Release Notes

F5 Service Proxy for Kubernetes (SPK) - v1.7.1

New Features and Improvements

The SPK v1.7.1 release is a bug fix only release.

Limitations

  • Jumbo Frames - The maximum transmission unit (MTU) must be the same size on both ingress and egress interfaces. Packets over 9000 bytes are dropped.

Bug Fixes

1134241 (Ingress)

Network packets are no longer dropped, or routed incorrectly after the TMM Pod is restarted or scaled up.

1267285 (TMM)

Daemonset now supports TMM host-specific routes to send the response packets from the application pod to the correct TMM pod.

Known Issues

1235861 (Ingress)

After uninstalling an F5SPKIngressHTTP2 Custom Resource (CR), Service Proxy TMM does not delete the routing table entries of the discovered Service object Endpoints. These routes may conflict with the creation of new static routes.

Workaround:

After deleting the CR, scale the TMM Pod down, ensure the Pod terminates (is no longer running), and then scale the Pod back up.

1. oc scale deploy/f5-tmm --replicas 0
2. oc get pods 
3. oc scale deploy/f5-tmm --replicas 1

1182049 (TMM)

TMM may stop processing network packets after numerous DPDK buffer allocation or DPDK transmission errors.

1076457 (Ingress)

When the F5SPKEgress CR’s dnsNat46Enabled parameter is set to enabled, the SPK Controller does not validate that a required F5SPKDnscache CR is referenced using the dnsCacheName parameter.

1135237 (TMM)

When the F5SPKIngressHTTP2 CR’s sslFileWatchMode parameter is set to SSL_FILE_WATCH_MODE_KUBERNETES_SECRET_STORE, TMM does not update the CR configuration after SSL/TLS key/certificate changes occur.

Workaround:

Set the sslFileWatchMode parameter to SSL_FILE_WATCH_MODE_FILES_IN_SHARED_VOLUME to update TMM’s running configuration when Kubernetes Secret values change. This is the default setting.

1256021 (TMM)

The tmm_cli -logLevel command no longer works to set TMM log level.

Workaround:

Edit the tmm-ini ConfigMap and modify the user_conf.tcl: section as follows:

user_conf.tcl: |
  bigdb log.tmm.level "Debug"

_images/spk_info.png Note: The changes to ConfigMap may take up to a minute to be applied.

To restore the log level configuration, replace “Debug” with “Notice” as follows:

user_conf.tcl: |    
  bigdb log.tmm.level "Notice"

Software upgrades

Use these steps to upgrade the SPK software components:

_images/spk_warn.png Important: Steps 2 through 5 should be performed together, and during a planned maintenance window.

  1. Review the New Features and Improvements section above, and integrate any updates into the existing configuration. Do not apply Custom Resource (CR) updates until after the SPK Controller has been upgraded (step 3).
  2. Follow Install the CRDs in the SPK Software guide to upgrade the CRDs. Be aware that newly applied CRDs will replace existing CRDs of the same name.
  3. Uninstall the previous version SPK Controller, and follow the Installation procedure in the SPK Controller guide to upgrade the Controller and TMM Pods. Upgrades have not yet been tested using Helm Upgrade.
  4. Once the SPK Controller and TMM Pods are available, apply any updated CR configurations (step 1) using the oc apply -f <file> command.
  5. Follow the Upgrading DNS46 entries section of the F5SPKEgress CR guide to upgrade any entries created in versions 1.4.9 and earlier.
  6. Uninstall the previous version SPK CWC, and for 1.7.0 and later installations RabbitMQ, and follow the Install RabbitMQ and Install CWC procedures in the SPK CWC guide to upgrade the Pods. Upgrades have not yet been tested using Helm Upgrade.
  7. The dSSM Databases can be upgraded at anytime using the Upgrading dSSM guide.
  8. The Fluentd Logging collector can be upgraded anytime using Helm Upgrade. Review Extract the Images in the SPK Software guide for the new Fluentd Helm chart location.

Next step

Continue to the Cluster Requirements guide to ensure the OpenShift cluster has the required software components.