Release Notes

What’s New in SPK 1.8.0

Support for Canary Deployment Strategy

SPK now supports the the Canary deployment strategy for upgrading the SPK application pods to a newer version. For more information, see Canary Deployment Strategy guide.

Support for Blue-Green Deployment Strategy

This release includes Blue-Green deployment strategy for releasing new software versions. This strategy involves maintaining two identical environments, one of which is a test environment where new software is deployed. Once the test environment is thoroughly validated and confidence is built, seamlessly transitions into the role of live environment. This minimizes software downtime and simplifies rollback changes. For more information, see Blue-Green Deployment Strategy guide.

VMware Tanzu Platform Deployment Support

SPK can now be deployed on the VMware Tanzu application platform.

F5BigContextGlobal and F5BigFwPolicy CRs for Secure SPK Deployment

SPK is now deployed securely by enabling the configuration of F5BigContextGlobal and F5BigFwPolicy Custom Resources (CRs) to monitor all the ingress and egress traffic passing through it. For more information, see Secure SPK Deployment guide.

New Log Formats for TMM and SPK CWC

New Log Formats have been added for TMM and SPK CWC. For more information, see Log Formats guide.

Support for CRD Conversion Webhook

SPK supports the CRD conversion webhook, allowing automatic conversion of multiple CRD versions based on the specified namespace and version in the cluster, without changing existing CRs. For more information, see CRD Conversion Webhook guide.

Enhancements in SPK 1.8.0

Enhanced F5SPKIngressGTP Custom Resource (CR)

The F5SPKIngressGTP v2 CR now supports a category field to configure vlans to accept GTP traffic. For more information, see F5SPKIngressGTP CR overview.

Enhancements in Debug Sidecar

The bdt_cli now supports the following commands:

  • connection list: Allows you to retrieve a list of connections in the TMM.
  • connection delete: The connection delete command with filter operations only, allows you to specify specific IPs, ports, VLANS, and more using flags. This enables you to delete connections in the TMM based on defined criteria.

For more information, see Debug Sidecar guide.

Enhancements in CWC Debug REST APIs

The CWC Debug REST API now supports the following commands:

  • showconn: Allows selective viewing of connections in the TMM. This command lets you choose between filtering and wildcards, enabling you to view connections based on certain criteria or use wildcard patterns to see more connections.
  • killconn: Allows you to delete connections in the TMM based on specific criteria such as IP addresses, ports, or other attributes. This command specifically supports filter operations for deleting connections.

For more information, see Debug API guide.

Improved Configview Utility

The configview utility can now be used to perform queries using the CRD (Custom Resource Definition) type to inspect the running TMM configuration. For more information, see Debug API guide.

Support for Mellanox ConnectX-6 NICs on OpenShift v4.12

Added support for Mellanox ConnectX-6, ConnectX-6 Dx, and ConnectX-6 Lx NICs in OpenShift version 4.12. For more information, see Supported NICs section of the Cluster Requirements guide.

Improved TMM Startup Resilience with SMT Enabled

Added support to prevent TMM from failing the startup process if Simultaneous Multithreading (SMT) functionality is enabled by default. However, F5 recommends disabling the SMT functionality in BIOS for better latency and performance. For more information, see Simultaneous Multithreading (SMT) section in the CPU Allocation guide.

Configuration Consistency Management with CR Finalizers

SPK now handles configuration inconsistency between controller and backend with the implementation of CR Finalizers. For more information, see Finalizers in the SPK CRs guide and the Uninstallation in the SPK Controller guide.

Limitations

  • Jumbo Frames - The maximum transmission unit (MTU) must be the same size on both ingress and egress interfaces. Packets over 9000 bytes are dropped.

Bug Fixes

1235861 (TMM)

The static routes created by the F5SPKIngressHTTP2 CR are now deleted from TMM configuration when the CR is deleted.

1288913 (Licensing and Toda)

The docker container image.tag values for CWC, RabbitMQ and Fluentd are now displaying consistent with other helm charts.

1228477 (Licensing)

The ‘tcpdump’ Debug API command is now working as expected.

1271949 (Ingress)

The F5Ingress crashing issue has now been resolved in K8S version 1.21 or earlier.

1302225 (Ingress)

Crd-conversion can now connect to the RabbitMQ server if it is deployed in any namespace, as the Rabbitmq namespace can be defined in the crd-conversion values.

1238765 (Licensing)

ping6 and traceroute6 debug utilities are now working as expected with IPv6 address as input.

1307681 (Ingress)

CRD conversion service is now working as expected in the cluster.

1273089 (TMM)

The ‘Configviewer’ tool is no longer supported for the debug sidecar. Instead, we are now using the ‘configview’ tool.

1292621 (TMM)

The ‘tmm_cli’ tool is no longer supported for setting the TMM log level. The same command has now been added to the ‘bdt_cli’ tool.

1296749 (Licensing)

In the order of installation of SPK components, the connection issue between CWC and RabbitMQ has now been resolved.

Known Issues

1182049 (TMM)

TMM may stop processing network packets after numerous DPDK buffer allocation or DPDK transmission errors.

1076457 (Ingress)

When the F5SPKEgress CR’s dnsNat46Enabled parameter is set to enabled, the SPK Controller does not validate that a required F5SPKDnscache CR is referenced using the dnsCacheName parameter.

1135237 (TMM)

When the F5SPKIngressHTTP2 CR’s sslFileWatchMode parameter is set to SSL_FILE_WATCH_MODE_KUBERNETES_SECRET_STORE, TMM does not update the CR configuration after SSL/TLS key/certificate changes occur.

Workaround:

Set the sslFileWatchMode parameter to SSL_FILE_WATCH_MODE_FILES_IN_SHARED_VOLUME to update TMM’s running configuration when Kubernetes Secret values change. This is the default setting.

1495413 (TMM)

TMM drops packets from a tagged interface when TCP Segmentation Offload (TSO) is enabled in the Linux Kernel version 4.18.0-305.65.1.el8_4.x86_64.

Workaround

Disable TSO by editing the f5ingress helm chart values.yaml file. tmm.bigdb.tcpsegmentationoffload.enabled: false

1217229 (TMM)

Tmm_cli -logLevel command no longer works to set TMM log level.

Workaround:

Edit the “tmm-init” ConfigMap and modify the “user_conf.tcl:” section as follows:

user_conf.tcl: |
  bigdb log.tmm.level "Debug"

_images/spk_info.png Note: The changes to ConfigMap may take up to a minute to be applied.

To restore the log level configuration, replace “Debug” with “Notice” as follows:

user_conf.tcl: |    
  bigdb log.tmm.level "Notice"

Software upgrades

Use these steps to upgrade the SPK software components:

_images/spk_warn.png Important: Steps 2 through 5 should be performed together, and during a planned maintenance window.

  1. Review the New Features and Improvements section above, and integrate any updates into the existing configuration. Do not apply Custom Resource (CR) updates until after the SPK Controller has been upgraded (step 3).
  2. Follow Install the CRDs in the SPK Software guide to upgrade the CRDs. Be aware that newly applied CRDs will replace existing CRDs of the same name.
  3. Uninstall the previous version SPK Controller, and follow the Installation procedure in the SPK Controller guide to upgrade the Controller and TMM Pods. Upgrades have not yet been tested using Helm Upgrade.
  4. Once the SPK Controller and TMM Pods are available, apply any updated CR configurations (step 1) using the oc apply -f <file> command.
  5. Follow the Upgrading DNS46 entries section of the F5SPKEgress CR guide to upgrade any entries created in versions 1.4.9 and earlier.
  6. Uninstall the previous version SPK CWC, and for 1.7.0 and later installations RabbitMQ, and follow the Install RabbitMQ and Install CWC procedures in the SPK CWC guide to upgrade the Pods. Upgrades have not yet been tested using Helm Upgrade.
  7. The dSSM Databases can be upgraded at anytime using the Upgrading dSSM guide.
  8. The Fluentd Logging collector can be upgraded anytime using Helm Upgrade. Review Extract the Images in the SPK Software guide for the new Fluentd Helm chart location.

Next step

Continue to the Cluster Requirements guide to ensure the OpenShift cluster has the required software components.