Last Modified: Apr 22, 2025
Affected Product(s):
BIG_IP_NEXT(SPK) SPK
Known Affected Versions:
1.7.9, 1.7.10
Opened: Feb 24, 2025 Severity: 3-Major
Controller may not be able to find the target port from the endpoints and application deployments. When such case happens, the controller does not configure TMM for respective ingress TCP CR. CR status could reflect "False" state.
Controller may fail to configure TMM with ingress configs even if a ingress TCP CR exists, applications pods are deployed, and they seem to be running fine.
There are 3 conditions which could lead to this issue: 1. There may be a discrepancy in the pods and endpoints cache maintained by the controller. The caching mechanism is supported by the Kubernetes client-go library. If pod cache is not updated and service is using named port then controller may not get the target port. If controller finds the target port by referring pod cache but endpoint cache is not updated then also controller may fail in getting endpoints matching the port number. This can only happen if pod or endpoint cache never gets synchronized with Kubernetes API server due to issues related to environment, application pods etc. 2. The app's pods or endpoints might be in a faulty or inconsistent state. This could lead to incorrect updates of the pod and endpoint resources on the Kubernetes API server. 3. The Kubernetes API server itself might not be updating the pod or endpoint resources correctly due to environmental factors or underlying infrastructure issues.
1st workaround is to scale down application deployment and scale it back up, which triggers new events and pod and endpoints cache in controller could get synchronized with Kubernetes API server. 2nd workaround is to scale down controller and scale it back up. That way, controller could process all the events related to CR, app service, endpoints etc. when it comes up and caches in controller could get synchronized.
None