iRule CRD and allow attaching iRule to Virtual Server Resources

[mitchellmaler]

Title

iRule CRD and allow attaching iRule to Virtual Servers

Description

The ability to create iRules from Kubernetes Custom Resources and attaching those to Virtual Servers.

Actual Problem

We have some specific routing logic that the ability to manage these at the k8s layer along with allowing tenants to write their own using custom resources would make it a smooth process.

Solution Proposed

Custom Resources for iRules and allow attaching those to Virtual Server Custom Resources.

Alternatives

A clear and concise description of any alternative solutions or features you've considered.

Additional context

Add any other context or screenshots about the feature request here.

[mdditt2000]

@mitchellmaler Good morning. You looking for something like the following?

apiVersion: "cis.f5.com/v1"
kind: CRD
metadata:
  name: my-crd
spec:
  virtualServerAddress: "172.16.3.4"
  iRules:
    - /Common/test-irule.  --------------------- add here!
  selector:
    matchLabels:
      app: nginx

If this is what you want i can get this added. Please let me know.

[mitchellmaler]

Yes being able to add irules to Virtual Servers would be perfect.

Another idea is also the ability to author irules from kubernetes using a new custom resource definition like below. This would allow tenants to write their own rules and then attach to virtual server resources all from k8s.

apiVersion: "cis.f5.com/v1"
kind: iRule
metadata:
  name: my-new-irule
  namespace: my-namespace
spec:
  ruleDefinition: |
    when HTTP_REQUEST {
        if { [HTTP::uri] starts_with "/abc/" } {
            HTTP::uri [string map {"/abc/" "/xyz/"} [HTTP::uri]]
        }
    }

[mdditt2000]

@mitchellmaler nice. Would you prefer the CRD to create the iRule as shown in your example or simply reference the iRule form BIG-IP? Referencing the iRule is way easier but that object would need to be on BIG-IP or CIS would receive a 422 error

[mitchellmaler]

I think both options should be available. At least for starters/short-term the ability to reference existing iRules on the Big-IP would be great. Then if in the future or part of this request the ability to author brand new irules using a kubernetes custom resource and then reference those would allow tenants to create and use their own without the need to add it to the bigip outside kubernetes before creating the virtual server.

[mdditt2000]

@mitchellmaler created internal Jira for PM tracking [CRD] iRule reference for CRD CONTCNTR-2252. Sprint planning is next week. Would like to get into next release.

[mdditt2000]

@mitchellmaler on a side note are you using GTM/DNS with LTM?

[mdditt2000]

iRule support for TransportServer CRD #1570

[mitchellmaler]

@mdditt2000 Today we are currently only using Big-IP LTM pairs for our environments.

[mitchellmaler]

@mdditt2000 Is there an update on adding iRule Reference to VS and a new iRule CRD support?

[mdditt2000]

@mitchellmaler flagged for CIS 2.3.

[trinaths]

This issue is fixed with CIS v2.3