Skip to content

Commit

Permalink
CIS 2.18.0 release (#3544)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vklohiya
vklohiya authored Sep 4, 2024
1 parent 97bb49f commit 5802ce9
Show file tree
Hide file tree
Showing 8 changed files with 112 additions and 67 deletions.
6 changes: 5 additions & 1 deletion docs/RELEASE-NOTES.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ Release Notes for Container Ingress Services for Kubernetes & OpenShift
=======================================================================


Next Release
2.18.0
-------------

Added Functionality
Expand Down Expand Up @@ -38,6 +38,10 @@ Upgrade notes
Also see the deployment parameter `manage-load-balancer-class-only`, to control the behavior of CIS for services with loadBalancerClass field set in the service spec.
* CIS with as3 version >= 3.52, passthrough VS on bigip will not have default ssl profile.

Known Issues
`````````````
* Support for multiple ltm monitors with single virtual server referring to same backend on different path does not work.


F5 IPAM Controller v0.1.11
``````````````````````````
Expand Down
149 changes: 95 additions & 54 deletions docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,11 @@ spec:
ipamLabel:
type: string
pattern: '^[a-zA-Z]+[-A-z0-9_.:]+[A-z0-9]+$'
bigipRouteDomain:
type: integer
minimum: 0
maximum: 65535
default: 0
snat:
type: string
pattern: '^$|^\/?[a-zA-Z]+([-A-z0-9_+]+\/)*([-A-z0-9_.:]+\/?)+$'
Expand Down Expand Up @@ -139,6 +144,15 @@ spec:
profileMultiplex:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
profileAdapt:
type: object
properties:
request:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
response:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
allowVlans:
items:
type: string
Expand Down Expand Up @@ -445,7 +459,7 @@ spec:
jsonPath: .metadata.creationTimestamp
subresources:
status: {}

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
Expand Down Expand Up @@ -478,6 +492,11 @@ spec:
tlsVersion:
type: string
enum: ["1.0", "1.1", "1.2", "1.3"]
disableTLSVersions:
type: array
items:
type: string
enum: ["1.0", "1.1", "1.2", "1.3"]
ciphers:
type: string
cipherGroup:
Expand Down Expand Up @@ -581,7 +600,7 @@ spec:
policyName:
type: string
pattern: '^([A-z0-9-_+])*([A-z0-9])$'
mode:
mode:
type: string
enum: [standard, performance]
type:
Expand Down Expand Up @@ -627,6 +646,11 @@ spec:
ipamLabel:
type: string
pattern: '^[a-zA-Z]+[-A-z0-9_.:]+[A-z0-9]+$'
bigipRouteDomain:
type: integer
minimum: 0
maximum: 65535
default: 0
serviceAddress:
type: array
maxItems: 1
Expand Down Expand Up @@ -717,25 +741,25 @@ spec:
items:
type: object
properties:
type:
type: string
enum: [ tcp, udp, http, https ]
interval:
type: integer
timeout:
type: integer
targetPort:
type: integer
name:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
reference:
type: string
enum: [bigip]
send:
type: string
recv:
type: string
type:
type: string
enum: [ tcp, udp, http, https ]
interval:
type: integer
timeout:
type: integer
targetPort:
type: integer
name:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
reference:
type: string
enum: [bigip]
send:
type: string
recv:
type: string
reselectTries:
type: integer
minimum: 0
Expand Down Expand Up @@ -764,8 +788,8 @@ spec:
minimum: 0
maximum: 100
required:
- service
- servicePort
- service
- servicePort
required:
- virtualServerPort
- pool
Expand All @@ -783,37 +807,37 @@ spec:
type: string
default: Pending
additionalPrinterColumns:
- name: virtualServerAddress
type: string
description: IP address of virtualServer
jsonPath: .spec.virtualServerAddress
- name: virtualServerPort
type: integer
description: Port of virtualServer
jsonPath: .spec.virtualServerPort
- name: pool
type: string
description: Name of service
jsonPath: .spec.pool.service
- name: poolPort
type: string
description: Port of service
jsonPath: .spec.pool.servicePort
- name: ipamLabel
type: string
description: ipamLabel for transport server
jsonPath: .spec.ipamLabel
- name: IPAMVSAddress
type: string
description: IP address of transport server
jsonPath: .status.vsAddress
- name: STATUS
type: string
description: status of TransportServer
jsonPath: .status.status
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
- name: virtualServerAddress
type: string
description: IP address of virtualServer
jsonPath: .spec.virtualServerAddress
- name: virtualServerPort
type: integer
description: Port of virtualServer
jsonPath: .spec.virtualServerPort
- name: pool
type: string
description: Name of service
jsonPath: .spec.pool.service
- name: poolPort
type: string
description: Port of service
jsonPath: .spec.pool.servicePort
- name: ipamLabel
type: string
description: ipamLabel for transport server
jsonPath: .spec.ipamLabel
- name: IPAMVSAddress
type: string
description: IP address of transport server
jsonPath: .status.vsAddress
- name: STATUS
type: string
description: status of TransportServer
jsonPath: .status.status
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
subresources:
status: { }
---
Expand Down Expand Up @@ -978,6 +1002,11 @@ spec:
ipamLabel:
type: string
pattern: '^[a-zA-Z]+[-A-z0-9_.:]+[A-z0-9]+$'
bigipRouteDomain:
type: integer
minimum: 0
maximum: 65535
default: 0
iRules:
type: array
items:
Expand Down Expand Up @@ -1046,6 +1075,15 @@ spec:
policyPerRequestAccess:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
profileAdapt:
type: object
properties:
request:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
response:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
l3Policies:
type: object
properties:
Expand Down Expand Up @@ -1231,6 +1269,9 @@ spec:
htmlProfile:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
ftpProfile:
type: string
pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
autoLastHop:
type: string
enum: [ default, auto, disable ]
Expand Down
4 changes: 2 additions & 2 deletions docs/upgradeProcess.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ Compatibility Matrix
| v2.16.1 | v17.0 | v1.29 | v4.14.0* | Yes | Yes | v3.50 | v0.1.10 | v0.0.4 | v0.0.29 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.17.0 | v17.0 | v1.31 | v4.15.0* | Yes | Yes | v3.50 | v0.1.10 | v0.0.5 | v0.0.30 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.17.1 | v17.0 | v1.31 | v4.15.0* | Yes | Yes | v3.50 | v0.1.10 | v0.0.5 | v0.0.31 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.18.0 | v17.0 | v1.31 | v4.16.0* | Yes | Yes | v3.52 | v0.1.10 | v0.0.5 | v0.0.31 | Red Hat Enterprise Linux release 9.1 (Plow) |
| v2.18.0 | v17.0 | v1.31 | v4.16.0* | Yes | Yes | v3.52 | v0.1.11 | v0.0.5 | v0.0.32 | Red Hat Enterprise Linux release 9.1 (Plow) |
Note: For OCP version 4.12, CIS is compatible with IPv4 and dual stack IPv4.

Compatibility Matrix for Multi Cluster Support
Expand All @@ -59,7 +59,7 @@ Compatibility Matrix for Multi Cluster Support
| v2.15.0 | v16.0 | v1.28 | v4.13.0 | Yes | No | Yes | v3.48 | v0.0.27 |
| v2.16.0 | v17.0 | v1.29 | v4.14.0* | Yes | No | Yes | v3.50 | v0.0.29 |
| v2.17.0 | v17.0 | v1.31 | v4.15.0* | Yes | No | Yes | v3.50 | v0.0.30 |
| v2.18.0 | v17.0 | v1.31 | v4.16.0* | Yes | No | Yes | v3.52 | v0.0.30 |
| v2.18.0 | v17.0 | v1.31 | v4.16.0* | Yes | No | Yes | v3.52 | v0.0.32 |



Expand Down
2 changes: 1 addition & 1 deletion f5-bigip-ctlr-operator/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ ENV HOME=/opt/helm
LABEL name="F5 Container Ingress Services Operator" \
maintainer="f5_cis_operators@f5.com" \
vendor="F5 Networks Inc." \
version="v1.17.0" \
version="v1.18.0" \
release="1" \
summary="Container Ingress Services Operator for F5 BIG-IP" \
description="F5 BIG-IP Controller Operator is a Service Operator which installs F5 BIG-IP Controller (Container Ingress Services) on Kubernetes and OpenShift platforms and respective supported versions."
Expand Down
4 changes: 2 additions & 2 deletions f5-bigip-ctlr-operator/bundle.Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
LABEL operators.operatorframework.io.bundle.package.v1=f5-bigip-ctlr-operator
LABEL operators.operatorframework.io.bundle.channels.v1=alpha,beta
LABEL operators.operatorframework.io.bundle.channel.default.v1=beta
LABEL operators.operatorframework.io.bundle.channels.v1=alpha,beta,stable
LABEL operators.operatorframework.io.bundle.channel.default.v1=stable
LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.26.0
LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1
Expand Down
6 changes: 3 additions & 3 deletions f5-bigip-ctlr-operator/bundle/manifests/f5-bigip-ctlr-operator.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ metadata:
categories: Networking
certified: "false"
containerImage: registry.connect.redhat.com/f5networks/k8s-bigip-ctlr-operator@sha256:560aff6297fa8d5c13d830b0186035205abb1785d62f310a268054fbfd3ae7d1
createdAt: "2024-06-04"
createdAt: "2024-08-28"
description: Operator to install F5 Container Ingress Services (CIS) for BIG-IP.
operators.operatorframework.io/builder: operator-sdk-v1.26.0
operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1
Expand All @@ -66,7 +66,7 @@ metadata:
features.operators.openshift.io/cnf: "false"
features.operators.openshift.io/cni: "false"
features.operators.openshift.io/csi: "false"
name: f5-bigip-ctlr-operator.v1.17.0
name: f5-bigip-ctlr-operator.v1.18.0
namespace: placeholder
spec:
apiservicedefinitions: {}
Expand Down Expand Up @@ -410,7 +410,7 @@ spec:
minKubeVersion: 1.13.0
provider:
name: F5 Networks Inc.
version: 1.17.0
version: 1.18.0
relatedImages:
- name: cntr-ingress-svcs
image: registry.connect.redhat.com/f5networks/cntr-ingress-svcs@sha256:7ee53dc08596d4078da5bdb8188f3eda337d44ca8a91976667f2612bf54f9948
Expand Down
6 changes: 3 additions & 3 deletions f5-bigip-ctlr-operator/bundle/metadata/annotations.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ annotations:
operators.operatorframework.io.bundle.manifests.v1: manifests/
operators.operatorframework.io.bundle.metadata.v1: metadata/
operators.operatorframework.io.bundle.package.v1: f5-bigip-ctlr-operator
operators.operatorframework.io.bundle.channels.v1: alpha,beta
operators.operatorframework.io.bundle.channel.default.v1: beta
operators.operatorframework.io.bundle.channels.v1: alpha,beta,stable
operators.operatorframework.io.bundle.channel.default.v1: stable
operators.operatorframework.io.metrics.builder: operator-sdk-v1.26.0
operators.operatorframework.io.metrics.mediatype.v1: metrics+v1
operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1
Expand All @@ -15,4 +15,4 @@ annotations:
operators.operatorframework.io.test.config.v1: tests/scorecard/

# Annotations to specify OCP versions compatibility.
com.redhat.openshift.versions: v4.6-v4.15
com.redhat.openshift.versions: v4.12-v4.16
2 changes: 1 addition & 1 deletion helm-charts/f5-bigip-ctlr/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: v1
description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr).
name: f5-bigip-ctlr
version: 0.0.31
version: 0.0.32

0 comments on commit 5802ce9

Please sign in to comment.