Cluster Requirements


Prior to integrating the Service Proxy for Kubernetes (SPK) software into the OpenShift cluster, ensure the required software components are installed and properly configured for a successful integration.

_images/spk_info.png Note: SPK software supports RedHat OpenShift versions 4.7 and later.

Pod Networking

SPK relies on Single Root I/O Virtualization (SR-IOV) and the Open Virtual Network with Kubernetes (OVN-Kubernetes) CNI to support low-latency 5G workloads. To ensure the cluster supports multi-homed Pods; the ability to select either the default (overlay) CNI or the OVN-Kubernetes (underlay) CNI, review each of the sections below.

Network Operator

To properly manage cluster networking, install and configure the OpenShift Cluster Network Operator.

_images/spk_warn.png Important: OpenShift 4.8 requires configuring local gateway mode using the steps below:

  1. Create the manifest files:

    openshift-install --dir=<install dir> create cluster
  2. Create a ConfigMap in new manifest directory, and add the following YAML code:

    apiVersion: v1
    kind: ConfigMap
        name: gateway-mode-config
        namespace: openshift-network-operator
        mode: "local"
    immutable: true
  3. Create the cluster:

    openshift-install create cluster --dir=<install dir>

_images/spk_info.png The Cluster Network Operator installation on Github.

SR-IOV Interfaces

To define the SR-IOV Virtual Functions (VFs) injected into the Service Proxy Traffic Management Microkernel (TMM) container, configure the following OpenShift network objects:

  • An external and internal Network node policy.
  • An external and internal Network attachment definition.
    • Set the spoofChk parameter to off.
    • Set the trust parameter to on.
    • Set the capabilities parameter to '{"mac": true, "ips": true}'.
    • Do not set the vlan parameter, set the F5SPKVlan tag parameter.
    • Do not set the ipam parameter, set the F5SPKVlan internal parameter.

CPU Allocation

Multiprocessor servers divide memory and CPUs into multiple NUMA nodes, each having a non-shared system bus. When installing the Ingress Controller, the CPUs and SR-IOV VFs allocated to the Service Proxy TMM container must share the same NUMA node. To ensure the CPU NUMA node alignment is handled properly by the cluster, install the Performance Addon Operator and ensure the following parameters are set:

  • Set the Topology Manager Policy to single-numa-node.
  • Set the CPU Manager Policy to static in the Kubelet configuration.

Scheduler Limitations

The OpenShift Topology Manager dynamically allocates CPU resources, however, the version 4.7 Scheduler currently lacks two features required to support low-latency 5G applications:

  • Simultaneous Multi-threading (SMT), or hyper-threading awareness.
  • NUMA topology awareness.

Lacking these features, the scheduler can allocate CPUs to Numa core IDs that provide poor performance, or insufficient resources within a NUMA node. To ensure the Service Proxy TMM Pods install with sufficient Numa resources:

  • Disable SMT - To install Pods with Guaranteed QoS, each OpenShift worker node must have Simultaneous Multi-threading (SMT) disabled in the BIOS.
  • Use Labels or Node Affinity - To assign Pods to worker nodes with sufficient resources, use Labels or Node Affinity. For a brief overview of using labels, refer to the Using Node Labels guide.

Manual CPU allocation

If the OpenShift CPU management solutions are not possible, you can manually allocate TMM CPUs using the Manual CPU allocation guide.

_images/spk_warn.png Important: Manual CPU allocation is not recommended, and leads to sub-optimal performance when scaling Service Proxy TMM.

Persistent storage

The optional Fluentd logging collector, dSSM database and Traffic Management Microkernel (TMM) Debug Sidecar require an available Kubernetes persistent storage to bind to during installation.

Next step

Continue to the Getting Started guide to begin the SPK integration process.


Provide feedback to improve this document by emailing