CIS

4 Topics

CIS CRD http compression profile
Hi all, I am trying to add http compression profile to my virtual server with cis CRD. So far, I came across with two solutions. ConfigMap: However, in my scenario, I need to use only CRD. iRule: I attempted to create two iRules to mimic the functionality of the httpcompression and wan-optimized-compression profiles. However, I'm uncertain if they fully replicate the intended functionality. Below are the iRules I created: httpcompression when HTTP_RESPONSE { COMPRESS::disable if { [HTTP::header "Content-Length"] >= 1024 && ( [HTTP::header "Content-Type"] starts_with "text/" || [HTTP::header "Content-Type"] starts_with "application/xml" || [HTTP::header "Content-Type"] starts_with "application/x-javascript" ) } { COMPRESS::gzip memory_level 8 COMPRESS::gzip window_size 16 COMPRESS::gzip level 1 COMPRESS::buffer_size 4096 COMPRESS::enable } } wan-optimized-compression when HTTP_RESPONSE { COMPRESS::disable if { [HTTP::header "Content-Length"] >= 1024 && ( [HTTP::header "Content-Type"] starts_with "text/" || [HTTP::header "Content-Type"] starts_with "application/xml" || [HTTP::header "Content-Type"] starts_with "application/x-javascript" ) } { COMPRESS::gzip memory_level 16 COMPRESS::gzip window_size 64 COMPRESS::gzip level 1 COMPRESS::buffer_size 131072 COMPRESS::enable } } Do you have any suggestions for further improvements? Also, where can I submit a feature request to add HTTP compression profile support to the CRD? Thank you in advance for your assistance.
alp
Aug 16, 2024 Place Technical Forum
19Views
0likes
0Comments
Upgrade to CIS 2.16.1 with CCCL agent
Hello colleagues, I have read in the release notes [1] that AS3 was introduced in 1.9.0 I know that ConfigMap(s) in CIS differs from agent to agent and from CIS v2.0, AS3 is the default agent. We have CIS 1.8.1 and would like to upgrade to 2.16.1. Could we use deployment argument --agent to configure CCCL agent and upgrade to 2.16.1 ? PD: I know the recommendation is to migrate to agent AS3 but as for now, we only want to upgrade our k8s-bigip-ctlr [1] https://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/v1.14/RELEASE-NOTES.html#v1-9-0
feland250
Jun 02, 2024 Place Technical Forum
21Views
0likes
0Comments
Any way to add profiles to ingressLink Virtual servers?
Does anybody know if there's a supported way of adding profiles to ingressLink-created virtual servers? Profiles could be HTTP, SSL, ASM, APM, etc...
jonathanj2r
Apr 17, 2023 Place Technical Forum
401Views
0likes
2Comments
F5 Kubernetes BIG-IP Controller or CIS not connecting to Azure Big-IP deployment
I have started a POC for the BIG-IP Azure deployments, which deployed successfully and I have accessed and set the password. I've deployed the helm chart for CIS, but the pod fails to start. I've tested connectivity to the Azure BIG-IP deployment from a separate pod in the same namespace and it authenticates and returns correct info. I've validated the Azure BIG-IP creds are properly formatted in a secret and that secret is getting mounted in the CIS pod. Here is the pod log with logging level set to debug: 2021/10/04 21:21:39 [DEBUG] No url in credentials directory, falling back to CLI argument 2021/10/04 21:21:39 [INFO] [INIT] Starting: Container Ingress Services - Version: 2.5.0, BuildInfo: azure-465-1952a80a2165b7fc2d3561795ad09d1eb8615136 2021/10/04 21:21:39 [INFO]TeemServer:product.apis.f5.com 2021/10/04 21:21:39 teemClient:{{CIS-Ecosystem CIS/v2.5.0 df103609-7748-43e4-95a4-6631030e67d0} mmhJU2sCd63BznXAXDh4kxLIyfIMm3Ar product.apis.f5.com} 2021/10/04 21:21:39 [DEBUG] digitalAssetId:950e75d5-7fe0-88bc-eb3c-d654ebb4de47 2021/10/04 21:21:39 [DEBUG] telemetryDatalist:[{"Agent":"as3","ConfigmapsCount":0,"DateOfCISDeploy":"2021-10-04T21:21:39.452535893Z","ExternalDNSCount":0,"IPAMSvcLBCount":0,"IPAMTransportServerCount":0,"IPAMVirtualServerCount":0,"IngressCount":0,"IngressLinkCount":0,"Mode":"cluster","PlatformInfo":"CIS/v2.5.0 K8S/v1.19.11","RoutesCount":0,"RunningInDocker":false,"SDNType":"calico","TransportServerCount":0,"VirtualServerCount":0}] 2021/10/04 21:21:39 [DEBUG] ControllerAsDocker:#{docker} 2021/10/04 21:21:40 Resp Code:204 Status:204 No Content 2021/10/04 21:21:40 [INFO] ConfigWriter started: 0xc000284570 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) writing section name global 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) successfully wrote section (global) 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) writing section name bigip 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) successfully wrote section (bigip) 2021/10/04 21:21:40 [INFO] Started config driver sub-process at pid: 21 2021/10/04 21:21:40 [DEBUG] [INIT] Invalid trusted-certs-cfgmap option provided. 2021/10/04 21:21:40 [INFO] [INIT] Creating Agent for as3 2021/10/04 21:21:40 [DEBUG] [CORE] Agent Response Worker started and blocked on channel 0xc0004e04e0 2021/10/04 21:21:40 [INFO] [AS3] Initializing AS3 Agent 2021/10/04 21:21:41 [DEBUG] [AS3] No certs appended, using only system certs 2021/10/04 21:21:41 [DEBUG] [AS3] Validating AS3 schema with as3-schema-3.28.0-3-cis.json 2021/10/04 21:21:41 [DEBUG] [AS3] posting GET BIGIP AS3 Version request on https://10.2.0.7:8443/mgmt/shared/appsvcs/info 2021/10/04 21:21:43 [ERROR] [AS3] Response body unmarshal failed: invalid character '<' looking for beginning of value 2021/10/04 21:21:43 [ERROR] [AS3] Internal Error 2021/10/04 21:21:43 [CRITICAL] [INIT] Failed to initialize as3 agent, Internal Error
Solved
Patrick_Lieberg
Nov 22, 2022 Place Technical Forum
2.5KViews
0likes
3Comments