Release Notes

F5 Service Proxy for Kubernetes (SPK) - v1.9.0

Breaking changes

  • The Traffic Management Microkernel (TMM) Proxy Pods now install using separate Helm Sub-Charts. This is the first step in an effort to enable single Pod upgrades, however, it requires modifications to your existing SPK Controller Helm values file. Refer to the SPK Controller section for the full set of installation instructions.

New Features and Improvements

  • The SPK CWC has been enhanced to support the qkview API to run the qkview commands. Refer to the Qkview API guide.
  • Early Access (EA): SPK supports the configuration of IngressTCP and IngressUDP using the Gateway API CRs. Refer to the Gateway API guide.
  • Early Access (EA): Multus Capture - Ability to route traffic on secondary interface on CNF Pod through SPK and apply security functions on secondary interface.
  • SPK supports switch license in CWC. Refer to Switching License section in SPK Licensing guide.

Limitations

  • Jumbo Frames - The maximum transmission unit (MTU) must be the same size on both ingress and egress interfaces. Packets over 9000 bytes are dropped.

Bug Fixes

1297913 (DSSM)

The DSSM pods are now restarted successfully post-upgrade.

Known Issues

1329369 (Licensing)

The telemetry report includes controller nodes in the vCPU count.

1407425 (TMM)

Intermittent traffic issues on OCP 4.14 after scale-down of tmm.

Workaround:

Downgrade to OCP 4.12

1403745 (TMM)

The f5-tmm pod may crash during startup on OCP 4.14.

Workaround:

Allow the f5-tmm pod to restart until it reaches “Running” status or downgrade OCP to 4.12.

1495413 (TMM)

TMM drops packets from a tagged interface when TCP Segmentation Offload (TSO) is enabled in the Linux Kernel version 4.18.0-305.65.1.el8_4.x86_64.

Workaround

Disable TSO by editing the f5ingress helm chart values.yaml file. tmm.bigdb.tcpsegmentationoffload.enabled: false

Software upgrades

Use these steps to upgrade the SPK software components:

_images/spk_warn.png Important: Steps 2 through 5 should be performed together, and during a planned maintenance window.

  1. Review the New Features and Improvements section above, and integrate any updates into the existing configuration. Do not apply Custom Resource (CR) updates until after the SPK Controller has been upgraded (step 3).
  2. Follow Install the CRDs in the SPK Software guide to upgrade the CRDs. Be aware that newly applied CRDs will replace existing CRDs of the same name.
  3. Uninstall the previous version SPK Controller, and follow the Installation procedure in the SPK Controller guide to upgrade the Controller and TMM Pods. Upgrades have not yet been tested using Helm Upgrade.
  4. Once the SPK Controller and TMM Pods are available, apply any updated CR configurations (step 1) using the oc apply -f <file> command.
  5. Follow the Upgrading DNS46 entries section of the F5SPKEgress CR guide to upgrade any entries created in versions 1.4.9 and earlier.
  6. Uninstall the previous version SPK CWC, and for 1.7.0 and later installations RabbitMQ, and follow the Install RabbitMQ and Install CWC procedures in the SPK CWC guide to upgrade the Pods. Upgrades have not yet been tested using Helm Upgrade.
  7. The dSSM Databases can be upgraded at anytime using the Upgrading dSSM guide.
  8. The Fluentd Logging collector can be upgraded anytime using Helm Upgrade. Review Extract the Images in the SPK Software guide for the new Fluentd Helm chart location.
  9. The SPK can be upgraded from v1.7.x to v1.8.2 using the Upgrading SPK guide.

Next step

Continue to the Cluster Requirements guide to ensure the OpenShift cluster has the required software components.