Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 1 | .. |
| 2 | SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org> |
| 3 | SPDX-License-Identifier: Apache-2.0 |
| 4 | |
| 5 | BESS UPF Deployment |
| 6 | =================== |
| 7 | |
Hyunsun Moon | b9c7dde | 2021-08-01 06:11:08 -0700 | [diff] [blame] | 8 | This section describes how to configure and deploy BESS UPF. |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 9 | |
| 10 | |
Hyunsun Moon | b9c7dde | 2021-08-01 06:11:08 -0700 | [diff] [blame] | 11 | Network Settings |
| 12 | ---------------- |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 13 | |
| 14 | BESS UPF requires three networks, **enb**, **access**, and **core**, and all |
| 15 | three networks must use different subnets. To help your understanding, |
| 16 | the following example ACE environment will be used in the rest of the guide. |
| 17 | |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 18 | .. image:: images/bess-upf-example-network.svg |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 19 | |
Hyunsun Moon | 279a948 | 2021-08-01 06:48:54 -0700 | [diff] [blame] | 20 | +-----------+-----------+------------------------------------+-------------------+---------------+ |
| 21 | | Network | VLAN | Subnet | Interface | IP address | |
| 22 | +-----------+-----------+------------------------------------+-------------------+---------------+ |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 23 | | eNB | 2 | 192.168.2.0/24 (gw: 192.168.2.254) | mgmt server VLAN2 | 192.168.2.254 | |
Hyunsun Moon | 279a948 | 2021-08-01 06:48:54 -0700 | [diff] [blame] | 24 | | | | +-------------------+---------------+ |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 25 | | | | | eNB | 192.168.2.10 | |
Hyunsun Moon | 279a948 | 2021-08-01 06:48:54 -0700 | [diff] [blame] | 26 | +-----------+-----------+------------------------------------+-------------------+---------------+ |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 27 | | access | 3 | 192.168.3.0/24 (gw: 192.168.3.254) | mgmt server VLAN3 | 192.168.3.254 | |
Hyunsun Moon | 279a948 | 2021-08-01 06:48:54 -0700 | [diff] [blame] | 28 | | | | +-------------------+---------------+ |
| 29 | | | | | upf access | 192.168.3.1 | |
| 30 | +-----------+-----------+------------------------------------+-------------------+---------------+ |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 31 | | core | 4 | 192.168.4.0/24 (gw: 192.168.4.254) | mgmt server VLAN4 | 192.168.4.254 | |
Hyunsun Moon | 279a948 | 2021-08-01 06:48:54 -0700 | [diff] [blame] | 32 | | | | +-------------------+---------------+ |
| 33 | | | | | upf core | 192.168.4.1 | |
| 34 | +-----------+-----------+------------------------------------+-------------------+---------------+ |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 35 | |
| 36 | .. note:: |
| 37 | |
| 38 | Management plane and out-of-band network are not depicted in the diagram. |
| 39 | |
| 40 | |
| 41 | Note that the management server has the only external routable address and acts as a router for |
| 42 | all networks in the Aether pod. |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 43 | So in order for UE to access the Internet, two things need to be done in the management server. |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 44 | |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 45 | * For outgoing traffic, masquerade the internal address with the external address of the management server. |
Hyunsun Moon | b9c7dde | 2021-08-01 06:11:08 -0700 | [diff] [blame] | 46 | * For response traffic to UE, forward them to UPF's **core** interface. |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 47 | |
| 48 | |
| 49 | Check Cluster Resources |
| 50 | ----------------------- |
| 51 | |
| 52 | Before proceeding with the deployment, make sure the cluster has enough resources to run BESS UPF. |
| 53 | |
| 54 | * 2 dedicated cores (``"cpu"``) |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 55 | * 2 1GiB HugePages (``"hugepages-1Gi"``) |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 56 | * 2 SRIOV Virtual Functions bound to **vfio-pci** driver (``"intel.com/intel_sriov_vfio"``) |
| 57 | |
| 58 | In fact, these requirements are not mandatory to run BESS UPF, but are recommended for best performance. |
| 59 | You can use the following command to check allocatable resources in the cluster nodes. |
| 60 | |
| 61 | .. code-block:: shell |
| 62 | |
Hyunsun Moon | 53a18a7 | 2021-08-10 16:57:32 -0700 | [diff] [blame] | 63 | $ kubectl get nodes -o json | jq '.items[].status.allocatable' |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 64 | { |
| 65 | "cpu": "95", |
| 66 | "ephemeral-storage": "1770223432846", |
| 67 | "hugepages-1Gi": "32Gi", |
| 68 | "intel.com/intel_sriov_netdevice": "32", |
| 69 | "intel.com/intel_sriov_vfio": "32", |
| 70 | "memory": "360749956Ki", |
| 71 | "pods": "110" |
| 72 | } |
| 73 | |
| 74 | |
Hyunsun Moon | b9c7dde | 2021-08-01 06:11:08 -0700 | [diff] [blame] | 75 | Configure and Deploy |
| 76 | -------------------- |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 77 | |
| 78 | Download ``aether-app-configs`` if you don't have it already in your development machine. |
| 79 | |
| 80 | .. code-block:: shell |
| 81 | |
| 82 | $ cd $WORKDIR |
| 83 | $ git clone "ssh://[username]@gerrit.opencord.org:29418/aether-app-configs" |
| 84 | |
Hyunsun Moon | b9c7dde | 2021-08-01 06:11:08 -0700 | [diff] [blame] | 85 | Move the directory to ``apps/bess-upf/upf1`` and create a Helm values file for the new cluster as shown below. |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 86 | Don't forget to replace the IP addresses in the example configuration with the addresses of the actual cluster. |
| 87 | |
Hyunsun Moon | 2b2bf9a | 2021-08-01 05:29:48 -0700 | [diff] [blame] | 88 | .. code-block:: yaml |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 89 | |
| 90 | $ cd $WORKDIR/aether-app-configs/apps/bess-upf/upf1 |
| 91 | $ mkdir overlays/prd-ace-test |
| 92 | $ vi overlays/prd-ace-test/values.yaml |
| 93 | # SPDX-FileCopyrightText: 2020-present Open Networking Foundation <info@opennetworking.org> |
| 94 | |
| 95 | config: |
| 96 | upf: |
| 97 | enb: |
| 98 | subnet: "192.168.2.0/24" |
| 99 | access: |
| 100 | ip: "192.168.3.1/24" |
| 101 | gateway: "192.168.3.254" |
Hyunsun Moon | 6001f94 | 2021-08-01 10:35:04 -0700 | [diff] [blame] | 102 | vlan: 3 |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 103 | core: |
| 104 | ip: "192.168.4.1/24" |
| 105 | gateway: "192.168.4.254" |
Hyunsun Moon | 6001f94 | 2021-08-01 10:35:04 -0700 | [diff] [blame] | 106 | vlan: 4 |
Hyunsun Moon | ba65df2 | 2021-08-10 20:01:06 -0700 | [diff] [blame] | 107 | # Override SRIOV resource name when using a NIC other than Intel |
| 108 | #sriov: |
| 109 | # resourceName: "mellanox.com/mellanox_sriov_vfio" |
| 110 | # Add below when connecting to 5G core |
| 111 | #cfgFiles: |
| 112 | # upf.json: |
| 113 | # cpiface: |
| 114 | # dnn: "8internet" |
| 115 | # hostname: "upf" |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 116 | |
| 117 | |
Hyunsun Moon | b9c7dde | 2021-08-01 06:11:08 -0700 | [diff] [blame] | 118 | Update ``fleet.yaml`` in the same directory to let Fleet use the custom configuration when deploying |
| 119 | BESS UPF to the new cluster. |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 120 | |
Hyunsun Moon | 2b2bf9a | 2021-08-01 05:29:48 -0700 | [diff] [blame] | 121 | .. code-block:: yaml |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 122 | |
| 123 | $ vi fleet.yaml |
| 124 | # add following block at the end |
| 125 | - name: prd-ace-test |
| 126 | clusterSelector: |
| 127 | matchLabels: |
| 128 | management.cattle.io/cluster-display-name: ace-test |
| 129 | helm: |
| 130 | valuesFiles: |
| 131 | - overlays/prd-ace-test/values.yaml |
| 132 | |
| 133 | |
Hyunsun Moon | 2b2bf9a | 2021-08-01 05:29:48 -0700 | [diff] [blame] | 134 | Submit your changes. |
Hyunsun Moon | d12f32b | 2021-07-30 12:55:00 -0700 | [diff] [blame] | 135 | |
| 136 | .. code-block:: shell |
| 137 | |
| 138 | $ cd $WORKDIR/aether-app-configs |
| 139 | $ git status |
| 140 | $ git add . |
| 141 | $ git commit -m "Add BESS UPF configs for test ACE" |
| 142 | $ git review |
| 143 | |
| 144 | |
| 145 | Go to Fleet dashboard and wait until the cluster status becomes **Active**. |
Hyunsun Moon | b9c7dde | 2021-08-01 06:11:08 -0700 | [diff] [blame] | 146 | It can take up to 1 min for Fleet to fetch the configuration updates. |