Skip to content

Commit

Permalink
CIS 2.14.0 Release (#3051)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vklohiya
vklohiya authored Sep 6, 2023
1 parent 213fe00 commit 06ade0d
Show file tree
Hide file tree
Showing 5 changed files with 173 additions and 20 deletions.
44 changes: 33 additions & 11 deletions docs/RELEASE-NOTES.rst
View file
Original file line number Diff line number Diff line change
@@ -1,29 +1,51 @@
Release Notes for Container Ingress Services for Kubernetes & OpenShift
=======================================================================
Next Release

2.14.0
-------------

Added Functionality
```````````````````
**What's new:**
* Multi Cluster support
* Support for custom resources on openshift & kubernetes. See `Documentation <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/multicluster>`_ for more details.
* Support for routes on openshift. See `Documentation <https://github.com/F5Networks/k8s-bigip-ctlr/tree/master/docs/config_examples/multicluster>`_ for more details.
* Configmap
* Support AS3 logLevel and persist parameters in configmap
* Support for AS3 logLevel parameter in configmap
* Support for AS3 persist parameter in configmap
* Ingress
* Support for default pool using the single-service ingress
* CRD
* Support for default pool with VS CR. See `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/VirtualServer/defaultpool/`_
* `Issue 2785 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2785>`_: Add EDNS support for service typeLB.
* Support PERSISTENCE capability for service published through EDNS
* Wildcard domain support for EDNS
* Support Client Subnet config capability from EDNS in AS3 mode(>= AS3 v3.45)
* Support NodePortLocal mode with all CRD resources
* New log level **AS3DEBUG** to log the AS3 request & response.
* `Issue 3004 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3004>`_:Support for fallbackLbmode with EDNS CRD
* NodePortLocal mode support added with all custom resources
* Support for default pool with VS CR. See `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/VirtualServer/defaultpool/>`_
* Support for service typeLB in EDNS CR, See `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/serviceTypeLB/service-type-lb-with-hostname.yaml>`_
* Support for **persistence** capability for service published through EDNS. See `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/ExternalDNS/externaldns.yaml>`_
* Support for wildcard domain in EDNS CR. See `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/ExternalDNS/externaldns-wildcard-domain.yaml>`_
* Support for preferred client subnet in EDNS CR using AS3. See `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/ExternalDNS/externaldns-client-subnet-preferred.yaml>`_
* Support for fallbackLbmode with EDNS CR See `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/ExternalDNS/external-dns-with-lbModeFallback>`_
* Support for wildcard domain name with passthrough termination
* Helm Chart Enhancements
* Support for latest CRD schema
* New log level **AS3DEBUG** to log the AS3 request & response for AS3 mode
* CIS is now compatible with BIG-IP 17.x

Bug Fixes
````````````
* `Issue 2941 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2941>`_: Fix for services with same name in different namespaces in NodePortLocal mode
* CIS properly handles virtual server CRs with same IP address but different hostnames and traffic termination settings.
* `Issue 2785 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2785>`_: Support for wildcard domains in EDNS CR
* `Issue 2813 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2813>`_: Add EDNS support for service typeLB.
* `Issue 2850 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2850>`_: Fix for AS3 config updated every 30 seconds by CIS with default ingress backend
* `Issue 2909 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2909>`_: Fix for empty pool members when K8S API server throws any error
* `Issue 2941 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2941>`_: Fix for services with same name in different namespaces in NodePortLocal mode
* `Issue 2978 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/2978>`_: Nodes in 'NotReady' state are not removed from their pool(s) when using ServiceType LoadBalancer
* `Issue 3004 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3004>`_: ExternalDNS Global Availability Mode not working

Known Issues
`````````````
* [Multi-Cluster] Pool members are not getting populated for extended service in ratio mode
* [Multi-Cluster] CIS doesn't update pool members if service doesn't exist in primary cluster but exists in secondary cluster for Route.
* [Multi-Cluster] CIS on start up in multiCluster mode, if any external cluster kube-api server is down/not reachable, CIS does not process any valid clusters config also.
* [Multi-Cluster] CIS fails to post declaration intermittently with VS when using health monitors in ratio mode.


2.13.1
Expand Down
126 changes: 121 additions & 5 deletions docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,64 @@ spec:
trafficGroup:
type: string
pattern: '^\/([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
defaultPool:
type: object
properties:
name:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
service:
type: string
pattern: '[a-z]([-a-z0-9]*[a-z0-9])?'
servicePort:
x-kubernetes-int-or-string: true
anyOf:
- type: integer
- type: string
serviceNamespace:
type: string
pattern: '^[a-zA-Z]+([-A-z0-9_.+:])*([A-z0-9])+$'
loadBalancingMethod:
type: string
pattern: '^[a-z]+[a-z_-]+[a-z]+$'
nodeMemberLabel:
type: string
pattern: '^[a-zA-Z0-9][-A-Za-z0-9_.\/]{0,61}[a-zA-Z0-9]=[a-zA-Z0-9][-A-Za-z0-9_.]{0,61}[a-zA-Z0-9]$'
monitors:
type: array
items:
type: object
properties:
type:
type: string
enum: [ tcp, udp, http, https ]
interval:
type: integer
timeout:
type: integer
targetPort:
type: integer
name:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
reference:
type: string
enum: [ bigip ]
send:
type: string
recv:
type: string
reference:
type: string
enum: [ bigip, service ]
reselectTries:
type: integer
minimum: 0
maximum: 65535
serviceDownAction:
type: string
required:
- reference
pools:
type: array
items:
Expand All @@ -134,7 +192,7 @@ spec:
pattern: '^\/([A-z0-9-_+]+\/)*([-A-z0-9_.:]+\/?)*$'
service:
type: string
pattern: '^[a-zA-Z]+([-A-z0-9_.+])*([A-z0-9])+$'
pattern: '[a-z]([-a-z0-9]*[a-z0-9])?'
weight:
type: integer
minimum: 0
Expand All @@ -146,7 +204,7 @@ spec:
properties:
service:
type: string
pattern: '^[a-zA-Z]+([-A-z0-9_.+])*([A-z0-9])+$'
pattern: '[a-z]([-a-z0-9]*[a-z0-9])?'
serviceNamespace:
type: string
pattern: '^[a-zA-Z]+([-A-z0-9_.+:])*([A-z0-9])+$'
Expand All @@ -156,7 +214,6 @@ spec:
maximum: 256
required:
- service
- weight
loadBalancingMethod:
type: string
pattern: '^[a-z]+[a-z_-]+[a-z]+$'
Expand Down Expand Up @@ -232,6 +289,27 @@ spec:
maximum: 65535
serviceDownAction:
type: string
extendedServiceReferences:
type: array
items:
type: object
properties:
clusterName:
type: string
serviceName:
type: string
pattern: '[a-z]([-a-z0-9]*[a-z0-9])?'
namespace:
type: string
port:
x-kubernetes-int-or-string: true
anyOf:
- type: integer
- type: string
weight:
type: integer
minimum: 0
maximum: 256
virtualServerAddress:
type: string
pattern: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$'
Expand Down Expand Up @@ -472,7 +550,7 @@ spec:
pattern: '^[a-zA-Z]+([-A-z0-9_.+:])*([A-z0-9])+$'
service:
type: string
pattern: '^[a-zA-Z]+([-A-z0-9_.+])*([A-z0-9])+$'
pattern: '[a-z]([-a-z0-9]*[a-z0-9])?'
servicePort:
x-kubernetes-int-or-string: true
anyOf:
Expand Down Expand Up @@ -539,12 +617,30 @@ spec:
maximum: 65535
serviceDownAction:
type: string
extendedServiceReferences:
type: array
items:
type: object
properties:
clusterName:
type: string
serviceName:
type: string
pattern: '[a-z]([-a-z0-9]*[a-z0-9])?'
namespace:
type: string
port:
x-kubernetes-int-or-string: true
anyOf:
- type: integer
- type: string
required:
- service
- servicePort
required:
- virtualServerPort
- pool
- mode
status:
type: object
properties:
Expand Down Expand Up @@ -616,13 +712,30 @@ spec:
properties:
domainName:
type: string
pattern: '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$'
pattern: '^(([a-zA-Z0-9\*]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$'
dnsRecordType:
type: string
pattern: 'A'
loadBalanceMethod:
type: string
pattern: '^[a-z]+[a-z_-]+[a-z]+$'
clientSubnetPreferred:
type: boolean
persistenceEnabled:
type: boolean
persistCidrIpv4:
type: integer
minimum: 0
maximum: 32
persistCidrIpv6:
type: integer
minimum: 0
maximum: 128
ttlPersistence:
type: integer
format: int64
minimum: 0
maximum: 4294967295
pools:
type: array
items:
Expand All @@ -637,6 +750,9 @@ spec:
loadBalanceMethod:
type: string
pattern: '^[a-z]+[a-z_-]+[a-z]+$'
lbModeFallback:
type: string
pattern: '^[a-z]+[a-z_-]+[a-z]+$'
order:
type: integer
ratio:
Expand Down
2 changes: 1 addition & 1 deletion docs/config_examples/multicluster/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# OpenShift/Kubernetes Multi-Cluster

This page documents a new feature in CIS for Multi-Cluster. To provide feedback on Container Ingress Services or this documentation, please file a [GitHub Issue](https://github.com/F5Networks/k8s-bigip-ctlr/issues)
This page documents the multi cluster support in CIS. Check the Known Issues section for more information on features not supported.

## Contents

Expand Down
19 changes: 17 additions & 2 deletions docs/upgradeProcess.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ Refer to the [Release Notes](https://github.com/F5Networks/k8s-bigip-ctlr/blob/m
Latest [RBAC](https://raw.githubusercontent.com/F5Networks/k8s-bigip-ctlr/master/docs/config_examples/rbac/clusterrole.yaml) and [CR Schema](https://raw.githubusercontent.com/F5Networks/k8s-bigip-ctlr/master/docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml)

Compatibility Matrix
-------------
--------------------

| CIS Version | BIG-IP Version | Kubernetes Version | OpenShift Version | SDN | OVN (Cluster Mode) | AS3 Version | FIC Version | FIC Chart Version | CIS Chart Version | OS Version |
|-------------|----------------|--------------------|---------------------------------------------------------------|-----|--------------------|-------------|-------------|-------------------|-------------------|-----------------------------------------------------|
Expand Down Expand Up @@ -39,11 +39,21 @@ Compatibility Matrix
| v2.12.0 | v16.0 | v1.24 | v4.11.1 | Yes | Yes | v3.41 | v0.1.9 | v0.0.4 | v0.0.24 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.12.1 | v16.0 | v1.24 | v4.12.0* | Yes | Yes | v3.41 | v0.1.9 | v0.0.4 | v0.0.24 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.13.0 | v16.0 | v1.27 | v4.12.0* | Yes | Yes | v3.45 | v0.1.9 | v0.0.4 | v0.0.25 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.13.1 | v16.0 | v1.27 | v4.12.0* | Yes | Yes | v3.45 | v0.1.9 | v0.0.4 | v0.0.25 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.14.0 | v17.0 | v1.27 | v4.12.0* | Yes | Yes | v3.45 | v0.1.9 | v0.0.4 | v0.0.26 | Red Hat Enterprise Linux release 9.1 (Plow) |

Note: For OCP version 4.12, CIS is compatible with IPv4 and dual stack IPv4.

Compatibility Matrix for Multi Cluster Support
----------------------------------------------

| CIS Version | BIG-IP Version | Kubernetes Version | OpenShift Version | NodePort | SDN | OVN (Cluster Mode) | AS3 Version | CIS Chart Version |
|-------------|----------------|--------------------|-------------------|----------|-----|--------------------|-------------|-------------------|
| v2.14.0 | v16.0 | v1.27 | v4.12.0 | Yes | No | Yes | v3.45 | v0.0.26 |


CIS Features and Examples
-------------
-------------------------

| Feature | Example | Description | CIS Version |
|--------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
Expand Down Expand Up @@ -315,6 +325,11 @@ Refer Release Notes for [CIS v2.11.1](https://github.com/F5Networks/k8s-bigip-ct
* Policy level ssl profiles will have the highest precedence and will override route level profiles
* In CRD mode CIS will process ssl profiles from tls profile

### **Upgrading from 2.13.0 to 2.13.1:**

Refer Release Notes for [CIS v2.13.1](https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/RELEASE-NOTES.rst)


### **Upgrading from 2.13.1 to 2.14.0:**

* Wildcard support provided in the EDNS custom resource.
Expand Down
2 changes: 1 addition & 1 deletion helm-charts/f5-bigip-ctlr/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: v1
description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr).
name: f5-bigip-ctlr
version: 0.0.25
version: 0.0.26

0 comments on commit 06ade0d

Please sign in to comment.