Release Notes

This page contains the release notes for F5 BIG-IP Container Ingress Services. To see older versions of the release notes, see this page.


Added Functionality

  • AS3 is the default agent. Use deployment argument --agent to configure CCCL agent.
  • Custom Resource Definition (CRD) – Alpha available with Custom resource virtual-server.
  • Added new optional deployment arguments: - --custom-resource-mode (default false) when set true processes custom resources only. - --userdefined-as3-declaration for processing user defined AS3 Config Map in CIS watched namespaces.
  • AS3 versions newer than 3.18 is required for 2.X releases.
  • CIS is now compatible with:
    • OpenShift 4.3
    • BIG-IP 15.1
    • K8S 1.18
  • Base image upgraded to UBI for CIS Container images.
  • Added Support for:
    • Multiple BIG-IP ClientSSL profiles for a Virtual Server
    • Informer based Override AS3 ConfigMap
    • UserAgent in AS3 Controls object
    • New Attributions Generator - Licensee
    • GO Modules for dependency management
    • HTTPS health monitoring for passthrough and re-encrypt routes

New RH container registry :

Bug Fixes

  • CIS handles requests sent to unknown hosts for Routes using debug messages.
  • CIS handles posting of ‘Overwriting existing entry for backend’ log message frequently when different routes configured in different namespaces.
  • Issue 1233 CIS handles ClientSSL annotation and cert/key logging issues.
  • Issue 1145, 1185, 1295 CIS handles namespace isolation for AS3 configmaps.
  • Issue 1241, 1229 CIS fetches 3.18 AS3 schema locally.
  • Issue 1191 CIS cleans AS3 managed partition when moved to CCCL as agent.
  • Issue 1162 CIS properly handles OpenShift Route admit status.
  • Issue 1160 CIS handles https redirection for ingress which accepts all common names.

Vulnerability Fixes

Task Summary
CVE Comments
CVE-2009-3555 CIS disables renegotiation for all Custom ClientSSL


  • CIS with CCCL as agent, OpenShift A/B route cannot be updated in BIG-IP versions newer than 14.1.X due to data group changes.

Next Upgrade Notes

  • From CIS 2.1, additional AS3 managed partition _AS3 will be removed.