Release Notes

F5 Cloud-Native Network Functions (CNFs) for Robin.io - 1.3.1

Bug Fixes

1602625-2

The controller is not able to get license information when RabbitMQ connection is broken after cluster upgrade.

Component: Ingress

Symptoms:

If there is a RabbitMQ communication failure, then the controller will not be able to gather the license information. The controller will not configure TMMs, thereby rendering the instance nonfunctional.

Conditions:

The Cluster Wide Controller (CWC) lost connectivity with RabbitMQ and license status is not sent to F5Ingress.

Impact:

F5Ingress is not able to push the configuration to TMM because it cannot communicate with CWC through RabbitMQ. As a result, TMM is unable to process traffic.

Workaround:

Restart CWC pod.

Fix:

The F5Ingress reads license status from a secret to fetch license information when RabbitMQ is down.

1578581-3

Cannot update configured IPv4 SNAT pool with IPv6 SNAT pool members

Component: Ingress

Symptoms: If you configure an IPv4 SNAT pool and change it to an IPv6 pool by editing the CR, then kernel routes for the IPv6 SNAT pool are not created.

Conditions: Updating SNAT pool members from IPv4 to IPv6 in F5BigCneSnatpool CR.

Impact: The IPv6 SNAT pool kernel routes are not created.

Workaround: Delete the SNAT CR with IPv4 pool members and reapply the CR with IPv6 pool members.

Fix: To update an already configured IPv4 SNAT pool to IPv6 SNAT pool, delete the existing CR with IPv4 pool, and reapply CR with IPv6 pool members.

1595053-1

Unable to delete f5-big-dns-apps CR from TMM container

Component: Ingress

Symptoms:

On DNSApp CR deletion, the configuration is not removed from TMM if ICMP or TCP monitor is enabled in the CR.

The corresponding virtual server should be deleted from the TMM, but virtual server is available.

Following are the steps to check the virtual server:

  1. Create a DNSApp CR with ICMP or TCP monitor enabled.
  2. Confirm the corresponding virtual server is created on TMM by using tmctl.
  3. Delete the CR.
  4. Confirm the corresponding virtual server is not present on TMM by using tmctl.

Conditions:

DNSApp CR deletion

Impact:

Configuration does not work for API objects that do not exist. Traffic will not work when sent to a virtual server that does not exist.

Fix:

Objects with type ltm_icmp_monitor and ltm_tcp_monitor have been replaced with the correct object type ltm_monitor.

1592133-1

CNF controller logs the error “TMM container is not in Running state” with non-default naming of TMM

Component: Ingress

Symptoms:

Controller logs show multiple entries of the error “TMM container is not in Running state”.

Conditions:

When CNF is installed with non-default TMM name in the values file.

For, example:

f5-tmm:
  tmm:
    name: <user-defined name>

Impact:

TMM is configured incorrectly, traffic disruption can occur.

Workaround:

Configure TMM with the default name. Remove name override from values file.

Fix:

Added support in the controller to support other TMM names if it is configured in the values file.

1599661

Secure Context Configuration is not applied to TMM on TMM Pod scale-up or restart.

Component: Ingress

Symptoms:

During TMM Pod scale-up or TMM Pod restart event, Secure Context configuration is not successfully applied in TMM. Virtual server statistics have the secure context in EDENY status.

Conditions:

  • Secure context CRs with or without default profiles
  • Scale-up or restart TMM Pods

Impact:

Newly brought-up TMM pods will not serve traffic.

Workaround:

Delete and apply the secure context CRs once the TMM’s secure contexts are in EDENY state.

Fix:

Always regenerate secure context protobuf during TMM Pod events.

Known Issues

1596037

After enabling blobd container, the QoS class displays Burstable message for TMM pods.

Component: CGNAT

Symptoms:

Kubernetes assigns the Burstable QOS class to a POD when a container in the pod has the resource limit more than the request value.

Conditions:

Burstable QoS Class: Kubernetes assigns the Burstable QOS class to a POD when a container in the pod has more resource limit than the request value

Impact:

TMM POD QOS class is not guaranteed.

Workaround:

In f5ingress/values.yaml file, for blobd container, set the resource limits and requests equally.

resources:
    limits:
      cpu: "1"
      memory: "4Gi"
    requests:
      cpu: "1"
      memory: "4Gi"

Software upgrades

For assistance with software upgrades, refer to the Upgrading CNFs overview.

_images/spk_info.png Note: The upgrade of CNF from previous release is not supported.

Next step

Continue to the Cluster Requirements guide to ensure the cluster has the required software components.