Last updated on: 2024-04-23 04:45:25.
How to deploy CRDs using Non Default RouteDomains in ClusterMode¶
Prerequisites¶
- All Self IPs and VLAN interfaces must be removed.
- Remove any existing VXLAN Tunnel, VXLAN FDBs, Static Routes, and Static ARPs associated with the CIS-managed BIG-IP partition.
Objective: CIS supports RouteDomain for both multipartition and default partition (single partition) using the following procedures.
Note
CIS can support only a single RD across CRDs. If it is intended to use different RDs, best practice is to use one CIS per RD.
Configuring non-default RouteDomains¶
Below are two approaches to configure non-default Route Domains, however there may be more as well.
- Create all NET Objects (i.e. VLANs, Self IPs interfaces, Tunnel Interfaces, Tunnels, Default Tunnel Route) in the CIS-managed partition except RouteDomain. Create the RouteDomain in the Common partition. First Approach Procedure
- Create all NET Objects in the CIS-managed partition except RouteDomain, VLAN, and respective VLAN Self IPs in the Common partition. Second Approach Procedure
Note: Both approaches in this example use Cilium CNI, however the same can be applied to other CNIs as well.
First Approach Procedure¶
- Remove any existing VXLAN Tunnels, VXLAN FDBs, VXLAN Self IPs, Static Routes, and Static ARPs (if any) associated with the CIS-managed BIG-IP partition or default RouteDomain 0.
Below is the configuration on the BIG-IP after removing:
Self IPs
Route List
Tunnel List
Static ARP List
Route Domain List
2. Remove Self IPs and VLANs from the Common partition.
Self IPs
VLAN List
3. Create a non-default RouteDomain (RD5) in the Common partition. Navigate to the CIS-managed partition test and make RD5 the default RouteDomain for the test partition.
4. Create internal and external VLANs in CIS-managed BIG-IP test partition.
5. Navigate the to CIS-managed partition test and verify RD5 is attached to both internal and external VLANs.
6. Create Self IPs in the CIS-managed test partition.
7. Create the VXLAN Tunnel and VXLAN Tunnel interface under the Self IP section, and a Static Route using the test partition.
VXLAN Tunnel
Profile: fl-vxlan, Key: 2, Local Address: 10.4.0.28
VXLAN Self IP
VXLAN Static Route
- Start CIS with default-route-domain as 5.
spec:
containers:
- args:
- --bigip-partition
- test
- --bigip-url
- 10.x.x.x
- --bigip-username
- adxxx
- --bigip-password
- adxxx
- --insecure
- --custom-resource-mode=true
- --cilium-name
- /test/vxlan-tunnel-mp
- --pool-member-type
- cluster
- --default-route-domain=5
command:
- /app/bin/k8s-bigip-ctlr
image: f5networks/k8s-bigip-ctlr:2.13.0
- Create TransportServer CR.
- LTM and NET Objects are successfully pushed to the BIG-IP.
Second Approach Procedure¶
- Remove any existing VXLAN Tunnels, VXLAN FDBs, VXLAN Self IPs, Static Routes, and Static ARPs (if any) associated with the CIS-managed BIG-IP partition or default RouteDomain 0.
Below is the configuration on the BIG-IP after removing:
Self IPs
Route List
Tunnel List
Static ARP List
Route Domain List
2. Remove Self IPs from the Common partition.
Self IPs
3. Verify internal/external VLANs exist in the Common partition.
VLANs
4. Create a new RouteDomain with ID = 5 (RD5) using the Common partition and attach internal/external VLANs.
5. Navigate to CIS-managed partition test and mark RD5 as the default RouteDomain.
Select “Make this route domain the Partition Default Route Domain” for “Partition Default Route Domain” Property and Click “Update”.
6. Create Self IPs in the Common partition.
Note: append %RDid to the IP address.
7. Create the VXLAN Tunnel and VXLAN Tunnel interface under the Self IP section, and a Static Route using the test partition.
VXLAN Tunnel
Profile: fl-vxlan, Key: 2, Local Address: 10.4.0.28
VXLAN Self IP
VXLAN Static Route
- Start CIS with default-route-domain=5.
spec:
containers:
- args:
- --bigip-partition
- test
- --bigip-url
- 10.x.x.x
- --bigip-username
- adxxx
- --bigip-password
- adxxx
- --insecure
- --custom-resource-mode=true
- --cilium-name
- /test/vxlan-tunnel-mp
- --pool-member-type
- cluster
- --default-route-domain=5
command:
- /app/bin/k8s-bigip-ctlr
image: f5networks/k8s-bigip-ctlr:2.13.0
- Create a TransportServer CR.
- LTM and NET objects are successfully pushed to the BIG-IP.
CIS Logs
[centos@firm-aphid-bastion ~]$ custom_logs
2023/05/11 02:27:02 [WARNING] Creating GTM with default bigip credentials as GTM BIGIP Url or GTM BIGIP Username or GTM BIGIP Password is missing on CIS args.
2023/05/11 02:27:02 [DEBUG] [AS3] posting GET BIGIP AS3 Version request on https://10.145.65.48/mgmt/shared/appsvcs/info
2023/05/11 02:27:09 [DEBUG] [ipam] Created IPAM Custom Resource:
&{{ } {test-bigip-controller-1.test.ipam kube-system e9fca2c1-347d-4698-8477-a8889a551646 1360234 1 2023-05-11 02:27:09 +0000 UTC <nil> <nil> map[] map[] [] [] [{k8s-bigip-ctlr.real Update fic.f5.com/v1 2023-05-11 02:27:09 +0000 UTC FieldsV1 {“f:spec”:{}}}]} {[]} {[]}}
2023/05/11 02:27:09 [DEBUG] Enqueueing Endpoints: &Endpoints{ObjectMeta:{ipamas-svc kube-system 8075015a-d95a-4b9d-8ea3-2417a2fad609 1260585 0 2023-05-09 11:07:12 +0000 UTC <nil> <nil> map[app:test-ipam-controller-2] map[endpoints.kubernetes.io/last-change-trigger-time:2023-05-10T12:39:02Z] [] [] [{kube-controller-manager Update v1 2023-05-10 12:39:02 +0000 UTC FieldsV1 {“f:metadata”:{“f:annotations”:{“.”:{},”f:endpoints.kubernetes.io/last-change-trigger-time”:{}},”f:labels”:{“.”:{},”f:app”:{}}},”f:subsets”:{}}}]},Subsets:[]EndpointSubset{EndpointSubset{Addresses:[]EndpointAddress{EndpointAddress{IP:10.0.1.93,TargetRef:&ObjectReference{Kind:Pod,Namespace:kube-system,Name:test-ipam-controller-2-74ff99745f-ff848,UID:9cc0fef6-8b76-409e-b0bb-10081fa13aa7,APIVersion:,ResourceVersion:,FieldPath:,},Hostname:,NodeName:*k8s-cilium-centos8-3.pdsea.f5net.com,},},NotReadyAddresses:[]EndpointAddress{},Ports:[]EndpointPort{EndpointPort{Name:,Port:5000,Protocol:TCP,AppProtocol:nil,},},},},}
2023/05/11 02:27:09 [INFO] Enqueueing TransportServer: &{{TransportServer cis.f5.com/v1} {cr-transport-server default 0ee4d69a-5b59-4b92-a065-a06a31d3d872 1360179 1
2023-05-10 13:38:07 +0000 UTC <nil> <nil> map[f5cr:true] map[] [] [] [{Swagger-Codegen Update cis.f5.com/v1 2023-05-10 13:38:07 +0000 UTC FieldsV1 {“f:metadata”:{“f:labels”:{}},”f:spec”:{“.”:{},”f:allowVlans”:{},”f:iRules”:{},”f:ipamLabel”:{},”f:mode”:{},”f:pool”:{“.”:{},”f:monitor”:{“.”:{},”f:interval”:{},”f:targetPort”:{},”f:timeout”:{},”f:type”:{}},”f:service”:{},”f:servicePort”:{}},”f:snat”:{},”f:type”:{},”f:virtualServerPort”:{}}}} {k8s-bigip-ctlr.real Update cis.f5.com/v1 2023-05-10 13:38:51 +0000 UTC FieldsV1 {“f:status”:{“.”:{},”f:status”:{},”f:vsAddress”:{}}}} {kubectl-edit Update cis.f5.com/v1 2023-05-11 02:26:52 +0000 UTC FieldsV1 {“f:metadata”:{“f:labels”:{“f:f5cr”:{}}}}}]} { 1344 standard auto { pytest-svc-1 {0 1344 } {http 20 10 8080 } [] 0 } [] tcp [] Dev [] {{ } [] } } {10.8.128.1 Ok}}
I0511 02:27:09.615865 1 shared_informer.go:240] Waiting for caches to sync for F5 IPAMClient Controller
2023/05/11 02:27:09 [INFO] Enqueueing IPAM: &{{IPAM fic.f5.com/v1} {test-bigip-controller-1.test.ipam kube-system e9fca2c1-347d-4698-8477-a8889a551646 1360234 1 2023-05-11 02:27:09 +0000 UTC <nil> <nil> map[] map[] [] [] [{k8s-bigip-ctlr.real Update fic.f5.com/v1 2023-05-11 02:27:09 +0000 UTC FieldsV1 {“f:spec”:{}}}]} {[]} {[]}}
2023/05/11 02:27:09 [DEBUG] Processing Key: &{kube-system Service ipamas-svc 0xc0004f6750 Create}
2023/05/11 02:27:09 [DEBUG] Processing Key: &{kube-system Endpoints ipamas-svc 0xc000346e10 Create}
2023/05/11 02:27:09 [DEBUG] [ipam] Updated IPAM CR.
2023/05/11 02:27:09 [DEBUG] Finished syncing transport servers &{TypeMeta:{Kind:TransportServer APIVersion:cis.f5.com/v1} ObjectMeta:{Name:cr-transport-server GenerateName: Namespace:default SelfLink: UID:0ee4d69a-5b59-4b92-a065-a06a31d3d872 ResourceVersion:1360179 Generation:1 CreationTimestamp:2023-05-10 13:38:07 +0000 UTC DeletionTimestamp:<nil> DeletionGracePeriodSeconds:<nil> Labels:map[f5cr:true] Annotations:map[] OwnerReferences:[] Finalizers:[] ClusterName: ManagedFields:[{Manager:Swagger-Codegen Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-10 13:38:07 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:metadata”:{“f:labels”:{}},”f:spec”:{“.”:{},”f:allowVlans”:{},”f:iRules”:{},”f:ipamLabel”:{},”f:mode”:{},”f:pool”:{“.”:{},”f:monitor”:{“.”:{},”f:interval”:{},”f:targetPort”:{},”f:timeout”:{},”f:type”:{}},”f:service”:{},”f:servicePort”:{}},”f:snat”:{},”f:type”:{},”f:virtualServerPort”:{}}}} {Manager:k8s-bigip-ctlr.real Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-10 13:38:51 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:status”:{“.”:{},”f:status”:{},”f:vsAddress”:{}}}} {Manager:kubectl-edit Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-11 02:26:52 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:metadata”:{“f:labels”:{“f:f5cr”:{}}}}}]} Spec:{VirtualServerAddress: VirtualServerPort:1344 VirtualServerName: Host: HostGroup: Mode:standard SNAT:auto Pool:{Name: Path: Service:pytest-svc-1 ServicePort:{Type:0 IntVal:1344 StrVal:} NodeMemberLabel: Monitor:{Type:http Send: Recv: Interval:20 Timeout:10 TargetPort:8080 Name: Reference:} Monitors:[] Rewrite: Balance: WAF: ServiceNamespace: ReselectTries:0 ServiceDownAction: HostRewrite:} AllowVLANs:[] Type:tcp ServiceIPAddress:[] IPAMLabel:Dev IRules:[] PolicyName: PersistenceProfile: ProfileL4: DOS: BotDefense: Profiles:{TCP:{Client: Server:} UDP: HTTP: HTTP2: RewriteProfile: PersistenceProfile: LogProfiles:[] ProfileL4: ProfileMultiplex:} Partition:} Status:{VSAddress:10.8.128.1 StatusOk:Ok}} (10.860746ms)
2023/05/11 02:27:09 [DEBUG] Processing Key: &{kube-system IPAM test-bigip-controller-1.test.ipam 0xc000451600 Create}
I0511 02:27:09.716821 1 shared_informer.go:247] Caches are synced for F5 IPAMClient Controller
2023/05/11 02:27:10 [DEBUG] Processing Key: &{kube-system IPAM test-bigip-controller-1.test.ipam 0xc0002a78c0 Update}
2023/05/11 02:27:10 [INFO] Enqueueing Updated IPAM: &{{ } {test-bigip-controller-1.test.ipam kube-system e9fca2c1-347d-4698-8477-a8889a551646 1360239 2 2023-05-11 02:27:09 +0000 UTC <nil> <nil> map[] map[] [] [] [{k8s-bigip-ctlr.real Update fic.f5.com/v1 2023-05-11 02:27:09 +0000 UTC FieldsV1 {“f:spec”:{“.”:{},”f:hostSpecs”:{}}}} {f5-ipam-controller Update fic.f5.com/v1 2023-05-11 02:27:10 +0000 UTC FieldsV1 {“f:status”:{“.”:{},”f:IPStatus”:{}}}}]} {[0xc0000b2f90]} {[0xc0006fe500]}}
2023/05/11 02:27:10 [DEBUG] Finished syncing transport servers &{TypeMeta:{Kind:TransportServer APIVersion:cis.f5.com/v1} ObjectMeta:{Name:cr-transport-server GenerateName: Namespace:default SelfLink: UID:0ee4d69a-5b59-4b92-a065-a06a31d3d872 ResourceVersion:1360179 Generation:1 CreationTimestamp:2023-05-10 13:38:07 +0000 UTC DeletionTimestamp:<nil> DeletionGracePeriodSeconds:<nil> Labels:map[f5cr:true] Annotations:map[] OwnerReferences:[] Finalizers:[] ClusterName: ManagedFields:[{Manager:Swagger-Codegen Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-10 13:38:07 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:metadata”:{“f:labels”:{}},”f:spec”:{“.”:{},”f:allowVlans”:{},”f:iRules”:{},”f:ipamLabel”:{},”f:mode”:{},”f:pool”:{“.”:{},”f:monitor”:{“.”:{},”f:interval”:{},”f:targetPort”:{},”f:timeout”:{},”f:type”:{}},”f:service”:{},”f:servicePort”:{}},”f:snat”:{},”f:type”:{},”f:virtualServerPort”:{}}}} {Manager:k8s-bigip-ctlr.real Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-10 13:38:51 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:status”:{“.”:{},”f:status”:{},”f:vsAddress”:{}}}} {Manager:kubectl-edit Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-11 02:26:52 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:metadata”:{“f:labels”:{“f:f5cr”:{}}}}}]} Spec:{VirtualServerAddress: VirtualServerPort:1344 VirtualServerName: Host: HostGroup: Mode:standard SNAT:auto Pool:{Name: Path: Service:pytest-svc-1 ServicePort:{Type:0 IntVal:1344 StrVal:} NodeMemberLabel: Monitor:{Type:http Send: Recv: Interval:20 Timeout:10 TargetPort:8080 Name: Reference:} Monitors:[] Rewrite: Balance: WAF: ServiceNamespace: ReselectTries:0 ServiceDownAction: HostRewrite:} AllowVLANs:[] Type:tcp ServiceIPAddress:[] IPAMLabel:Dev IRules:[] PolicyName: PersistenceProfile: ProfileL4: DOS: BotDefense: Profiles:{TCP:{Client: Server:} UDP: HTTP: HTTP2: RewriteProfile: PersistenceProfile: LogProfiles:[] ProfileL4: ProfileMultiplex:} Partition:} Status:{VSAddress:10.8.128.1 StatusOk:Ok}} (5.870146ms)
2023/05/11 02:27:10 [DEBUG] [AS3] posting request to https://10.145.65.48/mgmt/shared/appsvcs/declare/test
2023/05/11 02:27:19 [DEBUG] [AS3] Response from BIG-IP: code: 200 — tenant:test — message: success
- Create Virtual Server CR.
- CIS successfully learns the new VS CR, populating the BIG-IP.
CIS Logs
2023/05/11 02:34:35 [DEBUG] Processing Key: &{kube-system IPAM test-bigip-controller-1.test.ipam 0xc00064c840 Update}
2023/05/11 02:34:35 [INFO] Enqueueing Updated IPAM: &{{ } {test-bigip-controller-1.test.ipam kube-system e9fca2c1-347d-4698-8477-a8889a551646 1361127 3 2023-05-11 02:27:09 +0000 UTC <nil> <nil> map[] map[] [] [] [{f5-ipam-controller Update fic.f5.com/v1 2023-05-11 02:27:10 +0000 UTC FieldsV1 {“f:status”:{}}} {k8s-bigip-ctlr.real Update fic.f5.com/v1 2023-05-11 02:34:34 +0000 UTC FieldsV1 {“f:spec”:{“.”:{},”f:hostSpecs”:{}}}} {f5-ipam-controller Update fic.f5.com/v1 2023-05-11 02:34:35 +0000 UTC FieldsV1 {“f:status”:{“f:IPStatus”:{}}}}]} {[0xc000998fc0 0xc000998ff0]} {[0xc0007d0640 0xc0007d0680]}}
2023/05/11 02:34:35 [DEBUG] Finished syncing virtual servers &{TypeMeta:{Kind: APIVersion:} ObjectMeta:{Name:cr-vs-foo-svc-1 GenerateName: Namespace:default SelfLink: UID:1101e219-997b-40ef-bb3c-ccdd77c2b003 ResourceVersion:1361125 Generation:1 CreationTimestamp:2023-05-10 14:25:24 +0000 UTC DeletionTimestamp:<nil> DeletionGracePeriodSeconds:<nil> Labels:map[f5cr:true] Annotations:map[] OwnerReferences:[] Finalizers:[] ClusterName: ManagedFields:[{Manager:Swagger-Codegen Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-10 14:25:24 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:metadata”:{“f:labels”:{}},”f:spec”:{“.”:{},”f:allowVlans”:{},”f:host”:{},”f:httpTraffic”:{},”f:iRules”:{},”f:ipamLabel”:{},”f:partition”:{},”f:pools”:{},”f:snat”:{},”f:tlsProfileName”:{}}}} {Manager:k8s-bigip-ctlr.real Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-10 14:25:33 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:status”:{“.”:{},”f:status”:{},”f:vsAddress”:{}}}} {Manager:kubectl-edit Operation:Update APIVersion:cis.f5.com/v1 Time:2023-05-11 02:34:34 +0000 UTC FieldsType:FieldsV1 FieldsV1:{“f:metadata”:{“f:labels”:{“f:f5cr”:{}}}}}]} Spec:{Host:foo.com HostGroup: VirtualServerAddress: AdditionalVirtualServerAddresses:[] IPAMLabel:Test VirtualServerName: VirtualServerHTTPPort:0 VirtualServerHTTPSPort:0 Pools:[{Name: Path:/ Service:svc-1 ServicePort:{Type:0 IntVal:80 StrVal:} NodeMemberLabel: Monitor:{Type:http Send:/ Recv: Interval:20 Timeout:10 TargetPort:0 Name: Reference:} Monitors:[] Rewrite: Balance: WAF: ServiceNamespace: ReselectTries:0 ServiceDownAction: HostRewrite:}] TLSProfileName:cr-tls-foo-svc-1 HTTPTraffic:none SNAT:auto WAF: RewriteAppRoot: AllowVLANs:[] IRules:[] ServiceIPAddress:[] PolicyName: PersistenceProfile: ProfileMultiplex: DOS: BotDefense: Profiles:{TCP:{Client: Server:} UDP: HTTP: HTTP2: RewriteProfile: PersistenceProfile: LogProfiles:[] ProfileL4: ProfileMultiplex:} AllowSourceRange:[] HttpMrfRoutingEnabled:false Partition:test} Status:{VSAddress:10.9.0.1 StatusOk:Ok}} (5.634555ms)
2023/05/11 02:34:35 [DEBUG] [AS3] posting request to https://10.145.65.48/mgmt/shared/appsvcs/declare/test
2023/05/11 02:34:43 [DEBUG] [AS3] Response from BIG-IP: code: 200 — tenant:test — message: success
Cluster Information
(systest-venv) [centos@firm-aphid-bastion ~]$ kubectl get nodes -owide
| NAME | STATUS | ROLES | AGE | VERSION | INTERNAL-IP | EXTERNAL-IP | OS-IMAGE | KERNEL-VERSION | CONTAINER-RUNTIME | |
|---|---|---|---|---|---|---|---|---|---|---|
| k8s-cilium-centos8-1.pdsea.f5net.com | Ready | control-plane | 7d20h | v1.27.1 | 10.4.2.0 | <none> | CentOS Linux 8 (Core) | 5.4.242-1.el8.elrepo.x86_64 | containerd://1.6.20 | |
| k8s-cilium-centos8-2.pdsea.f5net.com | Ready | <none> | 7d20h | v1.27.1 | 10.4.2.158 | <none> | CentOS Linux 8 (Core) | 5.4.242-1.el8.elrepo.x86_64 | containerd://1.6.20 | |
| k8s-cilium-centos8-3.pdsea.f5net.com | Ready | <none> | 7d20h | v1.27.1 | 10.4.1.65 | <none> | CentOS Linux 8 (Core) | 5.4.242-1.el8.elrepo.x86_64 | containerd://1.6.20 | |
(systest-venv) [centos@firm-aphid-bastion ~]$ kubectl get pods -owide
| NAME | READY | STATUS | RESTARTS | AGE | IP | NODE | NOMINATED NODE | READINESS GATES |
|---|---|---|---|---|---|---|---|---|
| pytest-svc-1-5f6fd5b76c-rpg7b | 1/1 | Running | 0 | 45h | 10.0.2.110 | k8s-cilium-centos8-2.pdsea.f5net.com | <none> | <none> |
| svc-1-6b4ff4bf47-rgxjp | 1/1 | Running | 0 | 11h | 10.0.2.117 | k8s-cilium-centos8-2.pdsea.f5net.com | <none> | <none> |
(systest-venv) [centos@firm-aphid-bastion ~]$ kubectl get svc
| NAME | TYPE | CLUSTER-IP | EXTERNAL-IP | PORT(S) | AGE |
|---|---|---|---|---|---|
| kubernetes | ClusterIP | 10.96.0.1 | <none> | 443/TCP | 7d20h |
| pytest-svc-1 | NodePort | 10.96.133.168 | <none> | 1344:30982/TCP,8080:31835/TCP | 45h |
| svc-1 | NodePort | 10.104.85.86 | <none> | 80:32082/TCP | 12h |
(systest-venv) [centos@firm-aphid-bastion ~]$ kubectl get ep
| NAME | ENDPOINTS | AGE |
|---|---|---|
| kubernetes | 10.4.2.0:6443 | 7d20h |
| pytest-svc-1 | 10.0.2.110:1344,10.0.2.110:8080 | 45h |
| svc-1 | 10.0.2.117:80 | 12h |
(systest-venv) [centos@firm-aphid-bastion ~]$ kubectl get ts,vs,tls
| NAME | VIRTUALSERVERADDRESS | VIRTUALSERVERPORT | POOL | POOLPORT | IPAMLABEL | IPAMVSADDRESS | STATUS | AGE |
|---|---|---|---|---|---|---|---|---|
| transportserver.cis.f5.com/cr-transport-server | 1344 | pytest-svc-1 | 1344 | Dev | 10.8.128.1 | Ok | 13h |
| NAME | HOST | TLSPROFILENAME | HTTPTRAFFIC | IPADDRESS | IPAMLABEL | IPAMVSADDRESS | STATUS | AGE |
|---|---|---|---|---|---|---|---|---|
| virtualserver.cis.f5.com/cr-vs-foo-svc-1 | foo.com | cr-tls-foo-svc-1 | none | Test | 10.9.0.1 | Ok | 12h |
| NAME | AGE |
|---|---|
| tlsprofile.cis.f5.com/cr-tls-foo-svc-1 | 12h |
(systest-venv) [centos@firm-aphid-bastion ~]$ kubectl get ciliumnodes.cilium.io
| NAME | AGE |
|---|---|
| k8s-cilium-centos8-1.pdsea.f5net.com | 7d20h |
| k8s-cilium-centos8-2.pdsea.f5net.com | 7d20h |
| k8s-cilium-centos8-3.pdsea.f5net.com | 7d20h |
(systest-venv) [centos@firm-aphid-bastion ~]$