F5 Service Proxy for Kubernetes (SPK) - v1.3.1
Early Access Feature¶
- The maximum transmission unit (MTU) must be the same size for both ingress and egress packets.
- Packets received over 8000 bytes are dropped.
There are no bug fixes in this release.
The Ingress Controller should not allow multiple F5SPKEgress Custom Resources (CRs) to be installed in the same Project. The initial CR should require deletion, before installing a second.
The f5-tmm-routing container advertises the F5SPKEgress CR’s
dnsNat46Ipv4Subnet as a /32 network to BGP peers.
Workaround: Configure a BGP
prefixList for the IP address subnet, and set the
deny option to
true. For assistance, refer to the Advertising Snatpools section of the BGP Overview guide.
Persisted connections processed by the F5SPKIngressNGAP CR may fail or experience latency when an existing Pod Service endpoint is replaced with a new endpoint.
The Ingress Controller should not allow both IPv4 and IPv6 addresses to be configured on the Internal F5SPKVlan. This configuration causes Pod deployments to fail with OVN route errors.
External BGP peers are unable to initiate connections to the f5-tmm-routing container. External BGP peers must wait for the f5-tmm-routing container to initialize and establish the session.