Release Notes

F5 Service Proxy for Kubernetes (SPK) - v1.3.1

Early Access Feature

IPv4/IPv6 dual-stack

SPK now supports Kubernetes IPv4/IPv6 dual-stack networking.

_images/spk_info.png Note: This release supports a single Service Proxy TMM replica, and the PreferDualStack Service parameter has not been tested with the --feature-gates="IPv6DualStack=false" setting.

Improvements

SPK now supports the OpenShift Performance Addon Operator. Refer to the CPU Allocation section of the Cluster Requirements for additional information and configuration assistance.

Limitations

Jumbo Frames

  • The maximum transmission unit (MTU) must be the same size for both ingress and egress packets.
  • Packets received over 8000 bytes are dropped.

Custom Resources

New Custom Resource Definitions (CRDs) do not install over existing CRDs. To properly remove existing CRDs, refer to the CRD workaround section of the Ingress Controller installation guide.

Bug Fixes

There are no bug fixes in this release.

Known Issues

1033413 (Controller)

The Ingress Controller should not allow multiple F5SPKEgress Custom Resources (CRs) to be installed in the same Project. The initial CR should require deletion, before installing a second.

1025129 (TMM)

The f5-tmm-routing container advertises the F5SPKEgress CR’s dnsNat46Ipv4Subnet as a /32 network to BGP peers.

Workaround: Configure a BGP prefixList for the IP address subnet, and set the deny option to true. For assistance, refer to the Advertising Snatpools section of the BGP Overview guide.

1010817 (TMM)

Persisted connections processed by the F5SPKIngressNGAP CR may fail or experience latency when an existing Pod Service endpoint is replaced with a new endpoint.

992509 (Controller)

The Ingress Controller should not allow both IPv4 and IPv6 addresses to be configured on the Internal F5SPKVlan. This configuration causes Pod deployments to fail with OVN route errors.

990181 (TMM)

External BGP peers are unable to initiate connections to the f5-tmm-routing container. External BGP peers must wait for the f5-tmm-routing container to initialize and establish the session.

Next step

Continue to the Cluster Requirements guide to ensure the OpenShift cluster has the required software components.