnf-fastl4-optimize" vlans: vlanList: - "subscriber-vlan"
Install the F5BigContextSecure CR:
kubectl apply -f f5-cnf-context.yaml
In this example, the BIG-IP Controller logs indicate the F5BigContextSecure CR was added/updated:
I0202 12:00:00:12350 1 event.go:282] Event(v1.ObjectReference{Kind:"F5SecureContext", SecureContext cnf-gateway/cnf-context was added/updated
The TMM Proxy Pod can now process application traffic using the F5BigFastl4Setting CR.
Feedback¶
Provide feedback to improve this document by emailing cnfdocs@f5.com.