Added the helm charts for the free5gc NFs.
Added script to test the basic network slicing.
Signed-off-by: palaniap <palaniappan.ramanathan@intel.com>
Change-Id: I26217629053967423edd7d19743f17c262cda0c3
--- /dev/null
+#! /bin/bash
+
+rm -rf f5gc*.tgz
+for i in mongodb nrf udr udm ausf nssf pcf upf amf smf
+do
+ tar -czvf f5gc-$i.tgz f5gc-$i
+done
+ls -l f5gc*.tgz
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-amf
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAqXpvTc1WpUqw6NI6+VcjBDf4tE2Zg/ebZx7Dr3th9P7GAI66
+kVyooVm89asvZIadg+0kRzuHR8cAohaBOrHGdQttdox2Tz14nNqOtIMTg42YhOxF
+uS9MLL6bR+TzLi6OElT+SZMFBsGGdNVUR3U0sf0VkblzgipbiKnJqDQoeH/4RHec
+lrwIBqsrbKgVSsNhEPQWCaErFHnZnfR48/UHVY+9lFlQsBcgX1IM9lR/EgudBZWY
+BIx0wTYy+Tq4kR7+GtJxlfmEWT3bACI2uY1D9u1zpvjf3cxwwk0K4oT7WLIq/onR
+eITyTbocHtMhGqvM6iryh81PlaFhmQeBLLE4WQIDAQABAoIBAC9RieYVIM4Brqcy
+m1impZY18nCVAfnAllkSU9yY/F6lC694KksPrd1u6r1E0HSmyS/edDSXQEwgGeMn
+mWlD3X8sc6GX0iiJpzVUKGfp+PbP//eM6GKt+/y6Myy9ldAdG3mu1VjBfbPHML1K
+Gr/gz5eqa+1F9CQxo2Di1vTpqysJS2UKiW0VCIYPM+gTUWj1mgiGt56yk/p6YAyS
++6DZm19k+zr1M+d6iKPySfYOpC2UhyrbWWUNlMAERjm/cPkCRoHrrM9ZpHvSLxmL
+ABSG6OX4iDNQexDeIdrRWPHeArJ9cB/ucHhkAvFXLWrYZYCwfQijz/Yxa6ZzPZKW
+gJxWcaECgYEA2PK/QuD7FSxgUokDbqWnsFL8O2gHuOCi0lps268lRbrUM6KhFjg5
+KCjUzayvFqC3s0aMXXZ1/VoN8JgCiWIMbVmmBaAYEOe4ajlqOMhLD2kKqaZ3yI2X
+UJz1zGtV5lZuBQ6FOGNWTETlUBIFtg+goEH7Zf7VC8z/i1IVtyYcCCUCgYEAx/w1
+5UHu3w4BZaUPYOJJ9RktJ/q+ptIDQl/xt1mAFzZ/u/m3WVJsDnOA1IGvHTnjHELK
+078Y4CRoY4mEXfZPJsl7PArVDr8huwrLqwNDwJZ77YMjkpRhhYlUK12KLlMocC42
+V8p+YFenELAE9Lky4jYRCoGejyq4yAJVYq3sbyUCgYB842kE9/yyWKRuft9R79zT
+nUIEdMOVQwOYMmPeJzo+pOmJfAJdhyooGzE94T29ufFmK6OcHhiYKyJBMVCsg5wB
+ywzOyjVwbeR0ie7DF1JWYbK4rNLhydikmGbLMbL2cSTOlmhMaKsCJtsXN/i/sMlX
+2AP/2C4OqAkny64ii7axXQKBgAbOCC9y3OPuIBILWcicKpQSdTzlBVO71ayOgzUP
+8JHZouMMjjaV3WNofru8Ze8Cpz2w8CHgYMJPutWYOk7QMMVLGcxjOfi0fDtXFLMO
++2E0PadJTQ6Ryfe3QovvNOJ6peebSvIVy9MPaHni42hIXPjhihbnbjPE6mCz45/l
+9yOZAoGANrcL3qNMD6PDIvknr3Y7rhMStZsEdkFEGBTUSP4pZbwHnNIKX5iQluw7
+Aawx2ZidYh89X8LFkPsup5OGTrAUP/TPCgXA+aZlO0yjVMCFlA7D+MTiNOeSOe//
+0dAVhuRAFS510v0NfSPlLnSfA69jEcpuewf94ITMRj6MIiYLpxc=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDUzCCAjugAwIBAgIJANC4esPC102UMA0GCSqGSIb3DQEBCwUAMEAxCzAJBgNV
+BAYTAlRXMRAwDgYDVQQIDAdIc2luY2h1MQ0wCwYDVQQHDARjaXR5MRAwDgYDVQQK
+DAdmcmVlNUdDMB4XDTE5MDcxODA3NTkwOFoXDTI5MDcxNTA3NTkwOFowQDELMAkG
+A1UEBhMCVFcxEDAOBgNVBAgMB0hzaW5jaHUxDTALBgNVBAcMBGNpdHkxEDAOBgNV
+BAoMB2ZyZWU1R0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpem9N
+zValSrDo0jr5VyMEN/i0TZmD95tnHsOve2H0/sYAjrqRXKihWbz1qy9khp2D7SRH
+O4dHxwCiFoE6scZ1C212jHZPPXic2o60gxODjZiE7EW5L0wsvptH5PMuLo4SVP5J
+kwUGwYZ01VRHdTSx/RWRuXOCKluIqcmoNCh4f/hEd5yWvAgGqytsqBVKw2EQ9BYJ
+oSsUedmd9Hjz9QdVj72UWVCwFyBfUgz2VH8SC50FlZgEjHTBNjL5OriRHv4a0nGV
++YRZPdsAIja5jUP27XOm+N/dzHDCTQrihPtYsir+idF4hPJNuhwe0yEaq8zqKvKH
+zU+VoWGZB4EssThZAgMBAAGjUDBOMB0GA1UdDgQWBBTRNsNPYUMfmh6xMHsYpdhz
+GAlUszAfBgNVHSMEGDAWgBTRNsNPYUMfmh6xMHsYpdhzGAlUszAMBgNVHRMEBTAD
+AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQANX8eve1eV6G8m6kcBeD664yI9v9ELVXPV
+XJ06Vlrcx3xYzpyO2aIDlbA++zfS1Fdlczmn1bSh2jKyRi0JPq8Bc2bvpKUPU+jL
+vYIcbLaUkT+YeknDOOMDLpwpZRyuTWw1dZg/LnlGkuSgjgpvyrNhXdx216TwgjGX
+ao7hqQDzumH/CIX1/Bw19xjvy8y21fqgIjpgL4yB/1erC4i/I2Z+mZEb3DH459gz
+sTmrUHUjO0mSVHmnLYKaYJbRYQGPUQTg5fIYasOAFG3K3C485MGRgMiSkrAC7A2M
+ZHioUNtm3XF9tfE1srtLsPGfypiM/hiGWIlgYJHUh8NYjQIXF9Pb
+-----END CERTIFICATE-----
--- /dev/null
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-amf-config
+data:
+ amfcfg.conf: |
+ info:
+ version: 1.0.0
+ description: AMF initial local configuration
+
+ configuration:
+ amfName: AMF
+ ngapIpList:
+ - 172.16.24.3 # assigned to a second network interface
+ sbi:
+ scheme: {{ .Values.configuration.sbi.scheme }}
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }} # Can also be a kubernetes service IP or domain name.
+ bindingIPv4: 0.0.0.0 # Can also be an ENV.
+ port: {{ .Values.service.port }}
+ serviceNameList:
+ - namf-comm
+ - namf-evts
+ - namf-mt
+ - namf-loc
+ - namf-oam
+ servedGuamiList:
+ - plmnId:
+ mcc: 208
+ mnc: 93
+ amfId: cafe00
+ supportTaiList:
+ - plmnId:
+ mcc: 208
+ mnc: 93
+ tac: 1
+ plmnSupportList:
+ - plmnId:
+ mcc: 208
+ mnc: 93
+ snssaiList:
+ - sst: 1
+ sd: 010203
+ - sst: 1
+ sd: 112233
+ - sst: 2
+ sd: 010203
+ supportDnnList:
+ - internet
+ nrfUri: {{ .Values.configuration.nrfUri }}
+ security:
+ integrityOrder:
+ - NIA2
+ #- NIA0
+ cipheringOrder:
+ - NEA0
+ #- NEA2
+ networkName:
+ full: free5GC
+ short: free
+ t3502Value: 720
+ t3512Value: 3600
+ non3gppDeregistrationTimer: 1000
+ t3513:
+ enable: true
+ expireTime: 6s
+ maxRetryTimes: 4
+ t3522:
+ enable: true
+ expireTime: 6s
+ maxRetryTimes: 4
+ t3550:
+ enable: true
+ expireTime: 6s
+ maxRetryTimes: 4
+ t3560:
+ enable: true
+ expireTime: 6s
+ maxRetryTimes: 4
+ t3565:
+ enable: true
+ expireTime: 6s
+ maxRetryTimes: 4
+ free5GC.conf: |
+ db_uri: {{ .Values.mongodb.url }}/free5GC
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #info
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: trace
+ ReportCaller: true
+ SMF:
+ debugLevel: info
+ ReportCaller: true
+ UDR:
+ debugLevel: info
+ ReportCaller: true
+ UDM:
+ debugLevel: info
+ ReportCaller: true
+ NRF:
+ debugLevel: info
+ ReportCaller: true
+ PCF:
+ debugLevel: info
+ ReportCaller: true
+ AUSF:
+ debugLevel: info
+ ReportCaller: true
+ N3IWF:
+ debugLevel: info
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: info
+ ReportCaller: true
+ FSM:
+ debugLevel: info
+ ReportCaller: true
+ NGAP:
+ debugLevel: trace
+ ReportCaller: true
+ NamfComm:
+ debugLevel: debug
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: info
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: info
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: info
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: info
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: info
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: info
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-amf-tls-secret
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/amf.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/amf.key").AsSecrets . | indent 2 }}
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ template "fullname" . }}
+ labels:
+ app: f5gc-amf
+ sliceidx: 6d3d79da-f781-4cd9-813a-dbdad01e01c0
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+ free5gc.org/supported-snssais: '[
+ { "st": 1,
+ "ssd": "010203",
+ },
+ { "st": 1,
+ "ssd": "112233",
+ },
+ ]'
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-amf
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-amf
+{{- if eq .Values.helmInstallOvn false }}
+ annotations:
+ k8s.v1.cni.cncf.io/networks: '[{
+ "name": "ovn-networkobj",
+ "namespace": "default"
+ }]'
+ k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [{ "name": "sctpnetwork", "interface": "n1n2" }]}'
+{{- end }}
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ initContainers:
+ - name: init-myservice
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until wget -qO- $nrfUri &> /dev/null; do echo waiting for $nrfUri; sleep 2; done"]
+ env:
+ - name: nrfUri
+ value: {{ .Values.configuration.nrfUri }}
+ containers:
+ - name: free5g-304-amf
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./amf"]
+ args:
+ - -amfcfg
+ - ../config/amfcfg.conf
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-amf-config
+ mountPath: /free5gc/config
+ - name: f5gc-amf-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: f5gc-amf
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-amf-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-amf-cert
+ secret:
+ secretName: f5gc-amf-tls-secret
+ - name: f5gc-amf-config
+ configMap:
+ name: f5gc-amf-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-amf-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-amf-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-amf
+ name: f5gc-amf
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-amf
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ selector:
+ app: f5gc-amf
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32518
+ nodePort: 32518
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-amf
+ nrfUri: http://f5gc-nrf:32510
+
+mongodb:
+ url: mongodb://f5gc-mongodb:27017
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+helmInstallOvn: false
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-ausf
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA5tfKck1ZCBa/t6MKLfU9aVpHUHTrTNLU2Ub6HfpflcChaFGc
+WkW8HcIqCjNY9YzjEBEohlp5Xf2usway3/0PCe2kI4KA44QkFq0J/+hb3zga+GX2
+vUiGIRZUW09ZUHw7XjJICd8HflC3jUnb2F0On7OyKdAqeVfMxfZfvW6Zs95Gt0b3
+l4W71KfVr2WH/Jp/w14NtSKsX7HWFVOXw9inGdYqjdlmT4fIK7dHw1KFjR+c5nlR
+sMV8bos7ntJdhEmwNBwBmRpaky1fCdcTKSV0NYgDBEjB773B/dLBVI61SEYpYNQh
+qH5sr7BqxtVOPfUcCTmOkQvnLGaiYHbaIKC8lQIDAQABAoIBAD5fmEgCNkhFPVA1
+MY7xcMKCrjpDHUEIxpJe5z4qZKFmBzbUtlZ9+TJhQFK5RRQ0GTZCLJ0A3UJURVwC
+N1rmWaXpHCysGn9fOREXeFg5RHmwAzmS83R5oCRYkDqL2ioxJylwlJ52MOQkkzQN
+/OUdX9IvD7jUkmVvH9ltlLjupYE/zoISTAWiUaVvDOrl5eVpCpAkbz7iJGLrP7dG
+lF+qnFo13ex/DnsVSkFUxwsizpZ7IggfAw7l74GbkfiM7T95kwIFdP8KFuOUa3un
+bfV1UCGE1pKmWhBlOnB9ZFpXBjzbPTIB0MQErUQMX/qD9VRuyGdN/LjVXtUPhlZT
+qt3RrBECgYEA/moEBHdd44HGPOMnL3ZZVu6M5nDpodYfXGwhwonZdb1dSSHyRItl
+PWi/NmOJ2LG4tFrsPNJdxJy3mT+X+awgpHNaT7GrZlEDRSS/1KDGWRMgyr7P0Eyx
+or6OnVI6hTMSAsJdnsOOa7KeUOcacm05EuXRaWpdnbzELsa1t3dbhWcCgYEA6Egp
+PohxEHoxiZ52Mfa+TCWAB+8jp96Gd4rq//xtAYbE+pmSbh/o3oPWAJsHn7YxwgsL
+YzJbBOja7TLGa8LICMB19K/f+l0t/TYuEAboTnGctVvHwHG7Ll96bZGiEojzs7Lj
+4T3L9YdA4finfSWfdQNk2T3IBlJXDcxhwu+jVKMCgYBM7e/DDfkk9zPja2iI8Id5
+Qu72K4Rp/F5FSyk2Mwq/kIApwgsI8QGu/QJ8xsKC9NJ+LtQqXA4giqb1vwYMaCEC
+uSLA4F+Ms8iCWudquybe/mq3A9XBDb/VDzv+lEO/zT6P+QfoHwfsxvkaS5dyrFZK
+wZV+A7zFGrRT1KBUFtJk1wKBgQCbcf83+/M+Raf1IviSQz/ikY32wVCpPL/cLDlM
+Ck+gn+IemrtluzEKCEwkp5sYhMMTynRadA55YKNx7XLgFr/rK3FEyJYpZEYsmB+H
+VjgMlvd6Xut0nCfZxseVn8pIgSIl9eeOit59d4AyOUdM9uqZUiYhQ7kikeP0NfyO
+ifRR5QKBgD83DHQWgA3C4f9Q3oif9grvCP1r+suqonTmpB4hpW01IlC0YluCEl12
+6U9hr6047BB2tl2uGODI8IBY2wkoCKVjCebuEeVuIa76CxhG0IERi3gmBl4krbDi
+n5z1Islfc+UqSK3IZbHQB7a/iGSUX0mhAahLHX+rzIXl4oUykSCz
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDYDCCAkigAwIBAgIJAKhXRBF0PdYcMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzIzMDY1MzIwWhcNMjkwNzIwMDY1MzIwWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA5tfKck1ZCBa/t6MKLfU9aVpHUHTrTNLU2Ub6HfpflcChaFGcWkW8HcIq
+CjNY9YzjEBEohlp5Xf2usway3/0PCe2kI4KA44QkFq0J/+hb3zga+GX2vUiGIRZU
+W09ZUHw7XjJICd8HflC3jUnb2F0On7OyKdAqeVfMxfZfvW6Zs95Gt0b3l4W71KfV
+r2WH/Jp/w14NtSKsX7HWFVOXw9inGdYqjdlmT4fIK7dHw1KFjR+c5nlRsMV8bos7
+ntJdhEmwNBwBmRpaky1fCdcTKSV0NYgDBEjB773B/dLBVI61SEYpYNQhqH5sr7Bq
+xtVOPfUcCTmOkQvnLGaiYHbaIKC8lQIDAQABo1MwUTAdBgNVHQ4EFgQUYD0n5aiC
+y2cCIvOf2+d4/jX7TokwHwYDVR0jBBgwFoAUYD0n5aiCy2cCIvOf2+d4/jX7Tokw
+DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtWk3cRE4UHm+5zHG
+aOarrZSsq9kaRBy2j1wPq94CXaNKdKdU5v99Fi7XCkdVow0/7h+RW4bRRxUOc+HJ
+SKT9TeMTzkY1C4nUDXBiN8hNWQ+EPFliy938OEYRIgeV7u6mMHgV2r76h7ItTE/9
+no+1vT4LzVNSM3nsEx9W5TgOiXqt/d0+PyTx48befwPN1mKsmOi7ipaD8JlakAnz
+Nn9aNJMdq/VJaLhP+4F/1UCJANQVzZlSn4LFKJlfvRIBX8wpXYoz3JYAa6wYVF90
+JVoBhhrhQpbxgQSDskXT5pT5/YVSnPlRuSBMamGsXWcXeMPCCsCJiLC765v0t5vT
+heItBA==
+-----END CERTIFICATE-----
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-ausf-config
+data:
+ ausfcfg.conf: |
+ info:
+ version: 1.0.0
+ description: AUSF initial local configuration
+
+ configuration:
+ sbi:
+ scheme: {{ .Values.configuration.sbi.scheme }}
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }} # Can also be a kubernetes service IP or domain name.
+ bindingIPv4: 0.0.0.0 # Can also be an ENV.
+ port: {{ .Values.service.port }}
+ serviceNameList:
+ - nausf-auth
+ nrfUri: {{ .Values.configuration.nrfUri }}
+ plmnSupportList:
+ - mcc: 208
+ mnc: 93
+ - mcc: 123
+ mnc: 45
+ groupId: ausfGroup001
+
+ free5GC.conf: |
+ db_uri: {{ .Values.mongodb.url }}/free5GC
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #info
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: info
+ ReportCaller: true
+ SMF:
+ debugLevel: info
+ ReportCaller: true
+ UDR:
+ debugLevel: info
+ ReportCaller: true
+ UDM:
+ debugLevel: info
+ ReportCaller: true
+ NRF:
+ debugLevel: info
+ ReportCaller: true
+ PCF:
+ debugLevel: info
+ ReportCaller: true
+ AUSF:
+ debugLevel: info
+ ReportCaller: true
+ N3IWF:
+ debugLevel: info
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: info
+ ReportCaller: true
+ FSM:
+ debugLevel: info
+ ReportCaller: true
+ NGAP:
+ debugLevel: info
+ ReportCaller: true
+ NamfComm:
+ debugLevel: info
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: info
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: info
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: info
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: info
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: info
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: info
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-ausf-tls-secret
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/ausf.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/ausf.key").AsSecrets . | indent 2 }}
+
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: f5gc-ausf
+ labels:
+ app: f5gc-ausf
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-ausf
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-ausf
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ initContainers:
+ - name: init-myservice
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until wget -qO- $nrfUri &> /dev/null; do echo waiting for $nrfUri; sleep 2; done"]
+ env:
+ - name: nrfUri
+ value: {{ .Values.configuration.nrfUri }}
+ containers:
+ - name: free5g-304-ausf
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./ausf"]
+ args:
+ - -ausfcfg
+ - ../config/ausfcfg.conf
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - name: f5gc-ausf-config
+ mountPath: /free5gc/config
+ - name: f5gc-ausf-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: f5gc-ausf
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-ausf-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-ausf-cert
+ secret:
+ secretName: f5gc-ausf-tls-secret
+ - name: f5gc-ausf-config
+ configMap:
+ name: f5gc-ausf-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-ausf-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-ausf-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-ausf
+ name: f5gc-ausf
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-ausf
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ selector:
+ app: f5gc-ausf
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32509
+ nodePort: 32509
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-ausf
+ nrfUri: http://f5gc-nrf:32510
+
+mongodb:
+ url: mongodb://f5gc-mongodb:27017
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-mongodb
+version: 0.1.0
--- /dev/null
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: f5gc-mongodb-config
+data:
+ mongo_initdb_database: "free5gc"
--- /dev/null
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: f5gc-mongodb-data
+data:
+ # Test
--- /dev/null
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-mongodb
+ name: f5gc-mongodb
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-mongodb
+ port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ protocol: TCP
+ selector:
+ app: f5gc-mongodb
--- /dev/null
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: f5gc-mongodb
+spec:
+ serviceName: f5gc-mongodb
+ selector:
+ matchLabels:
+ app: f5gc-mongodb
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: f5gc-mongodb
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ containers:
+ - name: mongodb
+ image: mongo:4.2.7
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: mongodb
+ env:
+ - name: MONGO_INITDB_DATABASE
+ valueFrom:
+ configMapKeyRef:
+ name: f5gc-mongodb-config
+ key: mongo_initdb_database
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 27017
+ nodePort: 32017
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-nrf
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAnrbgWnBF/nCKyHHQWkUWC8oLJBFAJ1vUCekFG0LPcOSjyDD9
+SfzOLODGKi2VNbsPoHbZbxdLyqDYxBu4OHEAaeWWuNUX76E6uTb8l0BqqRDzADaI
+NA3dPdqXQh64OnBYdokmPZEYuH8cDS5YoraZHavVE6xawgwBPSDGFWrvLQ6tbwtt
+dgOCN7WvUpRVVC6O5J6HaSm4diWtorcTrJl6DgST74iUhTs8O8cO8nWDZyBdQA44
+XHcM8e+ZJYlIkcXQhOd0m9rvXRPTDbGR8Pefw82FL3P5qr8Gl1lObiW2MTCApp3e
+ggOaxQJQQzGu8ticwkR++DCAzox6+iYIWcF7MQIDAQABAoIBAALuKXJCBGjQNx/A
+SjKAeAm7rzz5PI/9eAq+zKNWNnJFJmj5zpNhIYVemQoKUWjujTlPOHB+o52YHqhw
+QpR4MaPC42eCN7Dq7ySgSUWZoN6CO5pTZ2xenSkZMhW8b3ZUwK1flt8oIKa3YhM0
+Odq3OFh95a85TWurwRIZ2s5mbQgN5+AUI6D/AmmybJu2qYo6Swq7T1r+YdPjA/ah
+LveS6juyeHj/+IQ5s0HbSkw1chGR/e2bM/L9SD5govY4EvXyZHfW9++DCfPZV4Bs
+9yfmsWUh5iCbJjo+0c4Em1hZlS7SoilTU5y8NP4OTuMBWK+oLOc+Dp9ioVMWX/J4
+Pz/ZCEkCgYEAzRaEIzkhjD3nZRIOZ5ELCOeKaLh96HR0mqclmcT63peDFnGL8Gdh
+ce5r64W84aBzVmiu2z8wNLQl8f8zVuOyH/Brb+R66LXOnaiS0sB999YwJ2DFRiPr
+Fg6ANJiVCSJj36TIPNfD5m05TU2CxB8T1nLE/qSqbs531w9ZqmQhCWMCgYEAxh1J
+JnQt0/mg8w5S4v7WPkLSg8Gm+/TRsAr7WL1UmTe7bK21O4803/nhqhbgxYcxJxXC
+DK1On5zO3tLCBLeF2ZNVj2eeV0kPLxjbIgVYzMdCH+wIOw9H3pXg2ikmkQtz+/22
+HubL0lSMTZPjc7Zjwcd3fXt0/ph5jU/jRqqr11sCgYEAg1xNrKX2R/aKlOE42rs7
+Xyu3KpYpB1A4M6ql2dUifpp7O0/lO0lsT+ZPt56EudvkpE8O2J2jic5tk5BLWPck
+63I5zoSA+TciLTeBO35R8QF+/GnuUZvGAu2szoOAykX9xIyuONJWxuvkzQ+9l1L0
+iOIgLZ5ZD/otJlHNs+bIhlMCgYB3/t8CspXbcbSh40gjA3WiyniVo2LP8y5asZwh
+2LN4BkC4h9Jg29GL499iVW8ZVVRZNx2M7h/UH3dRkVhA4SPqcAn/zSQj/DV9MlHw
+Hkr15a7QhPdLRmsij6dcnFYmvkgnFjoMJ4DGyb0dc/jtakir43QlhfSMDLB6/itL
+7y4cRwKBgDl9ErtNLkm49yT0YFwth2yfy7I4fsJWz4MGy5Dgs7VGb1g4P7vWyi1N
+ISTvfSV8oJcsUgPwtFYZ/WVwYfTzho2iGruTi2ZLqGlmBuI0VtiWjxmUeK2FQXtX
+pvLCTTCGoa7W63a7YXZy/CoeQzWvZHAdFbUOKWo2lP4GwPOz1qbc
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDozCCAougAwIBAgIUX7XnMYtfOyKrRZbCntYDzkvUYzEwDQYJKoZIhvcNAQEL
+BQAwYTELMAkGA1UEBhMCYWIxCzAJBgNVBAgMAmFiMQswCQYDVQQHDAJhYjELMAkG
+A1UECgwCYWIxCzAJBgNVBAsMAmFiMQswCQYDVQQDDAJhYjERMA8GCSqGSIb3DQEJ
+ARYCYWIwHhcNMTkwNzE5MDg1MDA4WhcNMjkwNzE2MDg1MDA4WjBhMQswCQYDVQQG
+EwJhYjELMAkGA1UECAwCYWIxCzAJBgNVBAcMAmFiMQswCQYDVQQKDAJhYjELMAkG
+A1UECwwCYWIxCzAJBgNVBAMMAmFiMREwDwYJKoZIhvcNAQkBFgJhYjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ624FpwRf5wishx0FpFFgvKCyQRQCdb
+1AnpBRtCz3Dko8gw/Un8zizgxiotlTW7D6B22W8XS8qg2MQbuDhxAGnllrjVF++h
+Ork2/JdAaqkQ8wA2iDQN3T3al0IeuDpwWHaJJj2RGLh/HA0uWKK2mR2r1ROsWsIM
+AT0gxhVq7y0OrW8LbXYDgje1r1KUVVQujuSeh2kpuHYlraK3E6yZeg4Ek++IlIU7
+PDvHDvJ1g2cgXUAOOFx3DPHvmSWJSJHF0ITndJva710T0w2xkfD3n8PNhS9z+aq/
+BpdZTm4ltjEwgKad3oIDmsUCUEMxrvLYnMJEfvgwgM6MevomCFnBezECAwEAAaNT
+MFEwHQYDVR0OBBYEFI/fV4ZPL4WqXwMmG7TQNIGrf3OEMB8GA1UdIwQYMBaAFI/f
+V4ZPL4WqXwMmG7TQNIGrf3OEMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL
+BQADggEBAGrYf+bXccD7ofzRKzcdh0fmG4abBVX8wT7YC4qtYCQewjBB+cjhxYjx
+wzwfT3YKeovs4vzL2uRKvGsSLKUPCgFm1cipIuTeQCFyEhunttAbuWISP+QGfiM8
+Qr/Bc52DYPiJNnxxLUMWKgttlnpo2naYNRnrzDucHYuCmCC57+MZhaYOD+0Rl/rP
+HhBxwst+XtnsOYTN0TKoAEbDYeeCopoLEEvWZDQsco39qFzHWb5k+KPDggRcfR6A
+QgNNelNPN1yVE1jh80IeQ+hQ8RIzgnQgjT4E/Z+BZ/qtVEBvRtLfrFUswpDPH+6c
+7n6n3eNIF53bxxt//KNgJWBzNuxup9A=
+-----END CERTIFICATE-----
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-nrf-config
+ namespace: {{ .Release.Namespace }}
+data:
+
+ nrfcfg.conf: |
+ info:
+ version: 1.0.0
+ description: NRF initial local configuration
+
+ configuration:
+ MongoDBName: "free5gc"
+ #MongoDBUrl: "mongodb://f5gc-mongodb:32017"
+ MongoDBUrl: {{ .Values.configuration.MongoDBUrl }}
+ DefaultServiceIP: "f5gc-nrf"
+ sbi:
+ scheme: http
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }}
+ bindingIPv4: 0.0.0.0
+ port: {{ .Values.service.port }}
+ DefaultPlmnId:
+ mcc: "208"
+ mnc: "93"
+ serviceNameList:
+ - nnrf-nfm
+ - nnrf-disc
+
+ free5GC.conf: |
+ db_uri: {{ .Values.configuration.MongoDBUrl }}/free5GC
+ #db_uri: mongodb://192.168.30.54:32017/free5GC
+ #db_uri: mongodb://f5gc-mongodb:32017/free5GC
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #info
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: info
+ ReportCaller: true
+ SMF:
+ debugLevel: info
+ ReportCaller: true
+ UDR:
+ debugLevel: info
+ ReportCaller: true
+ UDM:
+ debugLevel: info
+ ReportCaller: true
+ NRF:
+ debugLevel: info
+ ReportCaller: true
+ PCF:
+ debugLevel: info
+ ReportCaller: true
+ AUSF:
+ debugLevel: info
+ ReportCaller: true
+ N3IWF:
+ debugLevel: info
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: info
+ ReportCaller: true
+ FSM:
+ debugLevel: info
+ ReportCaller: true
+ NGAP:
+ debugLevel: info
+ ReportCaller: true
+ NamfComm:
+ debugLevel: info
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: info
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: info
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: info
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: info
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: info
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: info
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-nrf-tls-secret
+ namespace: {{ .Release.Namespace }}
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/nrf.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/nrf.key").AsSecrets . | indent 2 }}
+
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: f5gc-nrf
+ namespace: {{ .Release.Namespace }}
+ labels:
+ app: f5gc-nrf
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-nrf
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-nrf
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ containers:
+ - name: free5g-304-nrf
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./nrf"]
+ args:
+ - -nrfcfg
+ - ../config/nrfcfg.conf
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-nrf-config
+ mountPath: /free5gc/config
+ - name: f5gc-nrf-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: f5gc-nrf
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-nrf-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-nrf-cert
+ secret:
+ secretName: f5gc-nrf-tls-secret
+ - name: f5gc-nrf-config
+ configMap:
+ name: f5gc-nrf-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-nrf-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-nrf-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-nrf
+ name: f5gc-nrf
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-nrf
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ selector:
+ app: f5gc-nrf
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32510
+ nodePort: 32510
+
+configuration:
+ MongoDBUrl: "mongodb://f5gc-mongodb:27017"
+ sbi:
+ registerIPv4: f5gc-nrf
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-nssf
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAwsrvEP7x76q1/dMEovHMHDowdcpHUfffSsLHiHE/fNpu+8FJ
+3l0M4sBtBkoZ4ymlJOtUGGAbRKSy9CB01WfEd/zSeoxbk+oxZVLlopXJMaowTmiw
+fmqrhHTf4+gOzWLl3Qws19FiQrEpOPPUIRLejXjVt1iSjpUBqklfk6qme2ajv7SW
+AWZ2J5JcOAvnPHCdiW0LhR02veU3c/Hjcvz1tvbUYPHdUdfT4Z78qLHNG7R033E5
+9GoVcmQTGvBOGkjTO+7tuzoB6uV/iNsIZ62xh2NUKpoi/2NHO5uzN9XvNnGBPWPM
+6vEuIG7RTgLZXkjr1ntRDPjTxR9uxbOTtoKlhQIDAQABAoIBABKPzeobsSg6Zy8x
+vX5ddiq2bMm8pcEs0o1INEVPLVKTagH5cDWNPl4ZIgp4YzEfVcpH1nKgLdkDrL3Q
+nfF7+t/IKrJcz5kvttdF5/XvOgXOht3h4feZ6JAtpuwLv+VYaDkBIQDLxgY+5YO0
+0GD6cFSg0BSxjv2hO1Bjv4TNvSGDAr+b1qIPJc+hJfxTYksPqijATOAov1oWfntZ
+o5bwu2sZYYBaMN3mWNT5RI+0LPmEvBpS4zasFjmGzIuhGiW9+Qy7n6zE1rjyOjt7
+aXqQmi1MpchLEEZ8YKZ5yCqse+LPnOVo41K02n9cRbpyx2PlOEzaZAhf4OhHAux0
+7PMvk8ECgYEA52jiR4GnrP5k57WL5PWW/d71uCnkB7bsAA5plhA/L8M3cBtH1D10
+XzxhJsgD4gzvOBbHdzlQlv1qaSEonXiBfDRYI6vE2jdF12/P1FnRn6itAsPyv8+B
+eTugbtK1QyOUUFbWidluKYZyc8NBshdQs2MAGrxEIPyp9RsEWoElmXECgYEA133y
+EO6ZSF7hOWtyajdbRl3U7W3ueVAcZ+XAwHg/1CR/DKP10nk41YoPKen+2eTtwPuz
+FcJiTSiQTz24NC8oa1/HJOJisCzsY0hnr0eIfv8vh8KGZ+twNURMfRHDOgUHbPRA
+k07Ua9qElLBS+K6IjFHBw/R5x7lV/Aut+h2wY1UCgYEA2yAcNS33Av8ZubfVsodD
+5T39W9h/DzcNnrgHD4xu6OFoW4XZrIZM7emU7U41LxakZ25ajvD8+R0aaFZ3yTVV
+F7HRTGXYz/HK9sfv+traft8QhS/ba/ooVg46SvbHob3NMY4pNPtpL3UaZ7gbO3KM
+fnFepfJkaQAYR/q/Upw8aGECgYAU8R9yN83bs6TNsLx4yBJtvzavMEzJq1hnXHOk
+AMurMTTLpK+CGdfFINqiZyQmRtI4O/3GcpKdDwEfQk9BewfBj5hJ5FpU5ri+WU4C
+QcBpHyGeXvAy7zWDZ7TLPsurOsvi8cXIyxNnu9/Al3YoxsVsZZGgGoUvPLq3eOca
+dIIs1QKBgQC0eTeBuEDkTc0lFSeIW+t5l5Bq02sNKnciMpdXuIabkqm0d86BhxkK
+FQuSr0KA2oAj0x5aB8V7c04uAbUOevRzh7f0ol0G4Eb6DyWJUKHlYZsPKVZASa3D
+EZhtUy9ZHfLiMm7/qxGMZNjWJB56Pi52I6iJbeQGxF5DFXMvgAmrcw==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIJAKvguoLGe9PUMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzI0MDUwMTQ2WhcNMjkwNzIxMDUwMTQ2WjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAwsrvEP7x76q1/dMEovHMHDowdcpHUfffSsLHiHE/fNpu+8FJ3l0M4sBt
+BkoZ4ymlJOtUGGAbRKSy9CB01WfEd/zSeoxbk+oxZVLlopXJMaowTmiwfmqrhHTf
+4+gOzWLl3Qws19FiQrEpOPPUIRLejXjVt1iSjpUBqklfk6qme2ajv7SWAWZ2J5Jc
+OAvnPHCdiW0LhR02veU3c/Hjcvz1tvbUYPHdUdfT4Z78qLHNG7R033E59GoVcmQT
+GvBOGkjTO+7tuzoB6uV/iNsIZ62xh2NUKpoi/2NHO5uzN9XvNnGBPWPM6vEuIG7R
+TgLZXkjr1ntRDPjTxR9uxbOTtoKlhQIDAQABo1AwTjAdBgNVHQ4EFgQU3YRaENrE
+WQ3PIe0ZrpLhRhqhYIowHwYDVR0jBBgwFoAU3YRaENrEWQ3PIe0ZrpLhRhqhYIow
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAnP/DtbZ++F5/92myjfkW
+0onqZ053xJXJTUzwKqUhsxLjRUo1tpZRLksVC3oh9e41pg0s2hHM7aZARGyBEsxo
+NiZr0xUYS3RAnedd7zAUwigTTdWesBlcvePNO73dYzui1sPVx1RVZgH8uUONqKot
+W07pBiQBcI0MMpmwYm3kC7Uvuaf99VZrhhR+jPFyQrawNROD4/tIvFYj26TVtmrn
+GFvz6GqWgOGSZAmMx2ZZh+KvU4pnxJVoeWP/TXluiaWpAnzOmGvQqP32gaDBozLc
+smIg0D5rSovfshZQgLUbnLSqBKwwYGdFdA7/0IKs5YeAKnjSBBC5vLrOaNGLlNwM
+8g==
+-----END CERTIFICATE-----
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-nssf-config
+data:
+
+ nssfcfg.conf: |
+ info:
+ version: 1.0.0
+ description: NSSF initial local configuration
+
+ configuration:
+ nssfName: NSSF
+ sbi:
+ scheme: {{ .Values.configuration.sbi.scheme }}
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }} # Can also be a kubernetes service IP or domain name.
+ bindingIPv4: 0.0.0.0 # Can also be an ENV.
+ port: {{ .Values.service.port }}
+ serviceNameList:
+ - nnssf-nsselection
+ - nnssf-nssaiavailability
+ nrfUri: {{ .Values.configuration.nrfUri }}
+ supportedPlmnList:
+ - mcc: 208
+ mnc: 93
+ supportedNssaiInPlmnList:
+ - plmnId:
+ mcc: 208
+ mnc: 93
+ supportedSnssaiList:
+ - sst: 1
+ sd: 010203
+ - sst: 1
+ sd: 112233
+ - sst: 1
+ sd: 3
+ - sst: 2
+ sd: 1
+ - sst: 2
+ sd: 2
+ nsiList:
+ - snssai:
+ sst: 1
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri1 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 10
+ - snssai:
+ sst: 1
+ sd: 1
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri2 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 11
+ - snssai:
+ sst: 1
+ sd: 2
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri3 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 12
+ - snssai:
+ sst: 1
+ sd: 3
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri4 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 13
+ - snssai:
+ sst: 2
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri5 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 20
+ - snssai:
+ sst: 2
+ sd: 010203
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri6 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 21
+ - snssai:
+ sst: 1
+ sd: 010203
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri7 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 22
+ - snssai:
+ sst: 1
+ sd: 112233
+ nsiInformationList:
+ - nrfId: {{ .Values.nssaiNrfUri8 }}/nnrf-nfm/v1/nf-instances
+ nsiId: 23
+ amfSetList:
+ - amfSetId: 1
+ amfList:
+ - ffa2e8d7-3275-49c7-8631-6af1df1d9d26
+ - 0e8831c3-6286-4689-ab27-1e2161e15cb1
+ - a1fba9ba-2e39-4e22-9c74-f749da571d0d
+ nrfAmfSet: http://localhost:8081/nnrf-nfm/v1/nf-instances
+ supportedNssaiAvailabilityData:
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33456
+ supportedSnssaiList:
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 2
+ - sst: 2
+ sd: 1
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33457
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 2
+ - amfSetId: 2
+ nrfAmfSet: http://localhost:8084/nnrf-nfm/v1/nf-instances
+ supportedNssaiAvailabilityData:
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33456
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 3
+ - sst: 2
+ sd: 1
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33458
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 2
+ amfList:
+ - nfId: 469de254-2fe5-4ca0-8381-af3f500af77c
+ supportedNssaiAvailabilityData:
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33456
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 2
+ - sst: 2
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33457
+ supportedSnssaiList:
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 2
+ - nfId: fbe604a8-27b2-417e-bd7c-8a7be2691f8d
+ supportedNssaiAvailabilityData:
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33458
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 3
+ - sst: 2
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33459
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 2
+ - sst: 2
+ sd: 1
+ - nfId: b9e6e2cb-5ce8-4cb6-9173-a266dd9a2f0c
+ supportedNssaiAvailabilityData:
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33456
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 2
+ - sst: 2
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33458
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 2
+ - sst: 2
+ sd: 1
+ taList:
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33456
+ accessType: 3GPP_ACCESS
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 2
+ - sst: 2
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33457
+ accessType: 3GPP_ACCESS
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 2
+ - sst: 2
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33458
+ accessType: 3GPP_ACCESS
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 1
+ sd: 3
+ - sst: 2
+ restrictedSnssaiList:
+ - homePlmnId:
+ mcc: 310
+ mnc: 560
+ sNssaiList:
+ - sst: 1
+ sd: 3
+ - tai:
+ plmnId:
+ mcc: 466
+ mnc: 92
+ tac: 33459
+ accessType: 3GPP_ACCESS
+ supportedSnssaiList:
+ - sst: 1
+ - sst: 1
+ sd: 1
+ - sst: 2
+ - sst: 2
+ sd: 1
+ restrictedSnssaiList:
+ - homePlmnId:
+ mcc: 310
+ mnc: 560
+ sNssaiList:
+ - sst: 2
+ sd: 1
+ mappingListFromPlmn:
+ - operatorName: NTT Docomo
+ homePlmnId:
+ mcc: 440
+ mnc: 10
+ mappingOfSnssai:
+ - servingSnssai:
+ sst: 1
+ sd: 1
+ homeSnssai:
+ sst: 1
+ sd: 1
+ - servingSnssai:
+ sst: 1
+ sd: 2
+ homeSnssai:
+ sst: 1
+ sd: 3
+ - servingSnssai:
+ sst: 1
+ sd: 3
+ homeSnssai:
+ sst: 1
+ sd: 4
+ - servingSnssai:
+ sst: 2
+ sd: 1
+ homeSnssai:
+ sst: 2
+ sd: 2
+ - operatorName: AT&T Mobility
+ homePlmnId:
+ mcc: 310
+ mnc: 560
+ mappingOfSnssai:
+ - servingSnssai:
+ sst: 1
+ sd: 1
+ homeSnssai:
+ sst: 1
+ sd: 2
+ - servingSnssai:
+ sst: 1
+ sd: 2
+ homeSnssai:
+ sst: 1
+ sd: 3
+
+ free5GC.conf: |
+ db_uri: {{ .Values.mongodb.url }}/free5gc
+
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #debug
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: debug
+ ReportCaller: true
+ SMF:
+ debugLevel: debug
+ ReportCaller: true
+ UDR:
+ debugLevel: debug
+ ReportCaller: true
+ UDM:
+ debugLevel: debug
+ ReportCaller: true
+ NRF:
+ debugLevel: debug
+ ReportCaller: true
+ PCF:
+ debugLevel: debug
+ ReportCaller: true
+ AUSF:
+ debugLevel: debug
+ ReportCaller: true
+ N3IWF:
+ debugLevel: debug
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: debug
+ ReportCaller: true
+ FSM:
+ debugLevel: debug
+ ReportCaller: true
+ NGAP:
+ debugLevel: debug
+ ReportCaller: true
+ NamfComm:
+ debugLevel: debug
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: debug
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: debug
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: debug
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: debug
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: debug
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: debug
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-nssf-tls-secret
+ namespace: {{ .Release.Namespace }}
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/nssf.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/nssf.key").AsSecrets . | indent 2 }}
+
+
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: f5gc-nssf
+ labels:
+ app: f5gc-nssf
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+ free5gc.org/supported-snssais: '[
+ { "st": 1,
+ "ssd": "010203",
+ },
+ { "st": 1,
+ "ssd": "112233",
+ },
+ ]'
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-nssf
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-nssf
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ initContainers:
+ - name: init-myservice
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until wget -qO- $nrfUri &> /dev/null; do echo waiting for $nrfUri; sleep 2; done"]
+ env:
+ - name: nrfUri
+ value: {{ .Values.configuration.nrfUri }}
+ containers:
+ - name: free5g-304-nssf
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./nssf"]
+ args:
+ - -nssfcfg
+ - ../config/nssfcfg.conf
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-nssf-config
+ mountPath: /free5gc/config
+ - name: f5gc-nssf-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: f5gc-nssf
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-nssf-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-nssf-cert
+ secret:
+ secretName: f5gc-nssf-tls-secret
+ - name: f5gc-nssf-config
+ configMap:
+ name: f5gc-nssf-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: f5gc-nssf-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-nssf-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-nssf-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-nssf
+ name: f5gc-nssf
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-nssf
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ selector:
+ app: f5gc-nssf
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32531
+ nodePort: 32531
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-nssf
+ nrfUri: http://f5gc-nrf:32510
+
+nssaiNrfUri1: http://f5gc-nrf:32510
+nssaiNrfUri2: http://f5gc-nrf:32510
+nssaiNrfUri3: http://f5gc-nrf:32510
+nssaiNrfUri4: http://f5gc-nrf:32510
+nssaiNrfUri5: http://f5gc-nrf:32510
+nssaiNrfUri6: http://f5gc-nrf:32510
+nssaiNrfUri7: http://f5gc-nrf:32510
+nssaiNrfUri8: http://f5gc-nrf:32510
+mongodb:
+ url: mongodb://f5gc-mongodb:27017
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-pcf
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAvrAD943EXFG1sWQYv4HzMWAsZdvypE+taRGaFB4IoqPpPKLj
+gJN6wsHE16ehisixMXLwTNmuaiT6BAWDLKSuLTAJENB/3wX89Ga3KGEo9BKOVy0j
+lU3PZDfGS6Crc1I2xyT5cwtZe85h941XtPCkuSyIO2ZDz2uT5cOj/Hm1gLeZqEXC
++6fly7K87DUrosOXAVxRtMhyYENeTGQPZV9Wcwqqi3f+01kVhESmT3hTw4u5f/nn
++Isx99uZwsHBlkmiUC9prgef9jdN1+GwfUKptTDPPzKNMn/aG7glKs9VnI3pcgha
+WoUENMkhSOwIvfePPf1PF35yEK5fdm2HfxCNTQIDAQABAoIBAQCieRboNsK4ZmaJ
+XuA3TGIKEAfEQkPb/IeknnrJ6U0yRrbUE3YEd6SBjNhLZ2kc9yMDHwvgbxlNF3Rv
+OMMrpqVBm0weJ4jMXi3JkDs/DIn4bFcbsDpBXKr4mQ08IwnymHpT9A0XGPSFqLOQ
+Wb4BTYkMvgTVl6zvbpn1i1yOIqWjpVMmmofA7ENLtBJxq+vMIhks3Pd8xjw2bUeL
+Sc6PDc8mf5Svsjy+vIX4wzda+ND95QyFyTV9O+Liia3JU+VvaoTUTtLr8OwWmUw9
+V7d3XyCddw2FasmB9OfUHDsvags2DoChp3S+zh0V3YDQlCJv9v111L7rMJFUA8Uo
+KfVohnOBAoGBAOiIVxtcqE5xxrWjJlHc1ljBY6egqRNNgRBWstcW7WctxGQAAYCy
+DIpYcgRfNKgThcerLJa0hy+THBFNjh9c35vLfL/mOXEHE4tw2MsZGr8I/p9e7c7i
+m7aR43mUXMoYocbD9htZ/xs0zR+nzurT6UEVHT7c5qb/ifU4UYy92AZvAoGBANHu
+k6HGE6uiI+53Rwzc5Uv4t80F5xGg31yEgNXmcq0pCiYNju90gvMWXJujdqtKQXWF
+xnGobchzzRoMclsOpmADgeyOIf0FHue1W2U/q2anZJpmZFz9ApvLiTGfX1ntubYw
+5RriSe08c50Sa6naGF3MXiJrqwcMWdjNqgA+rCYDAoGAPfbW/3uZfg3jndN0CqyG
+kfA21hyB8ZrdobT4w0hgyvXvN5aoz9qibNtUxsV4CrHpHGQI5cAFpi/Vcubv0Hu3
+OpTnEVwQQoZYNvhDTRvLfMywzVdGl7LbO7N0oplegJw/v+/ITVGWIXHYl27oPLtr
+lORDftTuweGmqanwUUjloBECgYBjIzx6qBS/98jqI0/dRi/Oib0ayA/P5l20ziod
+WT+MgJX3VG3MrQPuEgBXy4EN8PoqqqsFH5oAkJcqFvimAawWKXHgqVppp1Jp794i
+WUfzKVe8BmCc/SqPMjYuxel8iWQrIrn+0SBCNUsPwRQw2PqqyQknThstL+r6FF2U
+0gPvywKBgQDOHgczHI+G8pgivzC2W6OUvImm7DEFKZw2ZRNFSqq0/ksWfUnYIUaf
+KyNhKOCmCqYSZr6ivX47dO9G2x8OM5u95paY8ysOB+mlx/yrXKI8B4ZMax3xaVMq
+QDwiWcsGN6VUvyWITyDDsoUgWK7sPsVcoJgvVKduz/VRkPZk2YNGyA==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDSDCCAjACCQDQLErVY/eE8DANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJU
+VzEPMA0GA1UECAwGVGFpd2FuMQ8wDQYDVQQHDAZUYWlwZWkxDTALBgNVBAoMBE5U
+Q1UxDDAKBgNVBAsMA0lPVDEYMBYGA1UEAwwPd3d3Lm50Y3UuZWR1LnR3MB4XDTE5
+MDcyMzAzMjcwM1oXDTI5MDcyMDAzMjcwM1owZjELMAkGA1UEBhMCVFcxDzANBgNV
+BAgMBlRhaXdhbjEPMA0GA1UEBwwGVGFpcGVpMQ0wCwYDVQQKDAROVENVMQwwCgYD
+VQQLDANJT1QxGDAWBgNVBAMMD3d3dy5udGN1LmVkdS50dzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAL6wA/eNxFxRtbFkGL+B8zFgLGXb8qRPrWkRmhQe
+CKKj6Tyi44CTesLBxNenoYrIsTFy8EzZrmok+gQFgyykri0wCRDQf98F/PRmtyhh
+KPQSjlctI5VNz2Q3xkugq3NSNsck+XMLWXvOYfeNV7TwpLksiDtmQ89rk+XDo/x5
+tYC3mahFwvun5cuyvOw1K6LDlwFcUbTIcmBDXkxkD2VfVnMKqot3/tNZFYREpk94
+U8OLuX/55/iLMffbmcLBwZZJolAvaa4Hn/Y3TdfhsH1CqbUwzz8yjTJ/2hu4JSrP
+VZyN6XIIWlqFBDTJIUjsCL33jz39Txd+chCuX3Zth38QjU0CAwEAATANBgkqhkiG
+9w0BAQsFAAOCAQEABtO5Re3ekkXGgBGDBBxBzfIV9H19s4xi3sIhav8d20uaT0lK
+rYlYIFH4U7yi2eIs60OWDa5kATrOtTeE3Q9hQ4zZMq8xlerz8w/muRS/1AcjI6y0
+MXQIiv+RVNeWrWSwaOXPDjOXIP1QjG8WEddJg4DMu4copGSmLlv+ETYRuE6OklgU
+YUgu+Fo+73UAL8LMQFwXNpfvtkvwWLEZhPvkbMgnTY/1da+BIX0nJqkKxy2E5xYf
+gRMPsd6DdcQ1yHc/b90G0X3VRSaUgW97SPoEn+LFuQMJ0aIN7o5O+GW74yUfyxMo
+VVF59Dz6FUAk+PupYWvjsh2tL92R/tdykSlDVw==
+-----END CERTIFICATE-----
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-pcf-config
+data:
+ pcfcfg.conf: |
+ info:
+ version: 1.0.0
+ description: PCF initial local configuration
+
+ configuration:
+ pcfName: PCF
+ sbi:
+ scheme: {{ .Values.configuration.sbi.scheme }}
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }} # Can also be a kubernetes service IP or domain name.
+ bindingIPv4: 0.0.0.0 # Can also be an ENV.
+ port: {{ .Values.service.port }}
+ timeFormat: 2019-01-02 15:04:05
+ defaultBdtRefId: BdtPolicyId-
+ nrfUri: {{ .Values.configuration.nrfUri }}
+ serviceList:
+ - serviceName: npcf-am-policy-control
+ - serviceName: npcf-smpolicycontrol
+ suppFeat: 3fff
+ - serviceName: npcf-bdtpolicycontrol
+ - serviceName: npcf-policyauthorization
+ suppFeat: 3
+ - serviceName: npcf-eventexposure
+ - serviceName: npcf-ue-policy-control
+ mongodb:
+ name: f5gc-mongodb
+ url: {{ .Values.configuration.mongodb.url }}/free5gc
+
+ free5GC.conf: |
+ db_uri: {{ .Values.configuration.mongodb.url }}/free5gc
+
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #debug
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: debug
+ ReportCaller: true
+ SMF:
+ debugLevel: debug
+ ReportCaller: true
+ UDR:
+ debugLevel: debug
+ ReportCaller: true
+ UDM:
+ debugLevel: debug
+ ReportCaller: true
+ NRF:
+ debugLevel: debug
+ ReportCaller: true
+ PCF:
+ debugLevel: debug
+ ReportCaller: true
+ AUSF:
+ debugLevel: debug
+ ReportCaller: true
+ N3IWF:
+ debugLevel: debug
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: debug
+ ReportCaller: true
+ FSM:
+ debugLevel: debug
+ ReportCaller: true
+ NGAP:
+ debugLevel: debug
+ ReportCaller: true
+ NamfComm:
+ debugLevel: debug
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: debug
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: debug
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: debug
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: debug
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: debug
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: debug
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-pcf-tls-secret
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/pcf.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/pcf.key").AsSecrets . | indent 2 }}
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: f5gc-pcf
+ labels:
+ app: f5gc-pcf
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-pcf
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-pcf
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ initContainers:
+ - name: init-myservice
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until wget -qO- $nrfUri &> /dev/null; do echo waiting for $nrfUri; sleep 2; done"]
+ env:
+ - name: nrfUri
+ value: {{ .Values.configuration.nrfUri }}
+ containers:
+ - name: free5g-304-pcf
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./pcf"]
+ args:
+ - -pcfcfg
+ - ../config/pcfcfg.conf
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-pcf-config
+ mountPath: /free5gc/config
+ - name: f5gc-pcf-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: f5gc-pcf
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-pcf-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-pcf-cert
+ secret:
+ secretName: f5gc-pcf-tls-secret
+ - name: f5gc-pcf-config
+ configMap:
+ name: f5gc-pcf-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-pcf-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-pcf-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-pcf
+ name: f5gc-pcf
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-pcf
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ selector:
+ app: f5gc-pcf
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32507
+ nodePort: 32507
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-pcf
+ nrfUri: http://f5gc-nrf:32510
+ mongodb:
+ url: mongodb://f5gc-mongodb:27017
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-smf
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA3SU3yVrp5Ig9aRFh3OWtvydxJC/ZzA8zijrSRldrCMEhCPsX
+C6htxPiolyYfX95ooG3lUhU8KHunQ6RkBqYtxKHrk/uSeN6iDOxv2d4cp7MtTlHn
+uc9SmzOOiU9t6MH2UiXC0t7hGBQshE6lSXLESA+ZGWbbraba2j5coyIaR3KJtyuc
+3d0X8AT7JFUnM/hPLBdGJ5g1ek7/2mN0jXWy4iCXIeD5sPD+aI0jI5waq5XMfl2K
+bOU9X69z2fLnwCcwxWXkp3hZDtxZ3bgWDZe+l7Mx25QUwP7GI+MHWY7CMREUY4CA
+MuWcLnuCxhujbE3CDA72cZ4B5/NWrHdo4rQL4QIDAQABAoIBAQC+RtiyOrRGu2bD
+cX5Xt5OAhupVrYpjhqzdAfGNLohc1veap5jTog8YzK8apmWWcmJpr0UCFF1Xo9Vu
+YRLjmbaFmqB9CpejwkOChSlUN0VGkeeonNaaTKWR/pFk2eACxmkvk2gHUlgxBKKt
+EJItGT+DlVAwyAy6ZHeoEsJYZu5fi7ciiJHLAuKI4W/a0SZLFelcw3iOhiVyQrME
+1C0BgZW0oUCcsTy5sa27Fs/OSQvCFyyDuTLMK5lPgkkUzhnhnA3zbBb9hjKTdCyG
+sg3I9DCRwWG1C/CL1/W2r7s6AhIv24Yn1G7KG3KmQCO3gmoms/BzOR+4LrkN3nva
+WWzVJlDxAoGBAPLqBExjxyg/x0sdZF8dDFQU8oA3x8pLvxkqzJWaVKf8d3YL5GI4
+AWyMtiz0kWSXHfk1tEPosG3mvFwiouh1K1kE9pHo4WrqfUt9RCiEZEzl9R9x2Opl
+BOz2c0Ol8VpjrRBBf3PV6kXmGEE9IA1f0oTva8lBIrOb5gQcMRbT/SuVAoGBAOkO
+/hA8Gp+ekmO7qiGcUQhB7/tbkwoaf+o2A8GlasPRz/wubPTogsvqe6DqQQo56v6/
+zY0mpFADtWyyqa4AvkGwG/W4JF7BdQ+k3KI/D2Gh5gHbzn01cZASvXAYnM0AWi/t
+dOrK9H8cg+E7YJKyoclHwl2n5/QXXTiqC+CvRqwdAoGABDErr9HM/xHSs6YnNEkB
+DHZsFPBhf0k9XAbUDwThzyBZQ21DHLrQs3neLvptg+njt4hIux9J5CumNoTWgOJ8
+xAWE59G4CitPzDy2L2jRfk49o7RIRQtHQXujU5iKiL/NnckzlOEtMNWet4mBgxmT
+PX4QQyHfom/fUVTXOAiiht0CgYBQmY/B+5dVhpioBzniX9YiXfNp4ZSrlNiSHlYU
+PWn8CO6+Dyw9UsARV6mjz//oUnlz2s9ytl9zEKVIz00hUT57JzW0OBfT8WHTpDdt
+oRNnt379O5Bg+v+oTOLZBpoLx8ho9N1Pahs+bpUpasiOU1rian/Mtgng/8eMljp/
+XP66/QKBgAsaiGqp1jTpoa6QtGDj8NH0Gse61A4ILuC7ttiREJZDoJyJelcF5IJ5
+yLJkuy+R5kzX0V7rCwYc5AxE3YeTteTmrmss+uFJo85BqN4dLFLFZsmEraXpwLbL
+/GOsQDF3PeOjJPHrafvi8JYckZsjUcwN7Yn3HbsQcvgi59EHLlTd
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDazCCAlOgAwIBAgIUejW3Iw+Jqc6UimDjNL5A2iiTLLIwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xOTA3MTEwNzI1MThaFw0yOTA3
+MDgwNzI1MThaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDdJTfJWunkiD1pEWHc5a2/J3EkL9nMDzOKOtJGV2sI
+wSEI+xcLqG3E+KiXJh9f3migbeVSFTwoe6dDpGQGpi3EoeuT+5J43qIM7G/Z3hyn
+sy1OUee5z1KbM46JT23owfZSJcLS3uEYFCyETqVJcsRID5kZZtutptraPlyjIhpH
+com3K5zd3RfwBPskVScz+E8sF0YnmDV6Tv/aY3SNdbLiIJch4Pmw8P5ojSMjnBqr
+lcx+XYps5T1fr3PZ8ufAJzDFZeSneFkO3FnduBYNl76XszHblBTA/sYj4wdZjsIx
+ERRjgIAy5Zwue4LGG6NsTcIMDvZxngHn81asd2jitAvhAgMBAAGjUzBRMB0GA1Ud
+DgQWBBQXefTGBKHZzWVpSISL/O3UKOjuuDAfBgNVHSMEGDAWgBQXefTGBKHZzWVp
+SISL/O3UKOjuuDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAH
+fponBxtMoweVP24tpY/gIYIQDMmr6zGslWJjBTS4azBL5/rdk1pZk6onRfQD7zAZ
+BBz+RBSnNQx9N23ZiNe+93w9L7gF74EOxRL9sCa2i1IDbUverxTmv0RmV4XuGtbI
+raj02DlULI+RGsKUfqSBNcZUAYyjEKIZja531eq+dRyP7qgyvcwK44f1BsnLSySH
+j958x1zYQFqvb4qaqC05bNU+CVuwaS0e+wbP1hCXncog3YKAkHYJqZZTjn15b8Op
+v1rppEFdjK7pCoRb6vP39Efo5uRCjGwdTZYgphX4begnN/muD69o8sEsw60Fuzgt
+OW7CHtwR2ZAUPJYUK04F
+-----END CERTIFICATE-----
--- /dev/null
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-smf-config
+data:
+ smfcfg.conf: |
+ info:
+ version: 1.0.0
+ description: AMF initial local configuration
+
+ configuration:
+ smfName: SMF
+ sbi:
+ scheme: {{ .Values.configuration.sbi.scheme }}
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }}
+ bindingIPv4: 0.0.0.0
+ port: {{ .Values.service.port }}
+ tls:
+ key: free5gc/support/TLS/smf.key
+ pem: free5gc/support/TLS/smf.pem
+ serviceNameList:
+ - nsmf-pdusession
+ - nsmf-event-exposure
+ - nsmf-oam
+ snssaiInfos:
+ - sNssai:
+ sst: {{ .Values.sNssaiInfos.sNssai.sst }}
+ sd: {{ .Values.sNssaiInfos.sNssai.sd }}
+ dnnInfos:
+ - dnn: {{ .Values.sNssaiInfos.sNssai.dnnInfos.dnn }}
+ dns:
+ ipv4: 8.8.8.8
+ ipv6: 2001:4860:4860::8888
+ ueSubnet: {{ .Values.sNssaiInfos.sNssai.dnnInfos.ueSubnet }}
+ - sNssai:
+ sst: {{ .Values.sNssaiInfos.sNssai.sst }}
+ sd: 112233
+ dnnInfos:
+ - dnn: internet
+ dns:
+ ipv4: 8.8.8.8
+ ipv6: 2001:4860:4860::8888
+ ueSubnet: {{ .Values.sNssaiInfos.sNssai.dnnInfos.ueSubnet }}
+ pfcp:
+{{ .Values.pfcp | toYaml | indent 8 }}
+ userplane_information:
+{{ .Values.userplane_information | toYaml | indent 8 }}
+ nrfUri: {{ .Values.configuration.nrfUri }}
+ ulcl: false
+
+ uerouting.yaml: |
+ info:
+ version: 1.0.0
+ description: Routing information for UE
+
+ ueRoutingInfo:
+ - SUPI: imsi-2089300007487
+ AN: 10.200.200.101
+ PathList:
+ - DestinationIP: 60.60.0.101
+ DestinationPort: 8888
+ UPF: !!seq
+ - BranchingUPF
+ - AnchorUPF1
+
+ - DestinationIP: 60.60.0.103
+ DestinationPort: 9999
+ UPF: !!seq
+ - BranchingUPF
+ - AnchorUPF2
+
+ - SUPI: imsi-2089300007486
+ AN: 10.200.200.102
+ PathList:
+ - DestinationIP: 10.0.0.10
+ DestinationPort: 8888
+ UPF: !!seq
+ - BranchingUPF
+ - AnchorUPF1
+
+ - DestinationIP: 10.0.0.11
+ DestinationPort: 9999
+ UPF: !!seq
+ - BranchingUPF
+ - AnchorUPF2
+
+ # routeProfile:
+ # MEC1:
+ # forwardingPolicyID: 10
+ #
+ # pfdDataForApp:
+ # - applicationId: edge
+ # pfds:
+ # - pfdID: pfd1
+ # flowDescriptions:
+ # - permit out ip from 60.60.0.1 8080 to any
+
+ free5GC.conf: |
+ db_uri: {{ .Values.configuration.mongodb.url }}/free5GC
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #info
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: info
+ ReportCaller: true
+ SMF:
+ debugLevel: debug
+ ReportCaller: true
+ UDR:
+ debugLevel: info
+ ReportCaller: true
+ UDM:
+ debugLevel: info
+ ReportCaller: true
+ NRF:
+ debugLevel: info
+ ReportCaller: true
+ PCF:
+ debugLevel: info
+ ReportCaller: true
+ AUSF:
+ debugLevel: info
+ ReportCaller: true
+ N3IWF:
+ debugLevel: info
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: info
+ ReportCaller: true
+ FSM:
+ debugLevel: info
+ ReportCaller: true
+ NGAP:
+ debugLevel: info
+ ReportCaller: true
+ NamfComm:
+ debugLevel: info
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: info
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: info
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: info
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: info
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: info
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: info
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-smf-tls-secret
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/smf.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/smf.key").AsSecrets . | indent 2 }}
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ template "fullname" . }}
+ labels:
+ app: f5gc-smf
+ sliceidx: 6d3d79da-f781-4cd9-813a-dbdad01e01c0
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+ free5gc.org/supported-snssais: '[
+ { "st": 1,
+ "ssd": "010203",
+ },
+ { "st": 1,
+ "ssd": "112233",
+ },
+ ]'
+spec:
+ #serviceName: "f5gc-smf"
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-smf
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-smf
+ baseAppp: {{ .Values.baseApp }}
+ #annotations:
+ # k8s.v1.cni.cncf.io/networks: '[{
+ # "name": "ovn-networkobj",
+ # "namespace": "default",
+ # "interface": "net4"
+ # }]'
+ #k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [{ "name": "ovn-pfcp-net", "interface": "net1", "defaultGateway": "false" }]}'
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ hostname: {{ .Values.hostname }}
+ subdomain: {{ .Values.subdomain }}
+ initContainers:
+ - name: init-myservice1
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until wget -qO- $nrfUri &> /dev/null; do echo waiting for $nrfUri; sleep 2; done"]
+ env:
+ - name: nrfUri
+ value: {{ .Values.configuration.nrfUri }}
+ - name: init-myservice2
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until ping -q -c 2 $UPFIP &> /dev/null; do echo waiting for upf: $UPFIP; sleep 2; done"]
+ env:
+ - name: UPFIP
+ value: {{ .Values.userplane_information.up_nodes.UPF.node_id }}
+ containers:
+ - name: free5g-304-smf
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./smf"]
+ args:
+ - -smfcfg
+ - ../config/smfcfg.conf
+ - -uerouting
+ - ../config/uerouting.yaml
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-smf-config
+ mountPath: /free5gc/config
+ - name: f5gc-smf-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: if-sbi
+ protocol: TCP
+ - containerPort: 8805
+ name: if-n4
+ protocol: UDP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-smf-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-smf-cert
+ secret:
+ secretName: f5gc-smf-tls-secret
+ - name: f5gc-smf-config
+ configMap:
+ name: f5gc-smf-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-smf-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-smf-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-smf
+ name: f5gc-smf
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-smf-sbi
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ - name: f5gc-smf-n4
+ port: 8805
+ protocol: UDP
+ targetPort: 8805
+ selector:
+ app: f5gc-smf
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+pfcp:
+ #addr: free5g-smf-f5gc-smf-0.f5gc-smf.default.svc.cluster.local
+ addr: f5gc-smf.free5g.prioslice.svc.cluster.local
+
+sNssaiInfos:
+ sNssai:
+ sst: 2
+ sd: "010203"
+ dnnInfos:
+ dnn: internet
+ ueSubnet: 172.16.2.0/24
+
+userplane_information:
+ up_nodes:
+ gNB1:
+ type: AN
+ an_ip: 172.16.34.2
+ UPF:
+ type: UPF
+ #node_id: free5g-upf-f5gc-upf-0.f5gc-upf.default.svc.cluster.local
+ node_id: f5gc-upf.free5g.prioslice.svc.cluster.local
+ sNssaiUpfInfos:
+ - sNssai:
+ sst: 2
+ sd: "010203"
+ dnnUpfInfoList:
+ - dnn: internet
+ - sNssai:
+ sst: 2
+ sd: 10203
+ dnnUpfInfoList:
+ - dnn: internet
+ interfaces:
+ - interfaceType: N3
+ endpoints:
+ - 172.16.34.4
+ networkInstance: internet
+ links:
+ - A: gNB1
+ B: UPF
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32502
+ nodePort: 32502
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-smf
+ nrfUri: http://f5gc-nrf:32511
+
+mongodb:
+ url: mongodb://f5gc-mongodb.default:27017
+
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+pfcp:
+ #addr: free5g-smf-f5gc-smf-0.f5gc-smf.default.svc.cluster.local
+ addr: f5gc-smf.free5g.default.svc.cluster.local
+
+sNssaiInfos:
+ sNssai:
+ sst: 1
+ sd: "010203"
+ dnnInfos:
+ dnn: internet
+ ueSubnet: 172.16.1.0/24
+
+userplane_information:
+ up_nodes:
+ gNB1:
+ type: AN
+ an_ip: 172.16.34.2
+ UPF:
+ type: UPF
+ #node_id: free5g-upf-f5gc-upf-0.f5gc-upf.default.svc.cluster.local
+ node_id: f5gc-upf.free5g.default.svc.cluster.local
+ sNssaiUpfInfos:
+ - sNssai:
+ sst: 1
+ sd: "010203"
+ dnnUpfInfoList:
+ - dnn: internet
+ - sNssai:
+ sst: 1
+ sd: 10203
+ dnnUpfInfoList:
+ - dnn: internet
+ interfaces:
+ - interfaceType: N3
+ endpoints:
+ - 172.16.34.3
+ networkInstance: internet
+ links:
+ - A: gNB1
+ B: UPF
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32502
+ nodePort: 32502
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-smf
+ nrfUri: http://f5gc-nrf:32510
+
+mongodb:
+ url: mongodb://f5gc-mongodb:27017
+
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+baseApp: free5g
+hostname: f5gc-smf
+subdomain: free5g
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+pfcp:
+ addr: f5gc-smf.free5g.default.svc.cluster.local
+
+userplane_information:
+ up_nodes:
+ gNB1:
+ type: AN
+ an_ip: 172.16.34.2
+ UPF1:
+ type: UPF
+ node_id: f5gc-upf.free5g.default.svc.cluster.local
+ links:
+ - A: gNB1
+ B: UPF1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 80
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector:
+ kubernetes.io/hostname: kube-two
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-udm
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAo544dewlx0hksbXlgVVw0kZ2xdUehMDlgwQaQQOO8tntQ3lG
+H+3UeI2K8QUjrc9DlqkEkzLz7yLQDIFtXV063DWlH521xOTCbsU3iYjb+pZ0uRLV
+oRsrIflt8LQW3rELnOStI9crni5qd3gV6FT1Tr7puv2UDy8rIE32fbnVr1HvWWw5
+uSAmE3MRaS6DlO08/DQ/oto63ZFqxjc/x0lbJN3qGB5epgbVxTc1Q+VekPx7qMhj
+VkTZWueo6DZkiGg0qAI1cN6OI8yjM4yH34DQF2eQjJbTELH5rrrs/2LWJSXnvrXe
+tfxkuzvivUCF6xecU5SMMV117Q+4VheA9s/7xwIDAQABAoIBAFgZYZ1dQhpDyLRH
+lQRG1TDj8CAl2QDyPKKHGvvWxqnM3gxuyGt4y+b9j8qnUcbMyz/cUjJQRTiGLjAN
+oK2c/YyE9hxH9w/FfUvXtUfBAXG0gbUFhzHwRxFMFP5+ebH+8pnQJ8ocmcfahkk9
+x84JsOxtr7yXvZlPdJE4aXjZD04Om7++sOsds3MjfnGkBZ/17ke4nGsSYB78oxhN
+M1ILWBQS1YgfSWe+mcV4rxh0vp3R9aQIo7OCfC0RtprCeSNLr9dgiMJbNaAa5hf9
+F80i0+4l9R0OpMvkttHX5olID1+3p45pY0EHKAf+M2KaqiOHZQtnJ9DS0HkRw0LZ
+f3pYxQECgYEAzxWmJKt46H4Gj+PcC6UXfqRLfHKZ2NvJ1VU3RlM/Y22Yi+PFWKjp
+eVwdZMNh9k87vDoP/gipRX2mSRZW9efZJQNMEV/v1KoQCAvsQsSlhsMV6QbBaLZG
+gaMMFfpK1oX19mpXB8dWIe66vGpr5ahirvfdo07gACd5/WygDE7uNhcCgYEAykQp
+jWiMfvwoEbRuGWyWjeZW4tmNqiMACdPGuVQDKXUlYMtwv9RQmK5g/g1056D8rLOB
+nGhvENIR0MjtZAXMRGBmSAcnT3n3D+dbNS/J7PxhLz+ysi8r5ibaexTGGpxK4INQ
+uX112cIv0NRh+BVPl0T93YJ6bsd731NZYDLvpdECgYEAsUMj0/Hf7ouqTFNNEb7A
+7MvwPdfPb707+NwYE5/A+/hdgyl2zVzRdevu0UkaOwA57vZ4qAh79RsIUznHOHm8
++5zl6V2I6y6jyG+ETucLld66i50Xw+17Tw7lko6MrzM+hy8hzmvIhAVZXV1vfMf1
+qTZNR7SFtDwWhWMNYVvTNwMCgYA4HjdFI5evd7iKSPwvE6Cl2B2NLP0QEkvlbht5
+ueRysSzgsTEkF/0Qj3kbo5Im3dSc+eThB1yhVxdYTRcIJE+rPO/D1jBC7bztbawx
+koO8u70fBdZHd6z/WxJNCdN4+JoRtn1EKZn0A9uOXg6cbRU7DAo/Vf8wEyq8KHzo
+otk4sQKBgDsU0OoLpdFAdNSloipTw+Tvzlznm2OMOhD/AmUt/6xkiPFh8uFytZPW
+a/IxP7FmQDo34OFO6fDomRs83/uUQ/ToC3fyYKs1/DAOF3Cr3COOPzvWHAzfJI9V
+9t/QhoSSnms4XHVEQDdoD/srefNuReaED7tXnLJ+BXhZbNiGryVJ
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIID7TCCAtWgAwIBAgIUfjRzF91Mkg/m/bXUK3kIJ1QH/FkwDQYJKoZIhvcNAQEL
+BQAwgYUxCzAJBgNVBAYTAlRXMRcwFQYDVQQIDA5Ic2luY2h1IENvdW50eTEVMBMG
+A1UEBwwMSHNpbmNodSBjaXR5MQ0wCwYDVQQKDAROQ1RVMREwDwYDVQQLDAhXSVJF
+IExBQjEkMCIGCSqGSIb3DQEJARYVZnJlZTVnYy5vcmdAZ21haWwuY29tMB4XDTE5
+MDcyOTA3NDg1OVoXDTI5MDcyNjA3NDg1OVowgYUxCzAJBgNVBAYTAlRXMRcwFQYD
+VQQIDA5Ic2luY2h1IENvdW50eTEVMBMGA1UEBwwMSHNpbmNodSBjaXR5MQ0wCwYD
+VQQKDAROQ1RVMREwDwYDVQQLDAhXSVJFIExBQjEkMCIGCSqGSIb3DQEJARYVZnJl
+ZTVnYy5vcmdAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAo544dewlx0hksbXlgVVw0kZ2xdUehMDlgwQaQQOO8tntQ3lGH+3UeI2K8QUj
+rc9DlqkEkzLz7yLQDIFtXV063DWlH521xOTCbsU3iYjb+pZ0uRLVoRsrIflt8LQW
+3rELnOStI9crni5qd3gV6FT1Tr7puv2UDy8rIE32fbnVr1HvWWw5uSAmE3MRaS6D
+lO08/DQ/oto63ZFqxjc/x0lbJN3qGB5epgbVxTc1Q+VekPx7qMhjVkTZWueo6DZk
+iGg0qAI1cN6OI8yjM4yH34DQF2eQjJbTELH5rrrs/2LWJSXnvrXetfxkuzvivUCF
+6xecU5SMMV117Q+4VheA9s/7xwIDAQABo1MwUTAdBgNVHQ4EFgQUKIlDmYIRzDmi
+0LELxqiOtUccCbowHwYDVR0jBBgwFoAUKIlDmYIRzDmi0LELxqiOtUccCbowDwYD
+VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEARL2nK9jNzjXCgDU5m/nh
+UmseSK4VtrxHCcyP5Mvt6uAyIdgb5bPoOUXn36/4cTvJHnpttzarnxyxsZKcKRvK
+PrQs+yPGDCH46g6XCq/zHK4k5BemQapwUjXvcPW4+7E6EqzjWhY7/Dz7///Z3UpV
+RFoEFb1YYlM7Fl4tY1XLDNFsKGTcHL0gNMSbNKuYbVl4LufFshxOhPhh/p0YMtAu
+q5p3WIWawOLWMpzR9CHb7GW7m5v+nis2SUTyNR+2EWCN6htybLt7mNF4Be+xdgcy
+aDZ/Bcc/LyCsBoHujco6XxHb3AFURPOqF8GPppFl0kSDW/oSftiGZT70mFcZvAIu
+BA==
+-----END CERTIFICATE-----
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-udm-config
+data:
+ udmcfg.conf: |
+ info:
+ version: 1.0.0
+ description: UDM initial local configuration
+
+ configuration:
+ serviceNameList:
+ - nudm-sdm
+ - nudm-uecm
+ - nudm-ueau
+ - nudm-ee
+ - nudm-pp
+ sbi:
+ scheme: {{ .Values.configuration.sbi.scheme }}
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }} # Can also be a kubernetes service IP or domain name.
+ bindingIPv4: 0.0.0.0 # Can also be an ENV.
+ port: {{ .Values.service.port }}
+ tls:
+ log: free5gc/udmsslkey.log
+ pem: free5gc/support/TLS/udm.pem
+ key: free5gc/support/TLS/udm.key
+ nrfUri: {{ .Values.configuration.nrfUri }}
+
+ # test data set from TS33501-f60 Annex C.4
+ # udmProfileAHNPublicKey: 5a8d38864820197c3394b92613b20b91633cbd897119273bf8e4a6f4eec0a650
+ # udmProfileAHNPrivateKey: c53c22208b61860b06c62e5406a7b330c2b577aa5558981510d128247d38bd1d
+ # udmProfileBHNPublicKey: 0472DA71976234CE833A6907425867B82E074D44EF907DFB4B3E21C1C2256EBCD15A7DED52FCBB097A4ED250E036C7B9C8C7004C4EEDC4F068CD7BF8D3F900E3B4
+ # udmProfileBHNPrivateKey: F1AB1074477EBCC7F554EA1C5FC368B1616730155E0041AC447D6301975FECDA
+ keys:
+ udmProfileAHNPublicKey: 5a8d38864820197c3394b92613b20b91633cbd897119273bf8e4a6f4eec0a650
+ udmProfileAHNPrivateKey: c53c22208b61860b06c62e5406a7b330c2b577aa5558981510d128247d38bd1d
+ udmProfileBHNPublicKey: 0472DA71976234CE833A6907425867B82E074D44EF907DFB4B3E21C1C2256EBCD15A7DED52FCBB097A4ED250E036C7B9C8C7004C4EEDC4F068CD7BF8D3F900E3B4
+ udmProfileBHNPrivateKey: F1AB1074477EBCC7F554EA1C5FC368B1616730155E0041AC447D6301975FECDA
+
+ free5GC.conf: |
+ db_uri: {{ .Values.mongodb.url }}/free5gc
+
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #debug
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: debug
+ ReportCaller: true
+ SMF:
+ debugLevel: debug
+ ReportCaller: true
+ UDR:
+ debugLevel: debug
+ ReportCaller: true
+ UDM:
+ debugLevel: debug
+ ReportCaller: true
+ NRF:
+ debugLevel: debug
+ ReportCaller: true
+ PCF:
+ debugLevel: debug
+ ReportCaller: true
+ AUSF:
+ debugLevel: debug
+ ReportCaller: true
+ N3IWF:
+ debugLevel: debug
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: debug
+ ReportCaller: true
+ FSM:
+ debugLevel: debug
+ ReportCaller: true
+ NGAP:
+ debugLevel: debug
+ ReportCaller: true
+ NamfComm:
+ debugLevel: debug
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: debug
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: debug
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: debug
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: debug
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: debug
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: debug
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-udm-tls-secret
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/udm.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/udm.key").AsSecrets . | indent 2 }}
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: f5gc-udm
+ labels:
+ app: f5gc-udm
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-udm
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-udm
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ initContainers:
+ - name: init-myservice
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until wget -qO- $nrfUri &> /dev/null; do echo waiting for $nrfUri; sleep 2; done"]
+ env:
+ - name: nrfUri
+ value: {{ .Values.configuration.nrfUri }}
+ containers:
+ - name: free5g-304-udm
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./udm"]
+ args:
+ - -udmcfg
+ - ../config/udmcfg.conf
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-udm-config
+ mountPath: /free5gc/config
+ - name: f5gc-udm-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: f5gc-udm
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-udm-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-udm-cert
+ secret:
+ secretName: f5gc-udm-tls-secret
+ - name: f5gc-udm-config
+ configMap:
+ name: f5gc-udm-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-udm-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-udm-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-udm
+ name: f5gc-udm
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-udm
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ selector:
+ app: f5gc-udm
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32503
+ nodePort: 32503
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-udm
+ nrfUri: http://f5gc-nrf:32510
+
+mongodb:
+ url: mongodb://f5gc-mongodb:27017
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-udr
+version: 0.1.0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyL2vLO4vrQu2gGMsnjJ+ECkB0ThuA4CmhEktmhZx7uQCrDoX
+JG+qNgA5Xx5g/iM8otHB14X4CQB0ghjDSlw6z/M+eCL6fQaqjFkhrXj+LPeqNnWU
+ICDRxzYkyxnZ795yrs2HaQMnI053HRuuX4qssD31MTrlsoCXYQJrXP9yEZ9CaKMN
+QvDe1ZEhHx8odb0dvSTpXrdt8gv52Ro7c3Pt+igkuCOCRnOWiEUxcGIpNVad5nMF
+BMg6d8ILmoZCbof6DAneoDAsUYkh5BvKwUkQuRLWrRnU0zgw6QQfgQiYiz0DzQt8
+JqLOq+f8XsMQM/dFnsDEha1iSNf14mcZQd7N/wIDAQABAoIBAAtBr8AKPzwp6vr6
+FLduR2lqk0KDMpAZt7y1ScxZM9xchtXXkBKn/Fh43L67ul6l5TGQJ5mJVqZSkzX0
+Y4cY8udUUY11EKzQIeIq4VuT7FTjMnVJVJwUmw7bt2Z4NaNgyveIaO53kctGDCHi
+un17DkH3x3cSQW0oDtUOyKx3WpMoTKhAInnlI9lcS4rTNP2yJIUgZFd133EhnFuX
+SabzGkACR27Qyf66kReRRMKpqKn0sbpTQ/CyFZCiCTeKFzEsWMKlSyQ20Hg3NTil
+XG+cRSdajsM7lxXAQJka/qs4u/Nigst1qdn36rXt/vQq/smN062jkJr0x/UySjKc
+4LJ8T1kCgYEA5xw8k+wvPc4I83G0LxBIEqrbYv+4C4Zl+YWIPEnLAzrIpjuX5LzH
+ENt7mELCufZ8T9dOxbLyg9MhNQTICKDCcteuu4KPegrEMBYxBzyxrx18Uj3UfhYq
+ZDX+NFsZql+3wqrN5QzFfimYkz8+zzos3Ox1gtXJjEukuWNb4HUjoVMCgYEA3lwo
+bROhiJ0U5etc6m0cSBMhFuzzD7vkl2eWXk00FV8iyiFqMRxoehog2/yfaWvCJ6za
+HFpmuiVRXeTa8cHSfVA3WMnCpI0l80cD1ej93gvmVuRGXJDvivwxwBVTgdczLr7f
+qsVQRo7wZxdwiw46VhCYs4tuU2DdvHfdFd/07yUCgYEAmB9L+IokZmgyGBwl4Dy1
+VCRGmBl+iYeDpASzMgvYp12QKWtcheGEnqH57rUy+7k1BlDQtu0dGIxmdUGacaNv
+mqxBhYdg7ZIcpRJWX08iHgQoivHL5tqsOJ4Zn1i/wheTG33WXQhVDsBOf83HiBvg
+3+J9TwttyP0ZhjXSiiJQu6UCgYEAsCtNsBW0jjr9uqd9pxGpLYVSWwqCDD4t/rKI
+VNBP6nrEYmaU7rH2KH8Y95GvbuN8INj2uS36Y5J7Y6uUt6N7M+Ng5kx7lMlrftIN
+vOVqdQjyhnc3M9F0p6XleKysy5sHJwr8xByt3CkVWGget10fZN6jTOS0FQUSyGYi
+2Fjmgq0CgYBiaeY8rABQ1Cpthe7BeqA6NyY+t8Vw4wuuD80G49yZuiHz5pNECBDa
+Do9P1RNU008byaKCphIJFpOeAGeyAlg3sRzj9RMkY3fTuOU2cq6ICxx33Y3TCiBe
+CqD+1jxyqTFWNIP1y+LiBGFjo4XzYXP8KHbVwtdth7BDSnTxuvFatQ==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDYDCCAkigAwIBAgIJAIYfrQTLTPZiMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzIyMTM1MDU5WhcNMjkwNzE5MTM1MDU5WjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAyL2vLO4vrQu2gGMsnjJ+ECkB0ThuA4CmhEktmhZx7uQCrDoXJG+qNgA5
+Xx5g/iM8otHB14X4CQB0ghjDSlw6z/M+eCL6fQaqjFkhrXj+LPeqNnWUICDRxzYk
+yxnZ795yrs2HaQMnI053HRuuX4qssD31MTrlsoCXYQJrXP9yEZ9CaKMNQvDe1ZEh
+Hx8odb0dvSTpXrdt8gv52Ro7c3Pt+igkuCOCRnOWiEUxcGIpNVad5nMFBMg6d8IL
+moZCbof6DAneoDAsUYkh5BvKwUkQuRLWrRnU0zgw6QQfgQiYiz0DzQt8JqLOq+f8
+XsMQM/dFnsDEha1iSNf14mcZQd7N/wIDAQABo1MwUTAdBgNVHQ4EFgQUE/jHBVVy
+PlHey2lIv8CS9sIXHS4wHwYDVR0jBBgwFoAUE/jHBVVyPlHey2lIv8CS9sIXHS4w
+DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAZusdlEbXhDdmwZDN
+gBlO7oVV6kuWUR3v2udzFZN4EzP2qnf2JRkiMOnIn9l+NOcQVarGzI5+aZs4GbLr
+fGi6QOlu5zQ9rWR4kn2rSeIHhRMsYHtl/w+Dm3V/cV1u0ANcIfo1sVl1FTSEMwIl
+Xr/OZOtUgWwuRw4hwl2OaMDrK3Z2jTCtHONInRVKuyySqYgR6ZMJFKiKSfYYxSl9
++i1bYCG5tVR1jZe5xvrF8gAABU+b24MJHGJfcXvSn8Z5JxgqRDX/cfKi1g27wewJ
+p5PRv659sSaHrk5yUTCar8s9zdNnaAkqtBmru0JxBkzEMN2mCoubwxyq1QVAI7u2
+yEIc7A==
+-----END CERTIFICATE-----
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-udr-config
+data:
+ udrcfg.conf: |
+ info:
+ version: 1.0.0
+ description: UDR initial local configuration
+
+ configuration:
+ sbi:
+ scheme: {{ .Values.configuration.sbi.scheme }}
+ registerIPv4: {{ .Values.configuration.sbi.registerIPv4 }} # Can also be a kubernetes service IP or domain name.
+ bindingIPv4: 0.0.0.0 # Can also be an ENV.
+ port: {{ .Values.service.port }}
+ mongodb:
+ name: free5gc
+ url: {{ .Values.configuration.mongodb.url }}
+ nrfUri: {{ .Values.configuration.nrfUri }}
+
+ free5GC.conf: |
+ db_uri: {{ .Values.configuration.mongodb.url }}/free5gc
+
+ #all logging levels
+ #panic
+ #fatal
+ #error
+ #warn
+ #debug
+ #debug
+ #trace
+ logger:
+ # network function
+ AMF:
+ debugLevel: debug
+ ReportCaller: true
+ SMF:
+ debugLevel: debug
+ ReportCaller: true
+ UDR:
+ debugLevel: debug
+ ReportCaller: true
+ UDM:
+ debugLevel: debug
+ ReportCaller: true
+ NRF:
+ debugLevel: debug
+ ReportCaller: true
+ PCF:
+ debugLevel: debug
+ ReportCaller: true
+ AUSF:
+ debugLevel: debug
+ ReportCaller: true
+ N3IWF:
+ debugLevel: debug
+ ReportCaller: true
+ # library
+ NAS:
+ debugLevel: debug
+ ReportCaller: true
+ FSM:
+ debugLevel: debug
+ ReportCaller: true
+ NGAP:
+ debugLevel: debug
+ ReportCaller: true
+ NamfComm:
+ debugLevel: debug
+ ReportCaller: true
+ NamfEventExposure:
+ debugLevel: debug
+ ReportCaller: true
+ NsmfPDUSession:
+ debugLevel: debug
+ ReportCaller: true
+ NudrDataRepository:
+ debugLevel: debug
+ ReportCaller: true
+ OpenApi:
+ debugLevel: debug
+ ReportCaller: true
+ Aper:
+ debugLevel: debug
+ ReportCaller: true
+ CommonConsumerTest:
+ debugLevel: debug
+ ReportCaller: true
+ # webui
+ WEBUI:
+ debugLevel: debug
+ ReportCaller: true
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: f5gc-udr-tls-secret
+ namespace: {{ .Release.Namespace }}
+type: Opaque
+data:
+ {{ tpl (.Files.Glob "resources/config/cert/udr.pem").AsSecrets . | indent 2 }}
+ {{ tpl (.Files.Glob "resources/config/cert/udr.key").AsSecrets . | indent 2 }}
+
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: f5gc-udr
+ labels:
+ app: f5gc-udr
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-udr
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-udr
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ initContainers:
+ - name: init-myservice
+ image: busybox:1.31.1
+ command: ['sh', '-c', "until wget -qO- $nrfUri &> /dev/null; do echo waiting for $nrfUri; sleep 2; done"]
+ env:
+ - name: nrfUri
+ value: {{ .Values.configuration.nrfUri }}
+ containers:
+ - name: free5g-304-udr
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./udr"]
+ args:
+ - -udrcfg
+ - ../config/udrcfg.conf
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-udr-config
+ mountPath: /free5gc/config
+ - name: f5gc-udr-cert
+ mountPath: /free5gc/support/TLS
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ name: f5gc-udr
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-udr-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-udr-cert
+ secret:
+ secretName: f5gc-udr-tls-secret
+ - name: f5gc-udr-config
+ configMap:
+ name: f5gc-udr-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-udr-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-udr-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-udr
+ name: f5gc-udr
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: f5gc-udr
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.port }}
+{{- if eq .Values.service.type "NodePort" }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+ selector:
+ app: f5gc-udr
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 32504
+ nodePort: 32504
+
+configuration:
+ sbi:
+ scheme: http
+ registerIPv4: f5gc-udr
+ mongodb:
+ url: mongodb://f5gc-mongodb:27017
+ nrfUri: http://f5gc-nrf:32510
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-upf
+version: 0.1.0
--- /dev/null
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-upf-config
+data:
+ upfcfg.yaml: |
+{{ .Values.upfcfg | toYaml | indent 4 }}
+
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ template "fullname" . }}
+ labels:
+ app: f5gc-upf
+ sliceidx: 6d3d79da-f781-4cd9-813a-dbdad01e01c0
+ annotations:
+ free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115'
+ free5gc.org/nsi-ids: '[
+ { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" },
+ ]'
+spec:
+ #serviceName: "f5gc-upf"
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-upf
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app: f5gc-upf
+ baseApp: {{.Values.baseApp}}
+{{- if eq .Values.helmInstallOvn false }}
+ annotations:
+ k8s.v1.cni.cncf.io/networks: '[{
+ "name": "ovn-networkobj",
+ "namespace": "default"
+ }]'
+ k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [{ "name": "gtpunetwork", "interface": "n3" }]}'
+{{- end }}
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ hostname: {{.Values.hostname}}
+ subdomain: {{.Values.subdomain}}
+ containers:
+ - name: free5g-304-upf
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command: ["./free5gc-upfd"]
+ args:
+ - -f
+ - ../config/upfcfg.yaml
+ securityContext:
+ privileged: false
+ capabilities:
+ add: ["NET_ADMIN", "NET_RAW", "NET_BIND_SERVICE", "SYS_TIME"]
+ volumeMounts:
+ - name: f5gc-upf-config
+ mountPath: /free5gc/config
+ - mountPath: /dev/net/tun
+ name: tun-devdir
+ ports:
+ - containerPort: 2152
+ name: if-n3
+ protocol: UDP
+ - containerPort: 8805
+ name: if-n4
+ protocol: UDP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-upf-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-upf-config
+ configMap:
+ name: f5gc-upf-config
+ - name: tun-devdir
+ hostPath:
+ path: /dev/net/tun
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ name: free5g
+spec:
+ selector:
+ baseApp: {{.Values.baseApp}}
+ clusterIP: None
+ ports:
+ - name: foo # Actually, no port is needed.
+ port: 1234
+ targetPort: 1234
+
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Release.Name }}-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-upf-sa
+ namespace: {{ .Release.Namespace }}
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-upf-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-upf
+ name: f5gc-upf
+spec:
+ type: ClusterIP
+ ports:
+ - name: f5gc-upf-n3
+ port: 2152
+ protocol: UDP
+ targetPort: 2152
+ - name: f5gc-upf-n4
+ port: 8805
+ protocol: UDP
+ targetPort: 8805
+ selector:
+ app: f5gc-upf
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+upfcfg:
+ info:
+ version: 1.0.0
+ description: UPF configuration
+
+ configuration:
+ # debugLevel: panic|fatal|error|warn|info|debug|trace
+ debugLevel: info
+
+ pfcp:
+ #- addr: free5g-upf-f5gc-upf-0.f5gc-upf.default.svc.cluster.local
+ - addr: f5gc-upf.free5g.prioslice.svc.cluster.local
+
+ gtpu:
+ - addr: 172.16.34.4
+ # [optional] gtpu.name
+ # - name: upf.5gc.nctu.me
+ # [optional] gtpu.ifname
+ # - ifname: gtpif
+
+ dnn_list:
+ - dnn: internet
+ cidr: 172.16.2.0/24
+ # [optional] apn_list[*].natifname
+ # natifname: eth0
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 80
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+upfcfg:
+ info:
+ version: 1.0.0
+ description: UPF configuration
+
+ configuration:
+ # debugLevel: panic|fatal|error|warn|info|debug|trace
+ debugLevel: info
+
+ pfcp:
+ #- addr: free5g-upf-f5gc-upf-0.f5gc-upf.default.svc.cluster.local
+ - addr: f5gc-upf.free5g.default.svc.cluster.local
+
+ gtpu:
+ - addr: 172.16.34.3
+ # [optional] gtpu.name
+ # - name: upf.5gc.nctu.me
+ # [optional] gtpu.ifname
+ # - ifname: gtpif
+
+ dnn_list:
+ - dnn: internet
+ cidr: 172.16.1.0/24
+ # [optional] apn_list[*].natifname
+ # natifname: eth0
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 80
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+
+tolerations: []
+
+affinity: {}
+
+baseApp: free5g
+hostname: f5gc-upf
+subdomain: free5g
+helmInstallOvn: false
--- /dev/null
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: f5gc-webui
+version: 0.1.0
--- /dev/null
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: f5gc-webui-config
+data:
+ webuicfg.yaml: |
+ info:
+ version: 1.0.0
+ description: WebUI initial local configuration
+
+ configuration:
+ mongodb:
+ name: free5gc
+ url: mongodb://f5gc-mongodb:27017
--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: f5gc-webui
+ labels:
+ app: f5gc-webui
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: f5gc-webui
+ strategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: f5gc-webui
+ #annotations:
+ #k8s.v1.cni.cncf.io/networks: '[{
+ # "name": "backbone",
+ # "namespace": "default",
+ # "interface": "netb",
+ # "ip": "1.1.1.150"
+ # }]'
+ spec:
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ nodeSelector:
+{{ .Values.nodeSelector | toYaml | indent 8 }}
+ containers:
+ - name: free5g-304-webui
+ image: free5gc-webui:3.0.5
+ imagePullPolicy: IfNotPresent
+ # imagePullPolicy: Always
+ command: ["./webui"]
+ securityContext:
+ privileged: false
+ volumeMounts:
+ - name: f5gc-webui-config
+ mountPath: /free5gc/config
+ ports:
+ - containerPort: 5000
+ name: f5gc-webui
+ protocol: TCP
+ - name: tcpdump
+ image: corfr/tcpdump
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sleep
+ - infinity
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ serviceAccountName: f5gc-webui-sa
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: f5gc-webui-config
+ configMap:
+ name: f5gc-webui-config
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: f5gc-webui-rbac
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: f5gc-webui-sa
+ namespace: default
--- /dev/null
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: f5gc-webui-sa
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: f5gc-webui
+ name: f5gc-webui
+spec:
+ type: NodePort
+ ports:
+ - name: f5gc-webui
+ port: 5000
+ protocol: TCP
+ targetPort: 5000
+ selector:
+ app: f5gc-webui
--- /dev/null
+# Default values for amf.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: nginx
+ tag: stable
+ pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: 80
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- /dev/null
+#! /bin/bash
+
+#for i in mongodb nrf udr udm ausf nssf amf pcf brupf upfa upfb
+for i in mongodb nrf udr udm ausf nssf amf pcf upf smf
+do
+ cd f5gc-$i && helm install free5g-$i ./
+ if [ $? -ne 0 ]; then
+ echo "failed to install $i"
+ exit 2
+ fi
+ cd ..
+ sleep 8
+ kubectl get pods -o wide | grep $i
+done
+
+kubectl get pods -o wide
+
--- /dev/null
+#! /bin/bash
+
+
+NS=(default prioslice)
+
+cpdp=${1:-"cplane"}
+
+if [ $cpdp == "cplane" ]; then
+ if [ $# -gt 1 ]; then
+ echo "Illegal parameters for cplane"
+ echo "$0 cplane"
+ exit 2
+ fi
+ NF_0=(mongodb nrf udr udm ausf nssf pcf)
+ NF_1=(nrf udr udm ausf pcf)
+ cPlaneIP=$(hostname -I | cut -f 1 -d " ")
+elif [ $cpdp == "dplane" ]; then
+ if [ $# -ne 2 ]; then
+ echo "Illegal parameters for dplane"
+ echo "$0 dplane <cplane_node_IP>"
+ exit 2
+ fi
+ NF_0=(amf upf smf)
+ NF_1=(upf smf)
+ dPlaneIP=$(hostname -I | cut -f 1 -d " ")
+ cPlaneIP=$2
+else
+ echo "Unknown Option $cpdp"
+ echo "Allowed options are: cplane dplane"
+ exit 2
+fi
+
+function check_status_exit {
+ if [ $? -ne 0 ]; then
+ echo "failed to install $2 in $1 namespace"
+ exit 2
+ fi
+ titr=10
+ for i in $(seq 1 $titr); do
+ sleep 1
+ kubectl get pods -n $1 | grep $2 | grep unning
+ if [ $? -eq 0 ]; then
+ echo "$2 running in $1 namespace"
+ return 0
+ fi
+ if [ $i -eq $titr ]; then
+ echo "$2 NF failed to run in the $1 namespace"
+ exit 2
+ fi
+ done
+}
+
+for f5gnf in ${NF_0[@]}; do
+ case "${f5gnf}" in
+ mongodb) echo "Installing mongodb"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set service.nodePort=32023 free5g-mongodb-${NS[0]} ./f5gc-mongodb/
+ check_status_exit ${NS[0]} mongodb
+ ;;
+ nrf) echo "Installing nrf in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${cPlaneIP} --set image.repository=registry.fi.intel.com/palaniap/free5gc-nrf --set image.tag=3.0.5 free5g-nrf-${NS[0]} f5gc-nrf/
+ check_status_exit ${NS[0]} nrf
+ ;;
+ udr) echo "Installing udr in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${cPlaneIP} --set image.repository=registry.fi.intel.com/palaniap/free5gc-udr --set image.tag=3.0.5 free5g-udr-${NS[0]} f5gc-udr/
+ check_status_exit ${NS[0]} udr
+ ;;
+ udm) echo "Installing udm in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${cPlaneIP} --set image.repository=registry.fi.intel.com/palaniap/free5gc-udm --set image.tag=3.0.5 free5g-udm-${NS[0]} f5gc-udm/
+ check_status_exit ${NS[0]} udm
+ ;;
+ ausf) echo "Installing ausf in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${cPlaneIP} --set image.repository=registry.fi.intel.com/palaniap/free5gc-ausf --set image.tag=3.0.5 free5g-ausf-${NS[0]} f5gc-ausf/
+ check_status_exit ${NS[0]} ausf
+ ;;
+ nssf) echo "Installing nssf in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${cPlaneIP} --set nssaiNrfUri1=http://${cPlaneIP}:32510 --set nssaiNrfUri2=http://${cPlaneIP}:32510 --set nssaiNrfUri3=http://${cPlaneIP}:32510 --set nssaiNrfUri4=http://${cPlaneIP}:32510 --set nssaiNrfUri5=http://${cPlaneIP}:32511 --set nssaiNrfUri6=http://${cPlaneIP}:32511 --set nssaiNrfUri7=http://${cPlaneIP}:32510 --set nssaiNrfUri8=http://${cPlaneIP}:32510 --set image.repository=registry.fi.intel.com/palaniap/free5gc-nssf --set image.tag=3.0.5 free5g-nssf-${NS[0]} f5gc-nssf/
+ check_status_exit ${NS[0]} nssf
+ ;;
+ pcf) echo "Installing pcf in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${cPlaneIP} --set image.repository=registry.fi.intel.com/palaniap/free5gc-pcf --set image.tag=3.0.5 free5g-pcf-${NS[0]} f5gc-pcf/
+ check_status_exit ${NS[0]} pcf
+ ;;
+ amf) echo "Installing amf in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${dPlaneIP} --set configuration.nrfUri=http://${cPlaneIP}:32510 --set configuration.mongodb.url=http://${cPlaneIP}:32017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-amf --set image.tag=3.0.5 free5g-amf-${NS[0]} ./f5gc-amf/
+ check_status_exit ${NS[0]} amf
+ ;;
+ upf) echo "Installing upf in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set image.repository=registry.fi.intel.com/palaniap/free5gc-upf --set image.tag=3.0.5 free5g-upf-${NS[0]} ./f5gc-upf/
+ check_status_exit ${NS[0]} upf
+ ;;
+ smf) echo "Installing smf in ${NS[0]} namespace"
+ helm install --namespace ${NS[0]} --set service.type=NodePort --set configuration.sbi.registerIPv4=${dPlaneIP} --set configuration.nrfUri=http://${cPlaneIP}:32510 --set configuration.mongodb.url=http://${cPlaneIP}:32017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-smf --set image.tag=3.0.5 free5g-smf-${NS[0]} f5gc-smf/
+ check_status_exit ${NS[0]} smf
+ ;;
+ esac
+done
+
+# prioslice namespace *******************
+
+for f5gnf in ${NF_1[@]}; do
+ case "${f5gnf}" in
+ nrf) echo "Installing nrf in ${NS[1]} namespace"
+ helm install --namespace ${NS[1]} --set service.type=NodePort --set service.port=32511 --set service.nodePort=32511 --set configuration.sbi.registerIPv4=${cPlaneIP} --set configuration.MongoDBUrl=mongodb://f5gc-mongodb.default:27017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-nrf --set image.tag=3.0.5 free5g-nrf-${NS[1]} f5gc-nrf/
+ check_status_exit ${NS[1]} nrf
+ ;;
+ udr) echo "Installing udr in ${NS[1]} namespace"
+ helm install --namespace ${NS[1]} --set service.type=NodePort --set service.port=32505 --set service.nodePort=32505 --set configuration.sbi.registerIPv4=${cPlaneIP} --set configuration.nrfUri=http://f5gc-nrf:32511 --set configuration.mongodb.url=mongodb://f5gc-mongodb.default:27017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-udr --set image.tag=3.0.5 free5g-udr-${NS[1]} f5gc-udr/
+ check_status_exit ${NS[1]} udr
+ ;;
+ udm) echo "Installing udm in ${NS[1]} namespace"
+ helm install --namespace ${NS[1]} --set service.type=NodePort --set service.port=32502 --set service.nodePort=32502 --set configuration.sbi.registerIPv4=${cPlaneIP} --set configuration.nrfUri=http://f5gc-nrf:32511 --set configuration.mongodb.url=mongodb://f5gc-mongodb.default:27017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-udm --set image.tag=3.0.5 free5g-udm-${NS[1]} f5gc-udm/
+ check_status_exit ${NS[1]} udm
+ ;;
+ ausf) echo "Installing ausf in ${NS[1]} namespace"
+ helm install --namespace ${NS[1]} --set service.type=NodePort --set service.port=32508 --set service.nodePort=32508 --set configuration.sbi.registerIPv4=${cPlaneIP} --set configuration.nrfUri=http://f5gc-nrf:32511 --set configuration.mongodb.url=mongodb://f5gc-mongodb.default:27017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-ausf --set image.tag=3.0.5 free5g-ausf-${NS[1]} f5gc-ausf/
+ check_status_exit ${NS[1]} ausf
+ ;;
+ pcf) echo "Installing pcf in ${NS[1]} namespace"
+ helm install --namespace ${NS[1]} --set service.type=NodePort --set service.port=32590 --set service.nodePort=32590 --set configuration.sbi.registerIPv4=${cPlaneIP} --set configuration.nrfUri=http://f5gc-nrf:32511 --set configuration.mongodb.url=mongodb://f5gc-mongodb.default:27017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-pcf --set image.tag=3.0.5 free5g-pcf-${NS[1]} f5gc-pcf/
+ check_status_exit ${NS[1]} pcf
+ ;;
+ upf) echo "Installing amf in ${NS[1]} namespace"
+ helm install --namespace ${NS[1]} -f f5gc-upf/values-prio.yaml --set image.repository=registry.fi.intel.com/palaniap/free5gc-upf --set image.tag=3.0.5 free5g-upf-${NS[1]} ./f5gc-upf/
+ check_status_exit ${NS[1]} upf
+ sleep 10
+ ;;
+ smf) echo "Installing smf in ${NS[1]} namespace"
+ helm install --namespace ${NS[1]} -f f5gc-smf/values-prio.yaml --set service.type=NodePort --set service.port=32505 --set service.nodePort=32505 --set configuration.sbi.registerIPv4=${dPlaneIP} --set configuration.nrfUri=http://${cPlaneIP}:32511 --set configuration.mongodb.url=http://${cPlaneIP}:32017 --set image.repository=registry.fi.intel.com/palaniap/free5gc-smf --set image.tag=3.0.5 free5g-smf-${NS[1]} f5gc-smf/
+ check_status_exit ${NS[1]} smf
+ ;;
+ esac
+done
+
+kubectl get pods -o wide -n ${NS[0]}
+
+kubectl get pods -o wide -n ${NS[1]}
+
--- /dev/null
+#! /bin/bash
+
+NS=(default prioslice)
+cpdp=${1:-"cplane"}
+
+
+if [ $cpdp == "cplane" ]; then
+ NF_0=(pcf nssf ausf udm udr nrf mongodb)
+ NF_1=(pcf ausf udm udr nrf)
+elif [ $cpdp == "dplane" ]; then
+ NF_0=(smf upf amf)
+ NF_1=(smf upf)
+else
+ echo "Unknown Option $cpdp"
+ echo "Allowed options are: cplane dplane"
+ exit 2
+fi
+
+for i in ${NF_1[@]}
+do
+ helm uninstall free5g-$i-${NS[1]} --namespace ${NS[1]}
+ sleep 5
+done
+
+for i in ${NF_0[@]}
+do
+ helm uninstall free5g-$i-${NS[0]} --namespace ${NS[0]}
+ sleep 5
+done
+kubectl get pods -o wide -n ${NS[1]}
+kubectl get pods -o wide -n ${NS[0]}