M-CORD Release service charts
Change-Id: Ib6ea6b38abf802db15cabf3ed06fcfceae42cc05
diff --git a/mcord-release/Dockerfile.sriovds/Dockerfile b/mcord-release/Dockerfile.sriovds/Dockerfile
new file mode 100644
index 0000000..bae1e3f
--- /dev/null
+++ b/mcord-release/Dockerfile.sriovds/Dockerfile
@@ -0,0 +1,43 @@
+# Build multus plugin
+FROM golang:1.10 AS multus
+RUN git clone -q --depth 1 https://github.com/intel/multus-cni.git /go/src/github.com/intel/multus-cni
+WORKDIR /go/src/github.com/intel/multus-cni
+RUN ./build
+
+# Build sriov plugin
+FROM golang:1.10 AS sriov-cni
+RUN git clone -q -b dev/k8s-deviceid-model https://github.com/Intel-Corp/sriov-cni.git /go/src/github.com/intel-corp/sriov-cni
+WORKDIR /go/src/github.com/intel-corp/sriov-cni
+RUN ./build
+
+# Build sriov device plugin
+FROM golang:1.10 AS sriov-dp
+RUN git clone -q https://github.com/intel/sriov-network-device-plugin.git /go/src/github.com/intel/sriov-network-device-plugin
+WORKDIR /go/src/github.com/intel/sriov-network-device-plugin
+RUN make
+
+# Build centralip ipam plugin
+FROM golang:1.10 AS centralip-ipam
+RUN go get -u github.com/kardianos/govendor
+RUN git clone -q https://github.com/John-Lin/ovs-cni.git /go/src/github.com/John-Lin/ovs-cni
+WORKDIR /go/src/github.com/John-Lin/ovs-cni
+RUN govendor sync && ./build.sh
+
+# Build vfioveth plugin
+FROM busybox as vfioveth
+RUN wget -O /bin/vfioveth https://raw.githubusercontent.com/clearlinux/cloud-native-setup/master/clr-k8s-examples/9-multi-network/cni/vfioveth
+RUN wget -O /bin/jq https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64
+RUN chmod +x /bin/vfioveth /bin/jq
+
+# Final image
+FROM centos/systemd
+LABEL author="Saikrishna Edupuganti <saikrishna.edupuganti@intel.com>"
+WORKDIR /tmp/cni/bin
+COPY --from=multus /go/src/github.com/intel/multus-cni/bin/multus .
+COPY --from=sriov-cni /go/src/github.com/intel-corp/sriov-cni/bin/sriov .
+COPY --from=centralip-ipam /go/src/github.com/John-Lin/ovs-cni/bin/centralip .
+COPY --from=vfioveth /bin/vfioveth .
+COPY --from=vfioveth /bin/jq .
+WORKDIR /usr/bin
+COPY --from=sriov-dp /go/src/github.com/intel/sriov-network-device-plugin/build/sriovdp .
+
diff --git a/mcord-release/assets/mcord-architecture.png b/mcord-release/assets/mcord-architecture.png
new file mode 100644
index 0000000..e36d0e8
--- /dev/null
+++ b/mcord-release/assets/mcord-architecture.png
Binary files differ
diff --git a/mcord-release/mcord-services/.helmignore b/mcord-release/mcord-services/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/mcord-release/mcord-services/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/mcord-release/mcord-services/Chart.yaml b/mcord-release/mcord-services/Chart.yaml
new file mode 100644
index 0000000..6a92698
--- /dev/null
+++ b/mcord-release/mcord-services/Chart.yaml
@@ -0,0 +1,21 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+appVersion: "1.0"
+description: M-CORD services with OMEC inside
+name: mcord-services
+version: 0.1.0
diff --git a/mcord-release/mcord-services/templates/NOTES.txt b/mcord-release/mcord-services/templates/NOTES.txt
new file mode 100644
index 0000000..b7a49b5
--- /dev/null
+++ b/mcord-release/mcord-services/templates/NOTES.txt
@@ -0,0 +1,32 @@
+{{- /*
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/ -}}
+
+This is the instruction to configure your eNodeB to work with ONF M-CORD. You can find architecture illustration in assets/mcord-architecture.png.
+
+1. Check the eNodeB is operating in following information:
+ eNodeB Address: {{ .Values.enb.host }}
+ eNodeB S1 port: {{ .Values.enb.port }}
+
+2. Configure eNodeB with the correct MME information, get MME IP by following commands:
+ export MMEIP=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.status.podIP}" pods mme-0
+ export MMEPORT="36412"
+
+ MMEPORT is fixed in templates/mme.yaml.
+
+3. Make sure UE's SIM card information is configured in hss.yaml.
+
+4. Attach UE to M-CORD.
diff --git a/mcord-release/mcord-services/templates/_helpers.tpl b/mcord-release/mcord-services/templates/_helpers.tpl
new file mode 100644
index 0000000..449fce3
--- /dev/null
+++ b/mcord-release/mcord-services/templates/_helpers.tpl
@@ -0,0 +1,49 @@
+{{- /*
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/ -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "mcord-services.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "mcord-services.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "mcord-services.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/mcord-release/mcord-services/templates/hss.yaml b/mcord-release/mcord-services/templates/hss.yaml
new file mode 100644
index 0000000..bc62dd2
--- /dev/null
+++ b/mcord-release/mcord-services/templates/hss.yaml
@@ -0,0 +1,284 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for mcord-vepc-helm.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.hss.name }}
+data:
+ acl.conf: |
+ ALLOW_OLD_TLS *.cluster.local
+ hss.conf: |
+ Identity = "HSS_IDENTITY";
+ Realm = "HSS_REALM";
+ TLS_Cred = "CONF_DIR/HSS_HOST.cert.pem", "CONF_DIR/HSS_HOST.key.pem";
+ TLS_CA = "CONF_DIR/cacert.pem";
+ No_SCTP;
+ Prefer_TCP;
+ No_IPv6;
+ SCTP_streams = 3;
+ NoRelay;
+ AppServThreads = 4;
+ Port = 3868;
+ SecPort = 5868;
+ LoadExtension = "/usr/local/lib/freeDiameter/acl_wl.fdx" : "CONF_DIR/acl.conf";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_3gpp2_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_draftload_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_etsi283034_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4004_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4006bis_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4072_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4590_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5447_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5580_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5777_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5778_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc6734_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc6942_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc7155_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc7683_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc7944_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29061_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29128_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29154_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29173_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29212_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29214_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29215_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29217_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29229_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29272_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29273_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29329_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29336_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29337_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29338_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29343_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29344_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29345_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29368_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29468_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts32299_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_S6as6d.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_S6t.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_S6c.fdx";
+ hss.json: |
+ {"common": {
+ "fdcfg": "CONF_DIR/hss.conf",
+ "originhost": "HSS_IDENTITY",
+ "originrealm": "HSS_REALM"
+ },
+ "hss": {
+ "gtwhost": "*",
+ "gtwport" : 9080,
+ "restport" : 9081,
+ "ossport" : 9082,
+ "casssrv": "HSSDB_ADDR",
+ "cassusr": "root",
+ "casspwd": "root",
+ "cassdb" : "vhss",
+ "casscoreconnections" : 2,
+ "cassmaxconnections" : 8,
+ "cassioqueuesize" : 32768,
+ "cassiothreads" : 2,
+ "randv" : true,
+ "optkey" : "63bfa50ee6523365ff14c1f45f88737d",
+ "reloadkey" : true,
+ "logsize": 20,
+ "lognumber": 5,
+ "logname": "LOGS_DIR/hss.log",
+ "logqsize": 8192,
+ "statlogsize": 20,
+ "statlognumber": 5,
+ "statlogname": "LOGS_DIR/hss_stat.log",
+ "auditlogsize": 20,
+ "auditlognumber": 5,
+ "auditlogname": "LOGS_DIR/hss_audit.log",
+ "statfreq": 2000,
+ "numworkers": 4,
+ "concurrent": 10,
+ "ossfile": "CONF_DIR/oss.json"
+ }
+ }
+ oss.json: |
+ {
+ "option": {
+ "id": "url",
+ "type": "string"
+ },
+ "services": [
+ {
+ "id": "logger",
+ "commands": [
+ {
+ "id": "describe_loggers"
+ },
+ {
+ "id": "set_logger_level",
+ "options": [
+ {
+ "id": "name",
+ "type": "string"
+ },
+ {
+ "id": "level",
+ "type": "integer"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "id": "stats",
+ "commands": [
+ {
+ "id": "describe_stats_frequency"
+ },
+ {
+ "id": "describe_stats_live"
+ },
+ {
+ "id": "set_stats_frequency",
+ "options": [
+ {
+ "id": "frequency",
+ "type": "integer"
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ launch.sh: |
+ #!/bin/bash -x
+
+ CONF_DIR="/opt/c3po/hss/conf"
+ LOGS_DIR="/opt/c3po/hss/logs"
+ mkdir -p $CONF_DIR $LOGS_DIR
+
+ cp /etc/hss/conf/{acl.conf,hss.json,hss.conf,oss.json} $CONF_DIR
+
+ HSS_HOST=$(hostname)
+ HSS_DOMAIN=$(dnsdomainname)
+
+ # from hss.json
+ sed -i "s!HSS_IDENTITY!$HSS_HOST.$HSS_DOMAIN!g" $CONF_DIR/hss.json
+ sed -i "s!HSS_REALM!$HSS_DOMAIN!g" $CONF_DIR/hss.json
+ sed -i "s!HSSDB_ADDR!$HSSDB_ADDR!g" $CONF_DIR/hss.json
+ sed -i "s!CONF_DIR!$CONF_DIR!g" $CONF_DIR/hss.json
+ sed -i "s!LOGS_DIR!$LOGS_DIR!g" $CONF_DIR/hss.json
+
+ # from hss.conf
+ sed -i "s!HSS_IDENTITY!$HSS_HOST.$HSS_DOMAIN!g" $CONF_DIR/hss.conf
+ sed -i "s!HSS_REALM!$HSS_DOMAIN!g" $CONF_DIR/hss.conf
+ sed -i "s!HSS_HOST!$HSS_HOST!g" $CONF_DIR/hss.conf
+ sed -i "s!CONF_DIR!$CONF_DIR!g" $CONF_DIR/hss.conf
+ cat $CONF_DIR/{hss.json,hss.conf}
+
+ # If necessary, calculate the OPc value for each UE (User Equipment).
+ #./bin/hss -j conf/hss.json --onlyloadkey
+ cd $CONF_DIR
+ make_certs.sh $(hostname) $(dnsdomainname)
+ cd ..
+ # finally, launch
+ hss -j $CONF_DIR/hss.json
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.hss.name }}
+spec:
+ selector:
+ app: {{ .Values.hss.name }}
+ clusterIP: None
+ ports:
+ - name: s6a
+ port: 3868
+ protocol: TCP
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ .Values.hss.name }}
+ labels:
+ app: {{ .Values.hss.name }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ .Values.hss.name }}
+ serviceName: {{ .Values.hss.name }}
+ template:
+ metadata:
+ labels:
+ app: {{ .Values.hss.name }}
+ spec:
+ initContainers:
+ - name: init-hss
+ image: {{ .Values.hss.initimage }}
+ imagePullPolicy: Always
+ command: [ "bash", "-xc"]
+ # TODO: Move the SIM card configuration into values.yaml
+ args:
+ - until nslookup $HSSDB_ADDR; do echo "waiting for hssdb"; sleep 2; done;
+ until cqlsh --file /opt/c3po/hssdb/oai_db.cql $HSSDB_ADDR; do echo "provisioning hssdb"; sleep 2; done;
+ until data_provisioning_users.sh 208014567891200 1122334455 apn1 465B5CE8B199B49FAA5F0A2EE238A6BC 10 $HSSDB_ADDR $MME_HOST.$MME_REALM $MME_REALM;
+ do echo "setting up users"; sleep 2; done;
+ until data_provisioning_mme.sh 1 19136246000 $MME_HOST.$MME_REALM $MME_REALM 1 $HSSDB_ADDR; do echo "setting up mme"; sleep 2; done;
+ until data_provisioning_mme.sh 1 19136246000 smsrouter.test3gpp.net test3gpp.net 0 $HSSDB_ADDR; do echo "setting up smsrouter"; sleep 2; done;
+ env:
+ - name: HSSDB_ADDR
+ value: {{ .Values.hssdb.name }}
+ - name: MME_HOST
+ value: mme-0
+ - name: MME_REALM
+ value: {{ .Values.mme.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ containers:
+ - name: hss
+ image: {{ .Values.hss.image }}
+ imagePullPolicy: {{ .Values.global.imagepullpolicy }}
+ stdin: true
+ tty: true
+ env:
+ - name: HSSDB_ADDR
+ value: {{ .Values.hssdb.name | quote }}
+ - name: MME_IDENTITY
+ value: {{ .Values.mme.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ command: ["bash", "-c", "/opt/c3po/hss/launch.sh; sleep 3600"]
+ resources:
+ limits:
+ cpu: {{ .Values.hss.cpu | quote }}
+ memory: {{ .Values.hss.memory }}
+ volumeMounts:
+ - name: hss-script
+ mountPath: /opt/c3po/hss/launch.sh
+ subPath: launch.sh
+ - name: hss-config
+ mountPath: /etc/hss/conf
+ volumes:
+ - name: hss-script
+ configMap:
+ name: {{ .Values.hss.name }}
+ defaultMode: 493
+ - name: hss-config
+ configMap:
+ name: {{ .Values.hss.name }}
+ defaultMode: 420
diff --git a/mcord-release/mcord-services/templates/hssdb.yaml b/mcord-release/mcord-services/templates/hssdb.yaml
new file mode 100644
index 0000000..7697838
--- /dev/null
+++ b/mcord-release/mcord-services/templates/hssdb.yaml
@@ -0,0 +1,109 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.hssdb.name }}
+data:
+ cassandra-rackdc.properties: |
+ dc=DC1
+ rack=RAC1
+ prefer_local=true
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: {{ .Values.hssdb.name }}
+ name: {{ .Values.hssdb.name }}
+spec:
+ clusterIP: None
+ ports:
+ - name: cql
+ port: 9042
+ selector:
+ app: {{ .Values.hssdb.name }}
+---
+apiVersion: "apps/v1"
+kind: StatefulSet
+metadata:
+ name: {{ .Values.hssdb.name }}
+ labels:
+ app: {{ .Values.hssdb.name }}
+spec:
+ serviceName: {{ .Values.hssdb.name }}
+ replicas: 1 # 3
+ selector:
+ matchLabels:
+ app: {{ .Values.hssdb.name }}
+ template:
+ metadata:
+ labels:
+ app: {{ .Values.hssdb.name }}
+ spec:
+ securityContext:
+ runAsUser: 999
+ fsGroup: 999
+ containers:
+ - name: cassandra
+ image: {{ .Values.hssdb.image }}
+ imagePullPolicy: {{ .Values.global.imagepullpolicy }}
+ ports:
+ - containerPort: 9042
+ name: cql
+ resources:
+ limits:
+ cpu: {{ .Values.hssdb.cpu | quote }}
+ memory: {{ .Values.hssdb.memory }}
+ env:
+ - name: MAX_HEAP_SIZE
+ value: 512M
+ - name: HEAP_NEWSIZE
+ value: 100M
+ - name: CASSANDRA_SEEDS
+ value: "hssdb-0.{{ .Values.hssdb.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}"
+ - name: CASSANDRA_CLUSTER_NAME
+ value: "HSS Cluster"
+ - name: CASSANDRA_RPC_ADDRESS
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: CASSANDRA_ENDPOINT_SNITCH
+ value: "GossipingPropertyFileSnitch"
+ readinessProbe:
+ exec:
+ command: ["/bin/bash", "-c", "nodetool status -r | awk -v h=$(hostname) '$2==h {exit ($1==\"UN\" ? 0 : -1)}'"]
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ volumeMounts:
+ - name: hssdb-config
+ mountPath: /etc/cassandra/cassandra-rackdc.properties
+ subPath: cassandra-rackdc.properties
+ #- name: hssdb-data
+ # mountPath: /var/lib/cassandra
+ volumes:
+ - name: hssdb-config
+ configMap:
+ name: {{ .Values.hssdb.name }}
+# volumeClaimTemplates:
+# - metadata:
+# name: hssdb-data
+# spec:
+# accessModes: [ "ReadWriteOnce" ]
+# resources:
+# requests:
+# storage: 1Gi
diff --git a/mcord-release/mcord-services/templates/mme.yaml b/mcord-release/mcord-services/templates/mme.yaml
new file mode 100644
index 0000000..c6e6adb
--- /dev/null
+++ b/mcord-release/mcord-services/templates/mme.yaml
@@ -0,0 +1,293 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.mme.name }}
+data:
+ launch.sh: |
+ #!/bin/bash
+
+ cd /opt/c3po/mme/bin
+ cp /etc/mme/conf/{vbsm_cfg.txt,vbfd.conf} .
+
+ # from vbsm_cfg.txt
+ SGW_S11_IP=${SGW_S11_IP:-sgw.localdomain}
+ ENB_S1AP_IP=${ENB_S1AP_IP:-enb1.localdomain}
+ ENB_S1AP_PORT=${ENB_S1AP_PORT:-36412}
+ MME_ETH0_IP=${MME_ETH0_IP:-0.0.0.0}
+
+ # from vbfd.conf
+ HSS_CONNECT_PEER=${HSS_CONNECT_PEER:-hss.localdomain}
+ HSS_S6A_IP=${HSS_S6A_IP:-hss.localdomain}
+ HSS_PORT=${HSS_PORT:-3868}
+ VAR_HSS_REALM=${VAR_HSS_REALM:-openair4G.eur}
+
+ sed -i "s/SGW_S11_IP/$(dig $SGW_S11_IP +short)/g" vbsm_cfg.txt
+ sed -i "s/ENB_S1AP_IP/$ENB_S1AP_IP/g" vbsm_cfg.txt
+ sed -i "s/ENB_S1AP_PORT/$ENB_S1AP_PORT/g" vbsm_cfg.txt
+ sed -i "s/MME_ETH0_IP/$MME_ETH0_IP/g" vbsm_cfg.txt
+ sed -i "s/VAR_HSS_HOST/$HSS_CONNECT_PEER/g" vbsm_cfg.txt
+ sed -i "s/VAR_HSS_REALM/$VAR_HSS_REALM/g" vbsm_cfg.txt
+
+ MME_HOST=$(hostname)
+ MME_DOMAIN=$(dnsdomainname)
+ sed -i "s/HSS_CONNECT_PEER/$HSS_CONNECT_PEER/g" vbfd.conf
+ sed -i "s/HSS_S6A_IP/$HSS_S6A_IP/g" vbfd.conf
+ sed -i "s/HSS_PORT/$HSS_PORT/g" vbfd.conf
+ sed -i "s/MME_IDENTITY/$MME_HOST.$MME_DOMAIN/g" vbfd.conf
+ sed -i "s/MME_REALM/$MME_DOMAIN/g" vbfd.conf
+ sed -i "s/MME_HOST/$MME_HOST/g" vbfd.conf
+
+ # generate the certs
+ ./make_certs.sh $MME_HOST $MME_DOMAIN
+
+ # finally, launch
+ ./vb_acc
+ vbfd.conf: |
+ # -------- Test configuration ---------
+
+ # Identity = "<diameter_host>.<diameter_realm>";
+ Identity = "MME_IDENTITY";
+ Realm = "MME_REALM";
+ # Port = 3868;
+ # SecPort = 3869;
+
+ ConnectPeer = "HSS_CONNECT_PEER" { ConnectTo = "HSS_S6A_IP"; No_TLS; port = HSS_PORT; };
+
+ # TLS_Cred = "<diameter_host>.cert.pem", "<diameter_host>.key.pem";
+ TLS_Cred = "MME_HOST.cert.pem",
+ "MME_HOST.key.pem";
+ TLS_CA = "cacert.pem";
+
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_3gpp2_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_draftload_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_etsi283034_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4004_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4006bis_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4072_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc4590_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5447_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5580_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5777_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc5778_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc6734_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc6942_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc7155_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc7683_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_rfc7944_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29061_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29128_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29154_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29173_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29212_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29214_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29215_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29217_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29229_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29272_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29273_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29329_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29336_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29337_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29338_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29343_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29344_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29345_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29368_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts29468_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_ts32299_avps.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_S6as6d.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_S6c.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_S6t.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_SGd.fdx";
+ LoadExtension = "/usr/local/lib/freeDiameter/dict_T6aT6bT7.fdx";
+ vbsm_cfg.txt: |
+ # Configuration file for MME
+
+ ##### NOTE: Please Do NOT change the order of the parameters #####
+
+ # EGTP related
+ VBSM_EG_DFLT_PORT 2123 # EGTP Default port
+ VBSM_EG_NONDFLT_PORT 2124 # EGTP Non Default port
+ VBSM_EG_S10_NONDFLT_PORT 2125 # EGTP Non Default
+ VBSM_EG_S3_NONDFLT_PORT 2126 # EGTP Non Default port for S3 interface towards SGSN
+ # port for S10
+ VBSM_EG_DFLT_HOST_NAME "sutlej.ccin.ccpu.com" # EGTP host name
+
+ # E-NodeB related
+ VBSM_ENB_ADDR_1 "ENB_S1AP_IP" # IP address of eNodeB
+ VBSM_ENB_PORT_1 "ENB_S1AP_PORT" # eNodeB port
+ #VBSM_ENB_ADDR_2 "172.26.20.180" # IP address of eNodeB
+ #VBSM_ENB_PORT_2 36422 # eNodeB port
+
+ # MME related
+ VBSM_MME_IPADDR "MME_ETH0_IP" # MME IP address
+ VBSM_MME_S1AP_IPADDR "MME_ETH0_IP" # MME IP address associated with the S1AP interface
+ VBSM_MME_EGTP_IPADDR "MME_ETH0_IP" # MME IP address associated with the EGTP interface
+ VBSM_MME_SCTP_PORT 36412 # MME SCTP port
+
+ VBSM_SGW_IPADDR "SGW_S11_IP" # SGW IP address
+ VBSM_PGW_IPADDR "192.168.1.105" # PDN-GW IP address
+
+ VBSM_UE_NUM 1000 # Support 1000 UE's
+ VBSM_SCTP_UDP_SERV_TYPE 0 #service type,default 0 SCTP
+
+ # Debug mask to be set; each represent
+ #different debug masks to be set (1 and 0 to unset)
+ #in the form |LVB_DBGMASK_INFO|LVB_DBGMASK_ERROR|LVB_DBGMASK_TRC|LVB_DBGMASK_MEM
+
+ VBSM_MME_DBG_MASK 1111
+ VBSM_DBG_MASK 1111
+ VBSM_NW_INIATED_DETACH_TIMER 1000
+
+ VBSM_MCC_DIG1 2
+ VBSM_MCC_DIG2 0
+ VBSM_MCC_DIG3 8
+
+ VBSM_MNC_DIG1 0
+ VBSM_MNC_DIG2 1
+ VBSM_MNC_DIG3 -1
+
+ # Target PLMN ID format [ MCC + MNC], + is concatination operator
+ # If MNC has two digits, the last charater shall be 'f'
+ # Valid Configurations: 11223f, 112345.
+ VBSM_TARGET_MME_PLMN_ID 31310f
+ VBSM_TARGET_MME_IP_ADDR "192.25.1.100"
+
+ VBSM_T3412 32
+
+ VBSM_SGSN_IP_ADDR "192.25.1.195"
+
+
+ VBSM_SGSN_PLMN_ID 31311f
+
+ VBSM_FD_CFG "vbfd.conf"
+ VBSM_HSS_HOST "VAR_HSS_HOST"
+ VBSM_HSS_REALM "VAR_HSS_REALM"
+
+ # set VBSM_DISABLE_EPC_DNS 0 - enable DNS, 1 - disable DNS
+ VBSM_DISABLE_EPC_DNS 1
+ VBSM_DISABLE_EIA0 1
+ VBSM_REL_CAP 1
+ VBSM_MME_NAME "vmmestandalone"
+ VBSM_S1C_SCTP_INSTREAMS 10
+ VBSM_S1C_SCTP_OUTSTREAMS 10
+ VBSM_MAX_ENB 2
+ VBSM_NO_OFGUMMEIS 1
+ VBSM_MMECODE 1
+ VBSM_MMEGRPID 1
+ VBSM_NO_OF_TAI 1
+ VBSM_TAI_LIST {{"{{1,2,0,8,0,1,1}}"}}
+
+ VBSM_SMS_ROUTER_HOST "smsrouter.test3gpp.net"
+ VBSM_SMS_ROUTER_REALM "test3gpp.net"
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: mme
+spec:
+ selector:
+ app: mme
+ clusterIP: None
+ ports:
+ - name: s11
+ port: 2123
+ protocol: UDP
+ - name: s1ap
+ port: 36412
+ protocol: TCP
+ - name: s6a
+ port: 3868
+ protocol: TCP
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ .Values.mme.name }}
+ labels:
+ app: {{ .Values.mme.name }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ .Values.mme.name }}
+ serviceName: {{ .Values.mme.name | quote }}
+ template:
+ metadata:
+ labels:
+ app: {{ .Values.mme.name }}
+ spec:
+ # Insert iptable rules as MME implements a userspace SCTP stack
+ initContainers:
+ - name: init-mme
+ image: {{ .Values.mme.initimage }}
+ command: [ "sh", "-c"]
+ securityContext:
+ capabilities:
+ add:
+ - NET_ADMIN
+ args:
+ - iptables -A OUTPUT -p sctp --sport 36412 --chunk-types any ABORT -j DROP;
+ until nslookup hss-0.{{ .Values.hss.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }};
+ do echo "waiting for hss"; sleep 2; done;
+ containers:
+ - name: mme
+ image: {{ .Values.mme.image | quote }}
+ imagePullPolicy: {{ .Values.global.imagepullpolicy }}
+ env:
+ - name: SGW_S11_IP
+ value: cp-0.cp
+ - name: MME_ETH0_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: ENB_S1AP_IP
+ value: {{ .Values.enb.host | quote }}
+ - name: ENB_S1AP_PORT
+ value: {{ .Values.enb.port | quote }}
+ - name: HSS_CONNECT_PEER
+ value: hss-0.{{ .Values.hss.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ - name: VAR_HSS_REALM
+ value: {{ .Values.hss.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ - name: HSS_S6A_IP
+ value: hss-0.{{ .Values.hss.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ - name: HSS_PORT
+ value: "3868"
+ stdin: true
+ tty: true
+ #command: [ "sleep", "3600"]
+ resources:
+ limits:
+ cpu: {{ .Values.mme.cpu | quote }}
+ memory: {{ .Values.mme.memory }}
+ volumeMounts:
+ - name: mme-script
+ mountPath: /opt/c3po/mme/bin/launch.sh
+ subPath: launch.sh
+ - name: mme-config
+ mountPath: /etc/mme/conf
+ volumes:
+ - name: mme-script
+ configMap:
+ name: {{ .Values.mme.name }}
+ defaultMode: 493
+ - name: mme-config
+ configMap:
+ name: {{ .Values.mme.name }}
+ defaultMode: 420
diff --git a/mcord-release/mcord-services/templates/networks.yaml b/mcord-release/mcord-services/templates/networks.yaml
new file mode 100644
index 0000000..b483fb1
--- /dev/null
+++ b/mcord-release/mcord-services/templates/networks.yaml
@@ -0,0 +1,41 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- range .Values.networks }}
+---
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+ name: {{ .name }}
+ annotations:
+ k8s.v1.cni.cncf.io/resourceName: intel.com/sriov
+spec:
+ config: '{
+ "type": {{ .sriovtype | quote }},
+ "name": {{ .name | quote }},
+ "ipam": {
+ "type": {{ .ipamtype | quote }},
+ {{- if eq .ipamtype "host-local" }}
+ "subnet": {{ .subnet | quote }},
+ "gateway": {{ .gateway | quote }}
+ {{- else if eq .ipamtype "centralip" }}
+ "ipType": "cluster",
+ "network": {{ .subnet | quote }},
+ "etcdURL": {{ $.Values.global.etcdurl | quote }}
+ {{- end }}
+ }
+}'
+{{- end }}
diff --git a/mcord-release/mcord-services/templates/spgwc.yaml b/mcord-release/mcord-services/templates/spgwc.yaml
new file mode 100644
index 0000000..c965922
--- /dev/null
+++ b/mcord-release/mcord-services/templates/spgwc.yaml
@@ -0,0 +1,530 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: spgwc-pod-reader
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: pod-reader
+rules:
+- apiGroups: [""]
+ resources: ["pods"]
+ verbs: ["get"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: spgwc-pod-reader-rb
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: pod-reader
+subjects:
+- kind: ServiceAccount
+ name: spgwc-pod-reader
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.spgwc.name }}
+data:
+ launch.sh: |
+ #!/bin/bash -xe
+
+ RUN_DIR=${RUN_DIR:-"/opt/cp"}
+ mkdir -p $RUN_DIR/config
+ cd $RUN_DIR/config
+ cp /etc/cp/config/{adc_rules.cfg,cp_config.cfg,interface.cfg,meter_profile.cfg,pcc_rules.cfg,sdf_rules.cfg} .
+ sed -i "s/CP_ADDR/$CP_ADDR/g" interface.cfg
+ sed -i "s/DP_ADDR/$DP_ADDR/g" interface.cfg
+ . cp_config.cfg
+ ngic_controlplane $EAL_ARGS -- $APP_ARGS
+ cp_config.cfg: |
+ if [ ! -d "/dev/hugepages" ]; then
+ MEMORY="--no-huge -m $((MEM_LIMIT-1024))"
+ fi
+ SHARED_DIR="/opt/cp/config/shared"
+ if [ -d ${SHARED_DIR} ]; then
+ while [ ! -f ${SHARED_DIR}/SGW_S1U_IP ]; do echo "Waiting for SGW_S1U_IP"; sleep 2; done
+ SGW_S1U_IP=$(cat ${SHARED_DIR}/SGW_S1U_IP)
+ fi
+
+ MGMT_INFO="-s ${CP_ADDR} -m ${MME_S11_IP} -w ${SGW_S1U_IP}"
+ APN_INFO="-i ${IP_POOL_IP} -p ${IP_POOL_MASK} -a ${APN}"
+ SPGW_CFG="-d 03 -l 2 -r 7.7.7.7 -g 6.6.6.6 -v 4.4.4.4 -u 5.5.5.5"
+ APP_ARGS="${MGMT_INFO} ${APN_INFO} ${SPGW_CFG} ${TEID_INFO}"
+
+ CORES="-c $(taskset -p $$ | awk '{print $NF}')"
+ DEVICES="--no-pci"
+ EAL_ARGS="${CORES} ${MEMORY} ${DEVICES}"
+ interface.cfg: |
+ [0]
+ dp_comm_ip = DP_ADDR
+ dp_comm_port = 20
+ cp_comm_ip = CP_ADDR
+ cp_comm_port = 21
+ adc_rules.cfg: |
+ [GLOBAL]
+ NUM_ADC_RULES = 5
+
+ ;FORMAT ::
+ ;ADC_TYPE : [ DOMAIN = 0 | IP = 1 | IP PREFIX =2 ]
+ ;
+ ;if ADC_TYPE = 0
+ ; DOMAIN
+ ;elseif ADC_TYPE = 1
+ ; IP
+ ;elseif ADC_TYPE = 2
+ ; IP
+ ; PREFIX
+ ;else
+ ; NONE
+ ;
+ ;NOTE :
+ ;Rules defined first have a higher priority, unless DROP is specified
+ ;(i.e. multiple rules for the same IP).
+ ;When specifying DROP with an IP address, use a prefix of 32 to prevent DNS
+ ;results from overwriting rule.
+
+
+ [ADC_RULE_1]
+ ADC_TYPE = 1
+ IP = 13.1.1.111
+
+ [ADC_RULE_2]
+ ADC_TYPE = 2
+ IP = 13.1.1.0
+ PREFIX = 24
+
+ [ADC_RULE_3]
+ ADC_TYPE = 1
+ IP = 13.1.1.112
+ PREFIX = 24
+
+ [ADC_RULE_4]
+ ADC_TYPE = 0
+ DOMAIN = www.example.gov
+
+ [ADC_RULE_5]
+ ADC_TYPE = 0
+ DOMAIN = www.drop_example.com
+ meter_profile.cfg: |
+ [GLOBAL]
+ NUM_OF_IDX = 7
+
+ [ENTRY_1]
+ ;Committed Information Rate (CIR). Measured in bytes per second.
+ ;MBR is mapped into CIR, convert MBR from bits to Bytes and set CIR.
+ CIR = 2342400
+ ;Committed Burst Size unit = Bytes
+ CBS = 5856
+ ;Excess Burst Size unit = Bytes
+ EBS = 11712
+ ;Meter profile index. Refer this index in static_pcc.cfg to set AMBR/MBR
+ MTR_PROFILE_IDX = 3
+
+ [ENTRY_2]
+ ;1200 = 1756800
+ ;1400 = 2049600
+ ;1600 = 2342400
+ CIR = 2342400
+ CBS = 5856
+ EBS = 11712
+ MTR_PROFILE_IDX = 4
+
+ [ENTRY_3]
+ ; QCI5,QCI7 15.571kbps = 1947 B
+ CIR = 2342400
+ CBS = 5856
+ EBS = 11712
+ MTR_PROFILE_IDX = 5
+
+ [ENTRY_4]
+ ; QCI1, 44kbps = 5500 B
+ CIR = 2342400
+ CBS = 5856
+ EBS = 11712
+ MTR_PROFILE_IDX = 6
+
+ [ENTRY_5]
+ ; QCI9, 31.143kbps = 3893 B
+ CIR = 2342400
+ CBS = 5856
+ EBS = 11712
+ MTR_PROFILE_IDX = 7
+
+ [ENTRY_6]
+ ; 128B, 7pps
+ CIR = 2342400
+ CBS = 512
+ EBS = 1024
+ MTR_PROFILE_IDX = 8
+
+ [ENTRY_7]
+ ; 128B, 2pps
+ CIR = 2342400
+ CBS = 512
+ EBS = 1024
+ MTR_PROFILE_IDX = 9
+
+ pcc_rules.cfg: |
+ [GLOBAL]
+ NUM_PCC_FILTERS = 9
+ ;To config AMBR/MBR values refer meter_profile.cfg. specify only the
+ ;meter profile index to be set here.
+ UL_AMBR_MTR_PROFILE_IDX = 3
+ DL_AMBR_MTR_PROFILE_IDX = 4
+
+ ;default filter - must be first for now (until DP doesn't install any filters)
+ ;associated with default adc rule
+ [PCC_FILTER_1]
+ RULE_NAME = DefaultRule
+ RATING_GROUP = 9
+ SERVICE_ID = 0
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 1
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = 0
+ REDIRECT_INFO = 0
+ PRECEDENCE = 254
+ DROP_PKT_COUNT = 0
+ ;Specify the meter profile index from meter_profile.cfg
+ UL_MBR_MTR_PROFILE_IDX = 7
+ DL_MBR_MTR_PROFILE_IDX = 7
+ ;List of ADC filter indices
+ SDF_FILTER_IDX = 99998
+
+ [PCC_FILTER_2]
+ RULE_NAME = sdf_rule_1
+ RATING_GROUP = 5
+ SERVICE_ID = 0
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 2
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = 0
+ REDIRECT_INFO = 0
+ PRECEDENCE = 1
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 5
+ DL_MBR_MTR_PROFILE_IDX = 5
+ ;List of SDF filter indices
+ SDF_FILTER_IDX = 1
+
+ [PCC_FILTER_3]
+ RULE_NAME = sdf_rule_2
+ RATING_GROUP = 1
+ SERVICE_ID = 0
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 3
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = 0
+ REDIRECT_INFO = 0
+ PRECEDENCE = 18
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 6
+ DL_MBR_MTR_PROFILE_IDX = 6
+ ;List of SDF filter indices
+ SDF_FILTER_IDX = 2
+
+ [PCC_FILTER_4]
+ RULE_NAME = adc_rule_1
+ RATING_GROUP = Zero-Rate
+ SERVICE_ID = Internet
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 8
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ REDIRECT_INFO = 0
+ SPONSOR_ID = Example
+ PRECEDENCE = 15
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 7
+ DL_MBR_MTR_PROFILE_IDX = 7
+ ;List of SDF filter indices
+ ADC_FILTER_IDX = 1
+
+ [PCC_FILTER_5]
+ RULE_NAME = adc_rule_2
+ RATING_GROUP = 0
+ SERVICE_ID = CIPA
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 9
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = Example
+ REDIRECT_INFO = 0
+ SPONSOR_ID = Example
+ REDIRECT_INFO = 0
+ PRECEDENCE = 4
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 0
+ DL_MBR_MTR_PROFILE_IDX = 0
+ ;List of SDF filter indices
+ ADC_FILTER_IDX = 2
+
+ [PCC_FILTER_6]
+ RULE_NAME = sdf_rule_3
+ RATING_GROUP = 7
+ SERVICE_ID = 0
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 4
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = 0
+ REDIRECT_INFO = 0
+ PRECEDENCE = 17
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 5
+ DL_MBR_MTR_PROFILE_IDX = 5
+ ;List of SDF filter indices
+ SDF_FILTER_IDX = 3
+
+ [PCC_FILTER_7]
+ RULE_NAME = adc_rule_3
+ RATING_GROUP = Zero-Rate
+ SERVICE_ID = Internet
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 5
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = Example
+ REDIRECT_INFO = 0
+ PRECEDENCE = 210
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 7
+ DL_MBR_MTR_PROFILE_IDX = 7
+ ;List of SDF filter indices
+ ADC_FILTER_IDX = 4
+
+ [PCC_FILTER_8]
+ RULE_NAME = adc_rule_4
+ RATING_GROUP = Zero-Rate
+ SERVICE_ID = Management
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 6
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = Example
+ REDIRECT_INFO = 0
+ PRECEDENCE = 200
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 7
+ DL_MBR_MTR_PROFILE_IDX = 7
+ ;List of SDF filter indices
+ ADC_FILTER_IDX = 12
+
+ [PCC_FILTER_9]
+ RULE_NAME = adc_rule_5
+ RATING_GROUP = Zero-Rate
+ SERVICE_ID = Provisioning
+ RULE_STATUS = 0
+ GATE_STATUS = 1
+ SESSION_CONT = 0
+ REPORT_LEVEL = 7
+ CHARGING_MODE = 0
+ METERING_METHOD = 0
+ MUTE_NOTIFY = 0
+ MONITORING_KEY = 0
+ SPONSOR_ID = Example
+ REDIRECT_INFO = 0
+ PRECEDENCE = 220
+ DROP_PKT_COUNT = 0
+ UL_MBR_MTR_PROFILE_IDX = 7
+ DL_MBR_MTR_PROFILE_IDX = 7
+ ;List of SDF filter indices
+ ADC_FILTER_IDX = 3
+ sdf_rules.cfg: |
+ [GLOBAL]
+ NUM_SDF_FILTERS = 4
+
+ [SDF_FILTER_1]
+ DIRECTION = downlink_only
+ IPV4_REMOTE = 13.2.1.113
+ IPV4_REMOTE_MASK = 255.255.255.0
+ PROTOCOL = 17
+ LOCAL_LOW_LIMIT_PORT = 0
+ LOCAL_HIGH_LIMIT_PORT = 65535
+ REMOTE_LOW_LIMIT_PORT = 0
+ REMOTE_HIGH_LIMIT_PORT = 65535
+
+ [SDF_FILTER_2]
+ DIRECTION = uplink_only
+ IPV4_LOCAL = 16.255.255.0
+ IPV4_LOCAL_MASK = 255.255.255.0
+ PROTOCOL = 17
+ LOCAL_LOW_LIMIT_PORT = 0
+ LOCAL_HIGH_LIMIT_PORT = 65535
+ REMOTE_LOW_LIMIT_PORT = 0
+ REMOTE_HIGH_LIMIT_PORT = 65535
+
+ [SDF_FILTER_3]
+ DIRECTION = downlink_only
+ IPV4_REMOTE = 130.10.0.0
+ IPV4_REMOTE_MASK = 255.255.0.0
+ PROTOCOL = 17
+ REMOTE_LOW_LIMIT_PORT = 5060
+ REMOTE_HIGH_LIMIT_PORT = 5060
+
+ [SDF_FILTER_4]
+ DIRECTION = uplink_only
+ IPV4_REMOTE = 103.1.0.0
+ IPV4_REMOTE_MASK = 255.255.0.0
+ PROTOCOL = 17
+ LOCAL_LOW_LIMIT_PORT = 17000
+ LOCAL_HIGH_LIMIT_PORT = 17010
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.spgwc.name }}
+spec:
+ selector:
+ app: {{ .Values.spgwc.name }}
+ clusterIP: None
+ ports:
+ - name: s11
+ port: 2123
+ protocol: UDP
+ - name: cpdp
+ port: 21
+ protocol: UDP
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ .Values.spgwc.name }}
+ labels:
+ app: {{ .Values.spgwc.name }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ .Values.spgwc.name }}
+ serviceName: {{ .Values.spgwc.name | quote }}
+ template:
+ metadata:
+ labels:
+ app: {{ .Values.spgwc.name }}
+ spec:
+ serviceAccount: spgwc-pod-reader
+ initContainers:
+ - name: init-spgwc
+ image: {{ .Values.spgwc.initimage }}
+ command: ["/bin/sh", "-co", "pipefail"]
+ args:
+ - until $(kubectl get pod -ojson spgwu-0 2>/dev/null | jq -r '.metadata.annotations["k8s.v1.cni.cncf.io/networks-status"]' | jq -r '.[] | select(.name=="s1u-net") | .ips[0]' > /opt/cp/config/shared/SGW_S1U_IP);
+ do echo "waiting for SPGWU"; sleep 2; done
+ volumeMounts:
+ - name: shared-data
+ mountPath: /opt/cp/config/shared
+ containers:
+ - name: spgwc
+ image: {{ .Values.spgwc.image }}
+ imagePullPolicy: {{ .Values.global.imagepullpolicy }}
+ stdin: true
+ tty: true
+ command: ["/opt/cp/scripts/launch.sh"]
+ env:
+ - name: MEM_LIMIT
+ valueFrom:
+ resourceFieldRef:
+ containerName: spgwc
+ resource: limits.memory
+ divisor: 1Mi
+ #- name: SGW_S1U_IP
+ # value: "11.1.1.1"
+ - name: CP_ADDR
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: DP_ADDR
+ value: spgwu-0.{{ .Values.spgwu.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ - name: MME_S11_IP
+ value: mme-0.{{ .Values.mme.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ - name: APN
+ value: apn1
+ - name: IP_POOL_IP
+ value: "16.0.0.0"
+ - name: IP_POOL_MASK
+ value: "255.0.0.0"
+ volumeMounts:
+ - name: cp-script
+ mountPath: /opt/cp/scripts/launch.sh
+ subPath: launch.sh
+ - name: cp-config
+ mountPath: /etc/cp/config
+ - name: shared-data
+ mountPath: /opt/cp/config/shared
+ #- name: hugepage
+ # mountPath: /dev/hugepages
+ resources:
+ limits:
+ #hugepages-2Mi: 4Gi
+ cpu: {{ .Values.spgwc.cpu | quote }}
+ memory: {{ .Values.spgwc.memory }}
+ volumes:
+ - name: cp-script
+ configMap:
+ name: {{ .Values.spgwc.name }}
+ defaultMode: 493
+ - name: cp-config
+ configMap:
+ name: {{ .Values.spgwc.name }}
+ defaultMode: 420
+ - name: shared-data
+ emptyDir: {}
+ #- name: hugepage
+ # emptyDir:
+ # medium: HugePages
diff --git a/mcord-release/mcord-services/templates/spgwu.yaml b/mcord-release/mcord-services/templates/spgwu.yaml
new file mode 100644
index 0000000..1c0c038
--- /dev/null
+++ b/mcord-release/mcord-services/templates/spgwu.yaml
@@ -0,0 +1,169 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.spgwu.name }}
+data:
+ launch.sh: |
+ #!/bin/bash -xe
+
+ RUN_DIR=${RUN_DIR:-"/opt/dp"}
+ mkdir -p $RUN_DIR/config
+ cd $RUN_DIR/config
+ cp /etc/dp/config/{cdr.cfg,dp_config.cfg,interface.cfg} .
+ sed -i "s/CP_ADDR/$CP_ADDR/g" interface.cfg
+ sed -i "s/DP_ADDR/$DP_ADDR/g" interface.cfg
+ . dp_config.cfg
+ ngic_dataplane $EAL_ARGS -- $APP_ARGS
+ dp_config.cfg: |
+ if [ ! -d "/dev/hugepages" ]; then
+ MEMORY="--no-huge -m $((MEM_LIMIT-1024))"
+ fi
+
+ CORES="-c $(taskset -p $$ | awk '{print $NF}')"
+ EAL_ARGS="${CORES} ${MEMORY} ${DEVICES}"
+
+ SPGW_CFG="--spgw_cfg 03"
+ S1U_IP=$(ip -4 addr show dev ${S1U_DEVNAME} | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+ SGI_IP=$(ip -4 addr show dev ${SGI_DEVNAME} | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+ S1U_MAC=$(ip addr show dev ${S1U_DEVNAME} | awk '$1=="link/ether"{print $2}')
+ SGI_MAC=$(ip addr show dev ${SGI_DEVNAME} | awk '$1=="link/ether"{print $2}')
+ S1U="--s1u_ip ${S1U_IP} --s1u_mac ${S1U_MAC} --ul_iface ${S1U_DEVNAME}"
+ SGI="--sgi_ip ${SGI_IP} --sgi_mac ${SGI_MAC} --dl_iface ${SGI_DEVNAME} --sgi_gw_ip ${RTR_SGI_IP} --sgi_mask ${SGI_MASK}"
+ MISC="--log 1"
+ APP_ARGS="${S1U} ${SGI} ${MISC} ${SPGW_CFG}"
+ cdr.cfg: |
+ CDR_PATH=./cdr
+ MASTER_CDR=./cdr/master.csv
+ interface.cfg: |
+ [0]
+ dp_comm_ip = DP_ADDR
+ dp_comm_port = 20
+ cp_comm_ip = CP_ADDR
+ cp_comm_port = 21
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.spgwu.name }}
+spec:
+ selector:
+ app: {{ .Values.spgwu.name }}
+ clusterIP: None
+ ports:
+ - name: cpdp
+ port: 20
+ protocol: UDP
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ .Values.spgwu.name }}
+ labels:
+ app: {{ .Values.spgwu.name }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ .Values.spgwu.name }}
+ serviceName: {{ .Values.spgwu.name | quote }}
+ template:
+ metadata:
+ labels:
+ app: {{ .Values.spgwu.name }}
+ annotations:
+ k8s.v1.cni.cncf.io/networks: '[
+ { "name": "s1u-net", "interface": "s1u-net" },
+ { "name": "sgi-net", "interface": "sgi-net" }
+ ]'
+ spec:
+ # Required if working with Linux bound devices so that kernel does not
+ # reply to GTP-U packets
+ #initContainers:
+ #- name: init
+ # image: "ngick8stesting/c3po-init"
+ # command: [ "sh", "-xec"]
+ # securityContext:
+ # capabilities:
+ # add:
+ # - NET_ADMIN
+ # args:
+ # - iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP;
+ containers:
+ - name: {{ .Values.spgwu.name }}
+ image: {{ .Values.spgwu.image }}
+ imagePullPolicy: {{ .Values.global.imagepullpolicy }}
+ stdin: true
+ tty: true
+ env:
+ - name: MEM_LIMIT
+ valueFrom:
+ resourceFieldRef:
+ containerName: {{ .Values.spgwu.name }}
+ resource: limits.memory
+ divisor: 1Mi
+ - name: S1U_DEVNAME
+ value: s1u-net
+ - name: SGI_DEVNAME
+ value: sgi-net
+ - name: DEVICES
+ value: "" # "--no-pci --vdev eth_af_packet0,iface=s1u-net --vdev eth_af_packet1,iface=sgi-net"
+ - name: CP_ADDR
+ value: spgwc-0.{{ .Values.spgwc.name }}.{{ .Values.global.namespace }}.{{ .Values.global.fqdn }}
+ - name: DP_ADDR
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: RTR_SGI_IP
+ value: "13.1.1.254"
+ - name: SGI_MASK
+ value: "255.255.255.0"
+ command: ["bash", "-xc"]
+ args:
+ - ip a;
+ /opt/dp/scripts/launch.sh;
+ volumeMounts:
+ - name: dp-script
+ mountPath: /opt/dp/scripts/launch.sh
+ subPath: launch.sh
+ - name: dp-config
+ mountPath: /etc/dp/config
+ #- name: hugepage
+ # mountPath: /dev/hugepages
+ resources:
+ limits:
+ #hugepages-1Gi: 8Gi
+ cpu: {{ .Values.spgwu.cpu | quote }}
+ memory: {{ .Values.spgwu.memory }}
+ intel.com/sriov: 2
+ securityContext:
+ capabilities:
+ add:
+ - IPC_LOCK
+ volumes:
+ - name: dp-script
+ configMap:
+ name: {{ .Values.spgwu.name }}
+ defaultMode: 493
+ - name: dp-config
+ configMap:
+ name: {{ .Values.spgwu.name }}
+ defaultMode: 420
+ #- name: hugepage
+ # emptyDir:
+ # medium: HugePages
diff --git a/mcord-release/mcord-services/values.yaml b/mcord-release/mcord-services/values.yaml
new file mode 100644
index 0000000..65fab56
--- /dev/null
+++ b/mcord-release/mcord-services/values.yaml
@@ -0,0 +1,82 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for M-CORD Services
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+
+# Global Block defines shared variables for all Kubernetes objects
+# etcdurl: the etcd connection peer for centralIP network plugin
+global:
+ namespace: default
+ fqdn: svc.cluster.local
+ imagepullpolicy: IfNotPresent
+ etcdurl: http://node1:32379
+
+hssdb:
+ name: hssdb
+ image: krsna1729/c3po-hssdb
+ cpu: 3
+ memory: 4Gi
+
+hss:
+ name: hss
+ initimage: krsna1729/c3po-hssdb
+ image: krsna1729/c3po-hss
+ cpu: 3
+ memory: 1Gi
+
+mme:
+ name: mme
+ initimage: ngick8stesting/c3po-mmeinit
+ image: ngick8stesting/c3po-mme:5e2eaf6
+ cpu: 3
+ memory: 1Gi
+
+spgwc:
+ name: spgwc
+ initimage: ngick8stesting/kubectl
+ image: krsna1729/ngic-cp
+ cpu: 3
+ memory: 5Gi
+
+spgwu:
+ name: spgwu
+ image: krsna1729/ngic-dp
+ cpu: 4
+ memory: 8Gi
+
+enb:
+ host: 10.1.11.3
+ port: 36412
+
+# Network block defines the network used by SR-IOV pods
+# ipamtype: defined the prefered IP management plugin (only support host-local or centralip)
+# subnet: defined the customized network subnet range
+# gateway: defined the default gateway for pod which attaches to current network
+# this option will be ignored when using centralip as ipam plugin
+networks:
+ - name: s1u-net
+ sriovtype: vfioveth
+ ipamtype: centralip
+ subnet: 119.0.0.0/24
+ gateway: 119.0.0.254
+ - name: sgi-net
+ sriovtype: vfioveth
+ ipamtype: centralip
+ subnet: 13.1.1.0/24
+ gateway: 13.1.1.254
diff --git a/mcord-release/mcord-setup/.helmignore b/mcord-release/mcord-setup/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/mcord-release/mcord-setup/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/mcord-release/mcord-setup/Chart.yaml b/mcord-release/mcord-setup/Chart.yaml
new file mode 100644
index 0000000..ddbb3f3
--- /dev/null
+++ b/mcord-release/mcord-setup/Chart.yaml
@@ -0,0 +1,21 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+appVersion: "1.0"
+description: The prerequisite setup of M-CORD
+name: mcord-setup
+version: 0.1.0
diff --git a/mcord-release/mcord-setup/templates/NOTES.txt b/mcord-release/mcord-setup/templates/NOTES.txt
new file mode 100644
index 0000000..bc70b1d
--- /dev/null
+++ b/mcord-release/mcord-setup/templates/NOTES.txt
@@ -0,0 +1,33 @@
+{{- /*
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/ -}}
+
+Congratulations! You have installed SR-IOV network device plugin into your Kubernetes cluster.
+
+Your configurations for SR-IOV network device plugin as following:
+
+ 10-Gigabit NIC PCI address: {{ .Values.sriov.devicepci }}
+ SR-IOV device type: {{ .Values.sriov.devicetype }}
+
+You can run following command to check SR-IOV is working in Kubernetes cluster:
+
+ $ kubectl -n kube-system -l name=sriov-device-plugin -o wide get pods
+ $ kubectl get nodes -o json | jq -r '.items[] | "\(.metadata.name): \(.status.allocatable)"'
+
+ node1: {"cpu":"39800m","ephemeral-storage":"452697199891","hugepages-1Gi":"32Gi","intel.com/sriov":"63","memory":"31776336Ki","pods":"110"}
+ node2: {"cpu":"39800m","ephemeral-storage":"452697199891","hugepages-1Gi":"32Gi","intel.com/sriov":"63","memory":"31776336Ki","pods":"110"}
+
+The result should show "intel.com/sriov" resource is registered to cluster, and have some virtual function available here.
diff --git a/mcord-release/mcord-setup/templates/_helpers.tpl b/mcord-release/mcord-setup/templates/_helpers.tpl
new file mode 100644
index 0000000..aabdc98
--- /dev/null
+++ b/mcord-release/mcord-setup/templates/_helpers.tpl
@@ -0,0 +1,49 @@
+{{- /*
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/ -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "mcord-setup.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "mcord-setup.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "mcord-setup.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/mcord-release/mcord-setup/templates/multus-sriov-ds.yaml b/mcord-release/mcord-setup/templates/multus-sriov-ds.yaml
new file mode 100644
index 0000000..135e769
--- /dev/null
+++ b/mcord-release/mcord-setup/templates/multus-sriov-ds.yaml
@@ -0,0 +1,234 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ # name must match the spec fields below, and be in the form: <plural>.<group>
+ name: network-attachment-definitions.k8s.cni.cncf.io
+ annotations:
+ "helm.sh/hook": "crd-install"
+ "helm.sh/hook-delete-policy": "before-hook-creation"
+spec:
+ # group name to use for REST API: /apis/<group>/<version>
+ group: k8s.cni.cncf.io
+ # version name to use for REST API: /apis/<group>/<version>
+ version: v1
+ # either Namespaced or Cluster
+ scope: Namespaced
+ names:
+ # plural name to be used in the URL: /apis/<group>/<version>/<plural>
+ plural: network-attachment-definitions
+ # singular name to be used as an alias on the CLI and for display
+ singular: network-attachment-definition
+ # kind is normally the CamelCased singular type. Your resource manifests use this.
+ kind: NetworkAttachmentDefinition
+ # shortNames allow shorter string to match your resource on the CLI
+ shortNames:
+ - net-attach-def
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: multus-sa
+ namespace: kube-system
+ annotations:
+ "helm.sh/hook": "pre-install"
+ "helm.sh/hook-delete-policy": "before-hook-creation"
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: multus-sa-secret
+ namespace: kube-system
+ annotations:
+ kubernetes.io/service-account.name: multus-sa
+type: kubernetes.io/service-account-token
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: multus-pod-networks-lister
+rules:
+- apiGroups: [""]
+ resources: ["pods"]
+ verbs: ["get"]
+- apiGroups: [""]
+ resources: ["pods/status"]
+ verbs: ["update"]
+- apiGroups: ["k8s.cni.cncf.io"]
+ resources: ["*"]
+ verbs: ["get"]
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: multus-scripts
+ namespace: kube-system
+data:
+ install-certs.sh: |
+ # Copied from Calico
+ # https://github.com/projectcalico/cni-plugin/blob/master/k8s-install/scripts/install-cni.sh
+ touch /host/etc/cni/net.d/multus-kubeconfig
+ chmod 600 /host/etc/cni/net.d/multus-kubeconfig
+ SERVICE_ACCOUNT_PATH=/var/run/secrets/multus/serviceaccount
+ KUBE_CA_FILE=$SERVICE_ACCOUNT_PATH/ca.crt
+ TLS_CFG="certificate-authority-data: $(cat $KUBE_CA_FILE | base64 | tr -d '\n')"
+ SERVICEACCOUNT_TOKEN=$(cat $SERVICE_ACCOUNT_PATH/token)
+ cat > /host/etc/cni/net.d/multus-kubeconfig <<EOF
+ # Kubeconfig file for Multus CNI plugin.
+ apiVersion: v1
+ kind: Config
+ clusters:
+ - name: local
+ cluster:
+ server: https://${KUBERNETES_SERVICE_HOST}:${KUBERNETES_SERVICE_PORT}
+ $TLS_CFG
+ users:
+ - name: multus
+ user:
+ token: "${SERVICEACCOUNT_TOKEN}"
+ contexts:
+ - name: multus-context
+ context:
+ cluster: local
+ user: multus
+ current-context: multus-context
+ EOF
+ install-multus-conf.sh: |
+ # copied from https://github.com/intel/multus-cni/blob/master/images/entrypoint.sh
+ rm -f /host/etc/cni/net.d/00-multus.conf
+ MASTER_PLUGIN="$(ls /host/etc/cni/net.d | grep -E '\.conf(list)?$' | head -1)"
+ MASTER_PLUGIN_JSON="$(cat /host/etc/cni/net.d/$MASTER_PLUGIN)"
+ cat > /host/etc/cni/net.d/00-multus.conf <<EOF
+ {
+ "name": "multus-cni-network",
+ "type": "multus",
+ "logFile": "/var/log/multus.log",
+ "logLevel": "debug",
+ "kubeconfig": "/etc/cni/net.d/multus-kubeconfig",
+ "delegates": [
+ $MASTER_PLUGIN_JSON
+ ]
+ }
+ EOF
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: multus-rb
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: multus-pod-networks-lister
+subjects:
+- kind: ServiceAccount
+ name: multus-sa
+ namespace: kube-system
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: sriov-device-plugin
+ namespace: kube-system
+spec:
+ selector:
+ matchLabels:
+ name: sriov-device-plugin
+ template:
+ metadata:
+ labels:
+ name: sriov-device-plugin
+ spec:
+ initContainers:
+ - name: init-sriovds
+ image: {{ .Values.sriovds.initimage }}
+ command: [ "bash", "-c" ]
+ args:
+ - cp /tmp/cni/bin/{multus,sriov,vfioveth,centralip,jq} /host/opt/cni/bin/;
+ /tmp/multus/install-multus-conf.sh;
+ /tmp/multus/install-certs.sh;
+ systemctl stop kubelet;
+ echo "Restarting crio/containerd, kubelet";
+ systemctl restart containerd;
+ systemctl restart crio;
+ systemctl restart kubelet;
+ volumeMounts:
+ - name: usr-bin
+ mountPath: /host/usr/bin
+ - name: cni-bin
+ mountPath: /host/opt/cni/bin
+ - name: multus-sa
+ mountPath: /var/run/secrets/multus/serviceaccount
+ - name: multus-scripts
+ mountPath: /tmp/multus
+ - name: cni-conf
+ mountPath: /host/etc/cni/net.d
+ - name: dbus
+ mountPath: /var/run/dbus
+ - name: systemd
+ mountPath: /run/systemd
+ containers:
+ - name: sriovds
+ image: {{ .Values.sriovds.image }}
+ command: [ "sh", "-c" ]
+ args:
+ - /usr/bin/sriovdp --logtostderr -v 10;
+ sleep infinity;
+ volumeMounts:
+ - name: net
+ mountPath: /sys/class/net
+ readOnly: true
+ - name: dp-sock
+ mountPath: /var/lib/kubelet/device-plugins/
+ readOnly: false
+ - mountPath: /etc/pcidp
+ name: sriov-config
+ readOnly: false
+ volumes:
+ - name: sriov-config
+ configMap:
+ name: sriov-config
+ - name: usr-bin
+ hostPath:
+ path: /usr/bin
+ - name: cni-bin
+ hostPath:
+ path: /opt/cni/bin
+ - name: multus-sa
+ secret:
+ secretName: multus-sa-secret
+ - name: multus-scripts
+ configMap:
+ defaultMode: 511
+ name: multus-scripts
+ - name: cni-conf
+ hostPath:
+ path: /etc/cni/net.d
+ - name: dbus
+ hostPath:
+ path: /var/run/dbus
+ - name: systemd
+ hostPath:
+ path: /run/systemd
+ - name: net
+ hostPath:
+ path: /sys/class/net
+ - name: dp-sock
+ hostPath:
+ path: /var/lib/kubelet/device-plugins/
+ hostNetwork: true
+ hostPID: true
diff --git a/mcord-release/mcord-setup/templates/sriov-conf.yaml b/mcord-release/mcord-setup/templates/sriov-conf.yaml
new file mode 100644
index 0000000..963beb6
--- /dev/null
+++ b/mcord-release/mcord-setup/templates/sriov-conf.yaml
@@ -0,0 +1,34 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: sriov-config
+ namespace: kube-system
+data:
+ config.json: |
+ {
+ "resourceList":
+ [
+ {
+ "resourceName": {{ .Values.sriov.name | quote }},
+ "rootDevices": [{{ .Values.sriov.devicepci | quote }}],
+ "sriovMode": true,
+ "deviceType": "vfio"
+ }
+ ]
+ }
diff --git a/mcord-release/mcord-setup/values.yaml b/mcord-release/mcord-setup/values.yaml
new file mode 100644
index 0000000..d9f8be4
--- /dev/null
+++ b/mcord-release/mcord-setup/values.yaml
@@ -0,0 +1,24 @@
+---
+# Copyright 2018-present Open Networking Foundation
+# Copyright 2018 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+sriovds:
+ initimage: aweimeow/multus-sriov
+ image: aweimeow/multus-sriov
+
+sriov:
+ name: sriov
+ devicepci: 04:00.0
+ devicetype: vfio
