Last updated on: January 19 2023.

F5OS-A 1.0.0 - High-Level Overview

Documents related to this feature

• CLI Reference:F5OS CLI Reference

• API Reference:F5OS API Reference

• https://github.com/rancher/k3s/blob/master/README.md

Feature Overview

The rSeries r10000 and r5000 platforms are platforms using a cloud-scale architecture running F5OS-A that are replacing the previous iSeries platforms. F5OS-A is F5OS for Appliances and is based off of K3S which is a lightweight version of K8S (Kubernetes), which provides the cloud-scale backend for container orchestration.

Feature deeper overview

The choice was made to use K3S over K8S because it is simpler and lighter weight while providing the same advantages of full blown Kubernetes.

Highlights of F5OS-A:

• Based on K3S - lightweight Kubernetes

• Container orchestration built in

• Multitenancy - not just for BIG-IP, more tenants to come

• Container native tenants are smaller and don’t require a full system to run (compared to VE’s which use a full system in an image)

• Easier to upgrade - services or OS alone, not just both at the same time

• Nuke and pave for container native tenants

• CNCF certified

• Up to 36 tenants on r10000

• Up to 26 tenants on r5000

Low-lights of F5OS-A:

• Currently only Classic BIG-IP supported - but more coming!

• Nuke and pave not recommended for Classic BIG-IP - in-place upgrades preferred

• Large software image size to download

• Single node (no blades so no multiple processing nodes)

Diagram of the platform consolidation between iSeries and rSeries platforms (with respect to iSeries 10k and 5k):

The following are the rSeries r10000 and r5000 platforms being released with the F5OS-A v1.0.0:

The rSeries platforms have changed from iSeries in the following ways:

• All FPGA datapath: Broadcom is no longer used as part of the rSeries designs and all network datapath is developed in-house.

• No Hardware Modules: rSeries no longer uses the Quest and Leonardo modules as used in iSeries, everything is built in.

• Faster ports: rSeries only uses the latest SFP28 ports (SFP28 and QSFP28) as opposed to the iSeries which uses SFP+ (SFP+ and QSFP+)

• No Neuron: Since the end of life of the Neuron chipset new designs are replacing the Neuron with FPGA based solutions.

• HVDC compliant: rSeries units are tested and certified to be HVDC compliant at release and take an HVDC PSU for the DC option.

• No Coletto Creek or Cavium: All SSL and compression operations are taken care of via the Intel QAT technology.

• F5OS-A vs BIG-IP base OS: rSeries runs the cloud-scale container orchestration F5OS base OS instead of BIG-IP, though BIG-IP is supported as a usable tenant on top of F5OS.

The rSeries platforms have the following FRU-able items:

Platform	FRU Items	Associated part #'s
r10000	Fan Tray AC PSU DC PSU U.2 SSD (x2) QSFP28 Transceiver SFP28 Transceiver	TBD
r5000	AC PSU DC PSU QSFP28 Transceiver SFP28 Transceiver	TBD

r5000 does not have a fan tray and an M.2 SSD that is only accessible by opening the unit which requires a RMA-OPT SKU to remove without voiding the warranty.

Customer use case example

A customer would be interested in using rSeries and F5OS-A when they require on-premises hardware but wish to move to a more flexible container or cloud-based architecture to mesh with existing cloud-based infrastructure.

CLI / TMSH commands

The ConfD CLI reference for F5OS-A can be found here:F5OS CLI Reference

GUI Screen Shots

For examples of the F5OS-A GUI, seeF5OS-A - System GUI

API

The API reference for F5OS-A can be found here:F5OS API Reference

New / Updated logs

Logs are located at the following locations on the filesystem:

• F5OS-A log files are stored to:/var/F5/system/log/

• Common Linux log files are stored in:/var/log/

• The log file for rsyslogd is:/var/F5/system/log/velos.log

Logging is covered in detail here:F5OS-A - system logging

Expected / Possible Problems

The following potential problems could be encountered during use of F5OS-A:

• Potentially lower performance in single CPU core tenants as compared to previous platforms as single cores have lower frequency than previous platforms (2.4 GHz vs 3.2/3.7 GHz).

• Browser caching is known to be overly aggressive and on update/upgrade can cause false data to be displayed:bugtracker ID1067765

Known Issues

**Issue:**Hard drive replacement for the r10000 will be two drives at the same time as the platform is a RAID platform but potential for different drives is already known. To avoid mismatch, replacement drives will be sent in pairs. In the event of a new drive pair being sent that is a mismatch to the currently installed drives will require a full system rebuild as the system will not allow the mismatch for the RAID and the system cannot be rebuild otherwise. In the event of mismatched drives, all configs will need to be saved for F5OS as well as all tenants, including keys and certs.

Architecture

Other things to note regarding the new rSeries and F5OS-A architecture:

• F5OS-A has a single management domain where the F5OS-C Chassis Admin and Partition Admin roles are consolidated into a single System Admin role.

• Kubernetes infrastructure is not exposed outside of the appliance in the initial release (no joining an existing K8S cluster).

• Tenants are deployed as Kubernetes Pods.

Diagram of rSeries + F5OS-A architecture components: