Skip to content

Commit

Permalink
CIS 2.15.0 Release (#3136)
Browse files Browse the repository at this point in the history
  • Loading branch information
@charanm08
charanm08 authored Nov 15, 2023
1 parent e86dc0f commit 01c75d9
Show file tree
Hide file tree
Showing 5 changed files with 112 additions and 70 deletions.
25 changes: 14 additions & 11 deletions docs/RELEASE-NOTES.rst
View file
Original file line number Diff line number Diff line change
@@ -1,33 +1,36 @@
Release Notes for Container Ingress Services for Kubernetes & OpenShift
=======================================================================

Next Release
2.15.0
-------------

Added Functionality
```````````````````
**What's new:**
* Multi Cluster
* Support for a/b deployment custom persistence in ratio mode with cluster mode
* Support for a/b deployment custom persistence in ratio mode with cluster mode. See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/customResource/Policy/policy-with-ab-persistence.yaml>`_
* Add support for cluster AdminState. See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/multicluster/extendedConfigmap/global-spec-config-for-multicluster-with-cluster-admin-state.yaml>`_
* Next Generation Routes
* Moved from pod liveness probe based health monitor to readiness probe based health monitor for autoMonitor
* Support for new route annotation **virtual-server.f5.com/pod-concurrent-connections**, See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/next-gen-routes/routes>`_
* Moved from pod liveness probe based health monitor to readiness probe based health monitor for autoMonitor. See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/next-gen-routes/deployment/deployment-pod-with-readinessprobe.yaml>`_
* Support for new route annotation **virtual-server.f5.com/pod-concurrent-connections**, See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/next-gen-routes/routes/sample-route-with-pod-concurrent-connections-annotation.yaml>`_
* CRD
* `Issue 3062 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3062>`_: Support ConnectionMirroring in virtualserver and Transportserver CR
* `Issue 3062 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3062>`_: Support ConnectionMirroring in virtualserver and Transportserver CR, See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/VirtualServer/ConnectionMirroring/vs-with-connection-mirroring.yaml>`_
* `Issue 2963 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2963>`_: Support MinimumMonitors in virtualserver CR
* `Issue 3126 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3126>`_: VirtualServer with hostGroup and ipamLabel set returns the wrong vsAddress status
* Support for AS3 GTM agent with separate GTM server
* Support for /ready endpoint to check the CIS health
* Support for dedicated AS3 GTM agent for GTM Server
* Support for new CIS health check endpoint /ready
* Support for configuring node network CIDR for ovn-k8s CNI with staticRoutingMode.See `Documentation <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/StaticRoute>`_
* Add support for AS3 3.48.0
* CIS compatible with OpenShift 4.13, Kubernetes 1.28 and AS3 3.48
* Improved Operator support for OpenShift 4.13

Bug Fixes
````````````
* `Issue 3057 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3057>`_: Support for pool settings for reslect with policy CR.
* `Issue 3057 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3057>`_: Support for pool settings for reselect with policy CR.
* `Issue 3061 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3061>`_: Provide stable pool name in multi cluster mode
* `Issue 3079 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3079>`_: Fix logic for node not ready check
* `Issue 3073 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3073>`_: Fix AS3 config map multi port service issue
* `Issue 2985 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2985>`_: Improve CIS primary and secondary coordination
* `Issue 3066 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3066>`_: Support for a/b deployment custom persistence in CRD, nextGen routes with cluster mode
* `Issue 3066 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3066>`_: Support for a/b deployment custom persistence in CRD, nextGen routes with cluster mode. See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/customResource/Policy/policy-with-ab-persistence.yaml>`_
* `Issue 3126 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3126>`_: VirtualServer with hostGroup and ipamLabel set returns the wrong vsAddress status

Upgrade notes
``````````````
Expand Down
144 changes: 89 additions & 55 deletions docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,9 @@ spec:
snat:
type: string
pattern: '^$|^\/?[a-zA-Z]+([-A-z0-9_+]+\/)*([-A-z0-9_.:]+\/?)+$'
connectionMirroring:
type: string
enum: [ none, L4 ]
tlsProfileName:
type: string
pattern: '^[a-zA-Z]+[-A-z0-9_.:]+[A-z0-9]+$'
Expand Down Expand Up @@ -283,6 +286,11 @@ spec:
reference:
type: string
enum: [bigip]
minimumMonitors:
x-kubernetes-int-or-string: true
anyOf:
- type: integer
- type: string
reselectTries:
type: integer
minimum: 0
Expand Down Expand Up @@ -372,7 +380,7 @@ spec:
jsonPath: .metadata.creationTimestamp
subresources:
status: {}

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
Expand Down Expand Up @@ -480,7 +488,7 @@ spec:
policyName:
type: string
pattern: '^([A-z0-9-_+])*([A-z0-9])$'
mode:
mode:
type: string
enum: [standard, performance]
type:
Expand All @@ -489,6 +497,9 @@ spec:
snat:
type: string
pattern: '^$|^\/?[a-zA-Z]+([-A-z0-9_+]+\/)*([-A-z0-9_.:]+\/?)+$'
connectionMirroring:
type: string
enum: [ none, L4 ]
profiles:
type: object
properties:
Expand Down Expand Up @@ -592,25 +603,25 @@ spec:
items:
type: object
properties:
type:
type: string
enum: [ tcp, udp, http, https ]
interval:
type: integer
timeout:
type: integer
targetPort:
type: integer
name:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
reference:
type: string
enum: [bigip]
send:
type: string
recv:
type: string
type:
type: string
enum: [ tcp, udp, http, https ]
interval:
type: integer
timeout:
type: integer
targetPort:
type: integer
name:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
reference:
type: string
enum: [bigip]
send:
type: string
recv:
type: string
reselectTries:
type: integer
minimum: 0
Expand All @@ -635,8 +646,8 @@ spec:
- type: integer
- type: string
required:
- service
- servicePort
- service
- servicePort
required:
- virtualServerPort
- pool
Expand All @@ -651,37 +662,37 @@ spec:
type: string
default: Pending
additionalPrinterColumns:
- name: virtualServerAddress
type: string
description: IP address of virtualServer
jsonPath: .spec.virtualServerAddress
- name: virtualServerPort
type: integer
description: Port of virtualServer
jsonPath: .spec.virtualServerPort
- name: pool
type: string
description: Name of service
jsonPath: .spec.pool.service
- name: poolPort
type: string
description: Port of service
jsonPath: .spec.pool.servicePort
- name: ipamLabel
type: string
description: ipamLabel for transport server
jsonPath: .spec.ipamLabel
- name: IPAMVSAddress
type: string
description: IP address of transport server
jsonPath: .status.vsAddress
- name: STATUS
type: string
description: status of TransportServer
jsonPath: .status.status
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
- name: virtualServerAddress
type: string
description: IP address of virtualServer
jsonPath: .spec.virtualServerAddress
- name: virtualServerPort
type: integer
description: Port of virtualServer
jsonPath: .spec.virtualServerPort
- name: pool
type: string
description: Name of service
jsonPath: .spec.pool.service
- name: poolPort
type: string
description: Port of service
jsonPath: .spec.pool.servicePort
- name: ipamLabel
type: string
description: ipamLabel for transport server
jsonPath: .spec.ipamLabel
- name: IPAMVSAddress
type: string
description: IP address of transport server
jsonPath: .status.vsAddress
- name: STATUS
type: string
description: status of TransportServer
jsonPath: .status.status
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
subresources:
status: { }
---
Expand Down Expand Up @@ -1031,4 +1042,27 @@ spec:
enum: [ default, auto, disable ]
snat:
type: string
pattern: '^$|^\/?[a-zA-Z]+([-A-z0-9_+]+\/)*([-A-z0-9_.:]+\/?)+$'
pattern: '^$|^\/?[a-zA-Z]+([-A-z0-9_+]+\/)*([-A-z0-9_.:]+\/?)+$'
poolSettings:
type: object
properties:
reselectTries:
type: integer
minimum: 0
maximum: 65535
serviceDownAction:
type: string
slowRampTime:
type: integer
minimum: 0
maximum: 900
multiPoolPersistence:
type: object
properties:
method:
type: string
enum: [ uieSourceAddress, hashSourceAddress ]
timeOut:
type: integer
minimum: 1
default: 180
3 changes: 3 additions & 0 deletions docs/config_examples/multicluster/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -503,6 +503,9 @@ while computing the final ratio.<br>
**Note:**
* Cluster wise ratio for traffic distribution is supported in HA as well as non-HA CIS environment.
* Ratio is only supported for NextGen Routes and Virtual Server CR.
* Setting cluster adminState in conjunction with cluster ratio will affect the overall traffic distribution across clusters.
As the clusters marked as disable or offline will not receive traffic, so any ratio defined for these clusters will be rendered ineffective.
Thus, in such a scenario it's recommended to set the cluster ratio to 0 for all the clusters marked with disable/offline.

### Cluster adminState to enable/disable/offline a cluster
adminState can be provided for a cluster to dictate the state of a particular cluster.
Expand Down
8 changes: 5 additions & 3 deletions docs/upgradeProcess.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ Compatibility Matrix
| v2.13.0 | v16.0 | v1.27 | v4.12.0* | Yes | Yes | v3.45 | v0.1.9 | v0.0.4 | v0.0.25 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.13.1 | v16.0 | v1.27 | v4.12.0* | Yes | Yes | v3.45 | v0.1.9 | v0.0.4 | v0.0.25 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.14.0 | v17.0 | v1.27 | v4.12.0* | Yes | Yes | v3.45 | v0.1.9 | v0.0.4 | v0.0.26 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.15.0 | v17.0 | v1.27 | v4.12.0* | Yes | Yes | v3.48 | v0.1.9 | v0.0.4 | v0.0.26 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.15.0 | v17.0 | v1.28 | v4.13.0* | Yes | Yes | v3.48 | v0.1.9 | v0.0.4 | v0.0.27 | Red Hat Enterprise Linux release 9.1 (Plow) |

Note: For OCP version 4.12, CIS is compatible with IPv4 and dual stack IPv4.

Expand All @@ -51,7 +51,7 @@ Compatibility Matrix for Multi Cluster Support
| CIS Version | BIG-IP Version | Kubernetes Version | OpenShift Version | NodePort | SDN | OVN (Cluster Mode) | AS3 Version | CIS Chart Version |
|-------------|----------------|--------------------|-------------------|----------|-----|--------------------|-------------|-------------------|
| v2.14.0 | v16.0 | v1.27 | v4.12.0 | Yes | No | Yes | v3.45 | v0.0.26 |
| v2.15.0 | v16.0 | v1.27 | v4.12.0 | Yes | No | Yes | v3.48 | v0.0.26 |
| v2.15.0 | v16.0 | v1.28 | v4.13.0 | Yes | No | Yes | v3.48 | v0.0.27 |


CIS Features and Examples
Expand Down Expand Up @@ -344,4 +344,6 @@ Refer Release Notes for [CIS v2.13.1](https://github.com/F5Networks/k8s-bigip-ct

### **Upgrading from 2.14.0 to 2.15.0:**
* Disabled default health monitoring with routes, use autoMonitor support for NextGenRoutes. See `Example <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/next-gen-routes/configmap/extendedRouteConfigwithBaseConfigWithAutoMonitor.yaml>`_
* `Issue 777 <https://github.com/F5Networks/f5-appsvcs-extension/issues/777>`_: Cluster adminState in multiCluster mode doesn't work properly with AS3 (v3.47 and v3.48) as updating pool member adminState from enable to offline fails with 422 error with AS3 (v3.47 and v3.48). If customer needs this feature, we recommend to use AS3 v3.46 or lower on BIGIP.
* `Issue 777 <https://github.com/F5Networks/f5-appsvcs-extension/issues/777>`_: Cluster adminState in multiCluster mode doesn't work properly with AS3 (v3.47 and v3.48) as updating pool member adminState from enable to offline fails with 422 error with AS3 (v3.47 and v3.48). If customer needs this feature, we recommend to use AS3 v3.46 or lower on BIGIP.

Refer Release Notes for [CIS v2.15](https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/RELEASE-NOTES.rst)
2 changes: 1 addition & 1 deletion helm-charts/f5-bigip-ctlr/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: v1
description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr).
name: f5-bigip-ctlr
version: 0.0.26
version: 0.0.27

0 comments on commit 01c75d9

Please sign in to comment.