Release Notes

F5 Cloud-Native Network Functions (CNFs) for - 1.2.1

Breaking changes

  • The Traffic Management Microkernel (TMM) Proxy Pods now install using separate Helm Sub-Charts. This is the first step in an effort to enable single Pod upgrades, however, it requires modifications to your existing BIG-IP Controller Helm values file. Refer to the BIG-IP Controller section for the full set of installation instructions.

New Features and Improvements

  • The new F5BigCneIrule CR has been added to support one or multiple iRules within F5BigContextSecure or any other usecase CRs (example: DNS Virtual Server and F5BigAlgFTP). Refer to the F5BigCneIrule section for more information.
  • The new F5BigCneZone CR has been added to support source/destination VLAN Zones as rule-matching criteria in the AFM ACL Policy Rules. Refer to F5BigCneZone section for more information.
  • The new F5BigFwRulelist CR has been added to support rule-lists in the AFM ACL Policy. Refer to the F5BigRulelist section for more information.
  • The new F5BigDohApp CR has been added to provide high-performance DNS resolution, caching and DNS64 translation mapping over secure HTTPS connections. Refer to the F5BigDohApp section for more information.
  • CNFs supports the CRD conversion webhook, which handles the automatic conversion of multiple CRD versions based on the specified namespace and version in the cluster, without affecting existing CRs. Refer to the CRD Conversion Webhook section for more information.
  • Monitor support has been added for the HSL publisher pool. Refer to the F5BigLogHslpub section for more information.
  • Downloader Pod now supports only offline mode. Refer to the BIG-IP Controller section for more information.
  • CNFs supports the f5nxtctl BIGIP Next Control command line tool to abstract and automate the installation and verification of f5-specific components, such as Cert Manager, CWC, RabbitMQ, CRD-Conversion, northbound certificates, curl/Postman commands, and specific services, in a short amount of time. Refer to CNFs Installer section for more information.

Bug Fixes

1475133 (Ingress)

The missing commas in the logprofile handler are now resolved.

1472745 (TMM)

TMM no longer crashes when an HSL pool member goes down.

1409193 (Downloader)

The downloader crash loop on the Robin platform has been resolved.

1289261 (Licensing)

When installing Cluster Wide Controller (CWC), image repository paths now need to be provided in an overrides file at deployment time.

1289249 (Licensing)

When installing RabbitMQ, image repository paths now need to be provided in an overrides file at deployment time.

1306985 (Ingress)

The status issue of applying multiple static routes is now resolved.

1286505 (Licensing)

The imagePullPolicy parameter is now configurable for rabbitmq charts.

1091169 (TMM)

The TMM container no longer fails to restart after killing the TMM process.

1089509-2 (Controller)

When an F5BigNetVlan CR is installed and the TMM container restarts, TMM now receives the network interface configuration.

1330065-2 (Toda)

The TMStatsd container now does not take several minutes to establish a connection with the Otel Service.

1359769 (Ingress)

When one of the irule has a tcl error, it fails to process the rest of the irules, and the connection gets RESET.

1319353 (DSSM)

The key is now the same at the time of session creation and deletion.

1320649 (DSSM)

In the DSSM pod now, HA bit values are seen as 00 in the PEM records.

1090249-2 (Ingress)

Virtual servers now get created on the TMM container restart.

1312117 (TMM)

CGNAT traffic no longer fails after configuring ECMP max-path.

Known Issues

1354641-1 (TMM)

iRule stats can show in two entry rows.

1492301 (TMM)

Increase in pool member statistics for some time after HSL pool members is down.


After pool member goes down, wait for the duration of configured monitor time-out value, before starting the traffic.

Software upgrades

For assistance with software upgrades, refer to the Upgrading CNFs overview.

_images/spk_info.png Note: The upgrade of CNF from previous release is not supported.

Next step

Continue to the Cluster Requirements guide to ensure the cluster has the required software components.