Last updated on: Jan 20, 2023.

Service Proxy for Kubernetes (SPK) Install

Service Proxy for Kubernetes (SPK) is a cloud-native application traffic management solution, designed for communication service provider (CoSP) 5G networks. SPK integrates F5’s containerized Traffic Management Microkernel (TMM) and Custom Resource Definitions (CRDs) into the OpenShift container platform, to proxy and load balance low-latency 5G workloads.

The deployment includes at a minimum two pods: one supports the TMM and the other manages the TMM Pod or Pods. F5 has created a custom Kubernetes operator called the SPK Controller. The Operator pattern applied to the SPK Controller is the standard for Kubernetes that allows for managing repeatable tasks such as configuring the f5-tmm container in this case.


SPK can be installed on a limited number of environments but the only supported one is OpenShift using OVN-Kubernetes where f5-tmm pod is deployed to workers with SR-IOV Network Adapters on physical worker nodes. Go through the environment validation guide below before proceeding to installing SPK.

Installing SPK

Follow the Service Proxy Integration Guide to proceed with a full SPK installation.

Take note of the following additional points assuming your are on a supported environment with SR-IOV:

  • Notice the cniNetwork values are pulled from the SriovNetwork network objects. This is how we define the interfaces available to the f5-tmm Pod. The values here point to the network-attachment-definitions that were created as a result of the SriovNetwork CRs.

  • Notice the OPENSHIFT_VFIO_RESOURCE_N variables under customEnvVars. These will define the interface to SriovNetworkNodePolicy mapping. Notice how order matters when looking at the example on step 2C from SPK Controller Helm values.

  • Be aware of the ratio of hugepages to TMM threads.

  • If you want logs going to standard out in the Pod, you can disable the f5-toda-logging block shown in 7B from SPK Controller Helm values.


  • Do not deploy your applications to the same namespace as SPK.

  • There MUST only be ONE SPK Controller installed in a single namespace; however, you can have multiple SPK Controller installations in different namespaces.

Once SPK is deployed you can login to f5-tmm pod and review some of the initial configurations, scripts and environment variables.

oc exec -it deployment/f5-tmm -c f5-tmm -n dev-spk-ingress -- bash
cd /config
cat tmm_init.tcl

Uninstall SPK Controller

In the event that you want to uninstall your SPK Controller, you must remove any Custom Resources (CRs) you have created along with all SPK components. There is not a single command that deletes all SPK resources.