Release Notes¶
F5 Cloud-Native Network Functions (CNFs) for Robin.io - 1.3.1
Bug Fixes¶
1602625-2¶
The controller is not able to get license information when RabbitMQ connection is broken after cluster upgrade.
Component: Ingress
Symptoms:
If there is a RabbitMQ communication failure, then the controller will not be able to gather the license information. The controller will not configure TMMs, thereby rendering the instance nonfunctional.
Conditions:
The Cluster Wide Controller (CWC) lost connectivity with RabbitMQ and license status is not sent to F5Ingress.
Impact:
F5Ingress is not able to push the configuration to TMM because it cannot communicate with CWC through RabbitMQ. As a result, TMM is unable to process traffic.
Workaround:
Restart CWC pod.
Fix:
The F5Ingress reads license status from a secret to fetch license information when RabbitMQ is down.
1578581-3¶
Cannot update configured IPv4 SNAT pool with IPv6 SNAT pool members
Component: Ingress
Symptoms: If you configure an IPv4 SNAT pool and change it to an IPv6 pool by editing the CR, then kernel routes for the IPv6 SNAT pool are not created.
Conditions: Updating SNAT pool members from IPv4 to IPv6 in F5BigCneSnatpool CR.
Impact: The IPv6 SNAT pool kernel routes are not created.
Workaround: Delete the SNAT CR with IPv4 pool members and reapply the CR with IPv6 pool members.
Fix: To update an already configured IPv4 SNAT pool to IPv6 SNAT pool, delete the existing CR with IPv4 pool, and reapply CR with IPv6 pool members.
1595053-1¶
Unable to delete f5-big-dns-apps CR from TMM container
Component: Ingress
Symptoms:
On DNSApp CR deletion, the configuration is not removed from TMM if ICMP or TCP monitor is enabled in the CR.
The corresponding virtual server should be deleted from the TMM, but virtual server is available.
Following are the steps to check the virtual server:
- Create a DNSApp CR with ICMP or TCP monitor enabled.
- Confirm the corresponding virtual server is created on TMM by using tmctl.
- Delete the CR.
- Confirm the corresponding virtual server is not present on TMM by using tmctl.
Conditions:
DNSApp CR deletion
Impact:
Configuration does not work for API objects that do not exist. Traffic will not work when sent to a virtual server that does not exist.
Fix:
Objects with type ltm_icmp_monitor and ltm_tcp_monitor have been replaced with the correct object type ltm_monitor.
1592133-1¶
CNF controller logs the error “TMM container is not in Running state” with non-default naming of TMM
Component: Ingress
Symptoms:
Controller logs show multiple entries of the error “TMM container is not in Running state”.
Conditions:
When CNF is installed with non-default TMM name in the values file.
For, example:
f5-tmm:
tmm:
name: <user-defined name>
Impact:
TMM is configured incorrectly, traffic disruption can occur.
Workaround:
Configure TMM with the default name. Remove name override from values file.
Fix:
Added support in the controller to support other TMM names if it is configured in the values file.
1599661¶
Secure Context Configuration is not applied to TMM on TMM Pod scale-up or restart.
Component: Ingress
Symptoms:
During TMM Pod scale-up or TMM Pod restart event, Secure Context configuration is not successfully applied in TMM. Virtual server statistics have the secure context in EDENY status.
Conditions:
- Secure context CRs with or without default profiles
- Scale-up or restart TMM Pods
Impact:
Newly brought-up TMM pods will not serve traffic.
Workaround:
Delete and apply the secure context CRs once the TMM’s secure contexts are in EDENY state.
Fix:
Always regenerate secure context protobuf during TMM Pod events.
Known Issues¶
1596037¶
After enabling blobd
container, the QoS class displays Burstable message for TMM pods.
Component: CGNAT
Symptoms:
Kubernetes assigns the Burstable QOS class to a POD when a container in the pod has the resource limit more than the request value.
Conditions:
Burstable QoS Class: Kubernetes assigns the Burstable QOS class to a POD when a container in the pod has more resource limit than the request value
Impact:
TMM POD QOS class is not guaranteed.
Workaround:
In f5ingress/values.yaml
file, for blobd
container, set the resource limits and requests equally.
resources:
limits:
cpu: "1"
memory: "4Gi"
requests:
cpu: "1"
memory: "4Gi"
Software upgrades¶
For assistance with software upgrades, refer to the Upgrading CNFs overview.
Note: The upgrade of CNF from previous release is not supported.
Next step¶
Continue to the Cluster Requirements guide to ensure the cluster has the required software components.