Release Notes

F5 Service Proxy for Kubernetes (SPK) - v1.7.2

New Features and Improvements

The SPK v1.7.2 release is a bug fix only release.

Limitations

  • Jumbo Frames - The maximum transmission unit (MTU) must be the same size on both ingress and egress interfaces. Packets over 9000 bytes are dropped.

Bug Fixes

1297729 (TMM)

When DNS/NAT46 is configured with a small subnet (example: 8 IPs), it no longer returns a sorry IP.

1297721 (Ingress)

The F5ingress controller continues configuring TMM for application pod-scale events even if any F5SPKIngressTCP CR is present with non-existent service port.

1293565 (DSSM)

The SPK DSSM deployment now supports an auto-recovery mechanism for handling scenarios of run time IP reassignment for the DB or Sentinel pods and also carries more enhance logging for troubleshooting.

Known Issues

1302781 (Ingress)

The mrfdb tool fails intermittently to get or update records from or to Redis.

Workaround:

When mrfdb tool is used continuously to get/update records from/to Redis, the request may timeout due to DNS resolution timeout. The ping to the Redis server is failing with the error “Connection failure: dial tcp: i/o timeout”. This issue is observed when multiple requests are made using mrfdb tool continuously. To workaround this, the failed request has to be retried with mrfdb tool. Alternatively, redis-cli may also be used.

1182049 (TMM)

TMM may stop processing network packets after numerous DPDK buffer allocation or DPDK transmission errors.

1076457 (Ingress)

When the F5SPKEgress CR’s dnsNat46Enabled parameter is set to enabled, the SPK Controller does not validate that a required F5SPKDnscache CR is referenced using the dnsCacheName parameter.

1135237 (TMM)

When the F5SPKIngressHTTP2 CR’s sslFileWatchMode parameter is set to SSL_FILE_WATCH_MODE_KUBERNETES_SECRET_STORE, TMM does not update the CR configuration after SSL/TLS key/certificate changes occur.

Workaround:

Set the sslFileWatchMode parameter to SSL_FILE_WATCH_MODE_FILES_IN_SHARED_VOLUME to update TMM’s running configuration when Kubernetes Secret values change. This is the default setting.

1256021 (TMM)

The tmm_cli -logLevel command no longer works to set TMM log level.

Workaround:

Edit the tmm-ini ConfigMap and modify the user_conf.tcl: section as follows:

user_conf.tcl: |
  bigdb log.tmm.level "Debug"

_images/spk_info.png Note: The changes to ConfigMap may take up to a minute to be applied.

To restore the log level configuration, replace “Debug” with “Notice” as follows:

user_conf.tcl: |    
  bigdb log.tmm.level "Notice"

Software upgrades

Use these steps to upgrade the SPK software components:

_images/spk_warn.png Important: Steps 2 through 5 should be performed together, and during a planned maintenance window.

  1. Review the New Features and Improvements section above, and integrate any updates into the existing configuration. Do not apply Custom Resource (CR) updates until after the SPK Controller has been upgraded (step 3).
  2. Follow Install the CRDs in the SPK Software guide to upgrade the CRDs. Be aware that newly applied CRDs will replace existing CRDs of the same name.
  3. Uninstall the previous version SPK Controller, and follow the Installation procedure in the SPK Controller guide to upgrade the Controller and TMM Pods. Upgrades have not yet been tested using Helm Upgrade.
  4. Once the SPK Controller and TMM Pods are available, apply any updated CR configurations (step 1) using the oc apply -f <file> command.
  5. Follow the Upgrading DNS46 entries section of the F5SPKEgress CR guide to upgrade any entries created in versions 1.4.9 and earlier.
  6. Uninstall the previous version SPK CWC, and for 1.7.0 and later installations RabbitMQ, and follow the Install RabbitMQ and Install CWC procedures in the SPK CWC guide to upgrade the Pods. Upgrades have not yet been tested using Helm Upgrade.
  7. The dSSM Databases can be upgraded at anytime using the Upgrading dSSM guide.
  8. The Fluentd Logging collector can be upgraded anytime using Helm Upgrade. Review Extract the Images in the SPK Software guide for the new Fluentd Helm chart location.

Next step

Continue to the Cluster Requirements guide to ensure the OpenShift cluster has the required software components.