Cloud-Native Network Functions (CNFs) Custom Resource Definitions (CRDs) extend the Kubernetes API; enabling AFM and TMM to be configured using CNFs Custom Resources (CRs). CNFs CRs configure AFM and TMM to support low-latency 5G application traffic, and apply networking configurations such as interface IP addresses and static routes.
This document describes the available CNFs CRs, and lists them in the order they should be configured and installed.
Protection and NAT¶
Protection and NAT CRs can be referenced by Traffic Management CRs to protect applications from unauthorized and malignant network traffic.
- F5BigDdosPolicy - Denial of Service (DoS/DDoS) event detection and mitigation.
- F5BigFwPolicy - Granular stateful-flow filtering based on access control list (ACL) policies.
- F5BigIpsPolicy - Intelligent packet inspection protects applications from malignant network traffic.
- F5BigPePolicy - Intelligently control, steer, and optimize subscriber traffic.
- F5BigClassificationprofile - Enable deep packet inspection to analyze and categorize subscriber traffic.
- F5BigDownloaderPolicy - Downloads the latest IM packages to dynamically update F5BigPePolicy and F5BigClassificationprofile CRs
- F5BigNatPolicy - Carrier-grade NAT (CG-NAT) using large-scale NAT (LSN) pools.
Traffic management CRs configure TMM to provide secure application layer gateway services to remote subscribers.
- F5BigContextSecure - Full proxy TCP and UDP application layer gateway services.
- F5BigIrule - Enables F5’s powerful iRules feature for managing application traffic.
- F5BigDnsApp - High-performance DNS resolution, caching, and DNS64 translations.
- F5BigAlgFtp - File Transfer Protocol (FTP) application layer gateway services.
- F5BigAlgTftp - Trivial File Transfer Protocol (TFTP) application layer gateway services.
- F5BigAlgPptp - Point-to-Point Tunneling Protocol (PPTP) application layer gateway services.
- F5BigAlgRtsp - Real Time Streaming Protocol (RTSP) application layer gateway services.
Profiles and global settings¶
Profiles and global setting CRs can be reference by CNFs Traffic Management CRs to customize and enhance traffic processing.
- F5BigZeroratingPolicy - Part of Zero-Rating DNS solution; enabling subscribers to bypass rate limits.
- F5BigTcpSetting - TCP options to fine-tune how application traffic is managed.
- F5BigUdpSetting - UDP options to fine-tune how application traffic is managed.
- F5BigFastl4Setting - FastL4 option to fine-tune how application traffic is managed.
- F5BigCecPeGlobaloptions - Options to modify the default behavior of the F5BigPePolicy CRs.
- F5BigContextGlobal - Modifies the F5BigFwPolicy CR’s default firewall action.
Networking CRs configure TMM’s networking components such as network interfaces and static routes.
Available network management CRs:
Event logging CRs can be referenced by Traffic Management CRs to log a wide variety of application traffic events to remote logging servers.
Once a CNFs Custom Resource (CR) has been installed, you can view the status of the installation using the following command:
kubectl get <cr type> <cr name> -n <namespace>
kubectl get natpol cnf-46-nat -n cnf-gateway
NAME STATUS MESSAGE cnf-46-nat SUCCESS CR config sent to all grpc endpoints