SD-Core release 1.3 updates
Change-Id: Ief59ee9393f5d182422dc8d1abb8c23f7d8e851b
diff --git a/_static/images/Metric_Func_Arch.png b/_static/images/Metric_Func_Arch.png
new file mode 100644
index 0000000..fa89f34
--- /dev/null
+++ b/_static/images/Metric_Func_Arch.png
Binary files differ
diff --git a/_static/images/rogue-subscriber.png b/_static/images/rogue-subscriber.png
new file mode 100644
index 0000000..1641cdc
--- /dev/null
+++ b/_static/images/rogue-subscriber.png
Binary files differ
diff --git a/deployment/deployment5G.rst b/deployment/deployment5G.rst
index d07a0ad..575b6c8 100644
--- a/deployment/deployment5G.rst
+++ b/deployment/deployment5G.rst
@@ -1,4 +1,5 @@
..
+ SPDX-FileCopyrightText: 2023-present Intel Corporation
SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
SPDX-License-Identifier: Apache-2.0
@@ -160,7 +161,7 @@
- **UPF-Adapter** :
Enable this flag to introduce UPF-Adapter between multiple SMF instances
- and UPF. This required for the case where UPF doesn't support multiple
+ and UPF. This required for the case where UPF does not support multiple
SMF association with same pfcp node-id.
- **NRF Keep-Alive** :
@@ -168,7 +169,13 @@
profile updates from the registered NFs.
- **UE IP-Address alloc via UPF** :
- Enable this flag to get UE IP-Address allocated via UPF rather than locally by SMF.
+ Enable this config to get UE IP-Address allocated via UPF rather than locally by SMF.
+
+- **Static UE IP-Address alloc** :
+ Enable this config to reserve static UE IP-Address for any specific UE.
+
+- **Custom IMSI support** :
+ Employ this config to have custom IMSI(starts with leading zeroes) for development environment with real UE.
Enable AMF Sctp Load Balancer
'''''''''''''''''''''''''''''
@@ -238,3 +245,78 @@
hostname: "upf"
enable_ue_ip_alloc: true
ue_ip_pool: "172.250.0.0/16"
+
+
+Enable Static UE IP-Address allocation
+''''''''''''''''''''''''''''''''''''''
+This config shall help in reserving Static UE IP-Address for any given UE.
+The config should mention details about DNN, UE's IMSI and preferred IP-Address from that DNN pool.
+
+.. code-block::
+
+ smf:
+ cfgFiles:
+ smfcfg.conf:
+ configuration:
+ staticIpInfo:
+ - dnn: internet
+ imsiIpInfo:
+ supi-123456789012341: "172.250.237.10"
+ supi-123456789012342: "172.250.237.11"
+
+Enable Custom IMSI with real UE 5G deployment
+'''''''''''''''''''''''''''''''''''''''''''''
+
+Following configuration is required to have custom test IMSI with real UE 5G deployment.
+
+Existing MCC/MNC = 208/93
+New MCC/MNC = 001/22
+
+Patch following files
+
+* Mandatory
+
+Patch aether-in-a-box/sd-core-5g-values.yaml as following
+
+.. code-block::
+
+ # below block configures the subscribers and their security details.
+ # you can have any number of subscriber ranges
+ subscribers:
+ - - ueId-start: "208930100007487"
+ - ueId-end: "208930100007500"
+ - plmnId: "20893"
+ + - ueId-start: "001220100007487"
+ + ueId-end: "001220100007500"
+ + plmnId: "00122"
+ opc: "981d464c7c52eb6e5036234984ad0bcf"
+ op: ""
+ key: "5122250214c33e723a5dd523fc145fc0"
+ sequenceNumber: "16f3b3f70fc2"
+ - - ueId-start: "208930100007501"
+ - ueId-end: "208930100007599"
+ - plmnId: "20893"
+ + - ueId-start: "001220100007501"
+ + ueId-end: "001220100007599"
+ + plmnId: "00122"
+ opc: "981d464c7c52eb6e5036234984ad0bcf"
+ op: ""
+ key: "5122250214c33e723a5dd523fc145fc0"
+
+* only if ROC is employed
+
+Patch aether-in-a-box/roc-5g-models.json as following
+
+.. code-block::
+
+ "imsi-definition": {
+ - "mcc": "208",
+ - "mnc": "93",
+ + "mcc": "001",
+ + "mnc": "22",
+ {
+ "sim-id": "aiab-sim-1",
+ "display-name": "UE 1 Sim",
+ - "imsi": "208930100007487"
+ + "imsi": "001220100007487"
+ },
diff --git a/design/design-metricfunc.rst b/design/design-metricfunc.rst
new file mode 100644
index 0000000..98513c3
--- /dev/null
+++ b/design/design-metricfunc.rst
@@ -0,0 +1,75 @@
+..
+ SPDX-FileCopyrightText: 2023-present Intel Corporation
+ SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+ SPDX-License-Identifier: Apache-2.0
+
+.. _design_metricfunc:
+
+Metric Function Design Overview
+===============================
+
+.. image:: ../_static/images/Metric_Func_Arch.png
+ :width: 500px
+
+Metric-Function
+---------------
+
+The Metric Function act as an aggregator and processor of metrics received from different 5G Network Functions.
+Currently, only SMF and AMF publishes metrics to the Metric Function as of this release.
+
+The Metric Function provides following features
+
+* API Service exposure
+ It provides APIs to fetch various metrics as mentioned below
+ * GetSubscriberAll (/nmetric-func/v1/subscriber/all)
+ * GetSubscriberSummary (/nmetric-func/v1/subscriber/<imsi>)
+ * GetNfStatus (/nmetric-func/v1/nfstatus/<GNB/UPF>)
+ * GetNfServiceStats (/nmetric-func/v1/nfServiceStatsSummary/<AMF/SMF>) (not supported in this release)
+ * GetNfServiceStatsAll (/nmetric-func/v1/nfServiceStats/all) (not supported in this release)
+* Prometheus Client exposure
+ * It exposes Prometheus client interface for metrics scraping via Prometheus server
+* Analytics Function exposure(not supported in this release)
+ * It shall push events to configured Analytics Function.
+
+
+Sample output from API Service
+------------------------------
+* GetSubscriberAll (/nmetric-func/v1/subscriber/all)
+
+ .. code-block::
+
+ http://<metricfunc-pod-ip>:9301/nmetric-func/v1/subscriber/all
+
+ ["imsi-208930100007487","imsi-208930100007488","imsi-208930100007489","imsi-208930100007490","imsi-208930100007491"]
+
+
+* GetSubscriberSummary (/nmetric-func/v1/subscriber/<imsi>)
+
+ .. code-block::
+
+ http://<metricfunc-pod-ip>:9301/nmetric-func/v1/subscriber/imsi-208930100007487
+ {
+ "imsi":"imsi-208930100007487",
+ "smfId":"urn:uuid:c573621f-e198-4f67-988b-f7373e67601c","smfIp":"192.168.84.172",
+ "smfSubState":"Connected","ipaddress":"172.250.237.121","dnn":"internet","slice":"sd:010203 sst:1",
+ "upfid":"upf","upfAddr":"192.168.85.188",
+ "amfId":"b17f4726-4809-43e6-b5b6-afa0fc72807b","guti":"20893cafe00002647e6","tmsi":2508774,"amfngapId":2508775,
+ "ranngapId":3405774848,"amfSubState":"Registered","gnbid":"208:93:000102","tacid":"000001","amfIp":"192.168.84.159"
+ }
+
+* GetNfStatus (/nmetric-func/v1/nfstatus/<GNB/UPF>)
+
+ .. code-block::
+
+ http://<metricfunc-pod-ip>:9301/nmetric-func/v1/nfstatus/UPF
+ [
+ {"nfType":"UPF","nfStatus":"Connected","nfName":"upf-1"},
+ {"nfType":"UPF","nfStatus":"Connected","nfName":"upf-2"}
+ ]
+
+ http://<metricfunc-pod-ip>:9301/nmetric-func/v1/nfstatus/GNB
+ [
+ {"nfType":"GNB","nfStatus":"Disconnected","nfName":"208:93:000112"},
+ {"nfType":"GNB","nfStatus":"Disconnected","nfName":"208:93:000102"}
+ ]
+
diff --git a/developer/auto-scaling-5g-nfs.rst b/developer/auto-scaling-5g-nfs.rst
new file mode 100644
index 0000000..c3181ac
--- /dev/null
+++ b/developer/auto-scaling-5g-nfs.rst
@@ -0,0 +1,168 @@
+..
+ SPDX-FileCopyrightText: 2023-present Intel Corporation
+ SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+ SPDX-License-Identifier: Apache-2.0
+
+.. _auto-scaling-5g-nfs:
+
+Auto scaling 5G NFs
+===================
+
+Autoscaling cloud native network functions is a critical capability for modern cloud infrastructure.
+It enables dynamic scaling of network functions to handle increased traffic or workload demands,
+ensuring optimal performance and cost-effectiveness.
+
+Kubernetes Event-driven Autoscaling (KEDA) is an open-source tool that makes it easier to implement
+autoscaling for cloud-native network functions(https://github.com/kedacore/keda).
+
+When the network functions receive more traffic or workload, KEDA automatically scales up the pods to
+handle the increased demand. When the demand decreases, KEDA scales down the pods to save resources and
+minimize costs.
+
+We can enable autoscaling based on memory usage, CPU usage, and custom metrics.
+
+Illustration
+------------
+
+Let's explore the steps on how to set up autoscaling in AIAB.
+
+In this example, we are setting up KEDA to scale the smf pod up for every 50 N4 messages received by SMF
+
+
+Run the following steps in aether-in-a-box folder:
+
+* Create aiab.diff file as described below
+* patch < aiab.diff
+* Create resources/keda.yaml as described below
+* Create resources/5g-monitoring/smf-monitor.yaml as described below
+* Create autoscale.yaml as described below
+* make 5g-core
+* make monitoring-5g
+* make autoscale-aiab
+* kubectl get hpa -n omec : To view the horizontal pod scaler.
+* kubectl get pods -n omec | grep smf : To view the scaled pods.
+
+Create file aiab.diff with following content
+
+.. code-block::
+
+ diff --git a/Makefile b/Makefile
+ index bd54a7a..df85e0a 100644
+ --- a/Makefile
+ +++ b/Makefile
+ @@ -26,9 +26,10 @@ GET_HELM = get_helm.sh
+ KUBESPRAY_VERSION ?= release-2.17
+ DOCKER_VERSION ?= '20.10'
+ HELM_VERSION ?= v3.10.3
+ -KUBECTL_VERSION ?= v1.23.15
+ +KUBECTL_VERSION ?= v1.24.11
+
+ -RKE2_K8S_VERSION ?= v1.23.15+rke2r1
+ +RKE2_K8S_VERSION ?= v1.24.11+rke2r1
+ +#RKE2_K8S_VERSION ?= v1.23.15+rke2r1
+ K8S_VERSION ?= v1.21.6
+
+ OAISIM_UE_IMAGE ?= andybavier/lte-uesoftmodem:1.1.0-$(shell uname -r)
+ @@ -65,6 +66,8 @@ ROUTER_HOST_NETCONF := /etc/systemd/network/10-aiab-access.netdev /etc/systemd
+ UE_NAT_CONF := /etc/systemd/system/aiab-ue-nat.service
+
+ # monitoring
+ +AUTOSCALE_CHART := kedacore/keda
+ +AUTOSCALE_VALUES ?= $(MAKEDIR)/autoscale.yaml
+ RANCHER_MONITORING_CRD_CHART := rancher/rancher-monitoring-crd
+ RANCHER_MONITORING_CHART := rancher/rancher-monitoring
+ MONITORING_VALUES ?= $(MAKEDIR)/monitoring.yaml
+ @@ -675,6 +678,26 @@ test: | 4g-core $(M)/oaisim
+ fi
+ @grep -q "Simulation Result: PASS\|Profile Status: PASS" /tmp/gnbsim.out
+
+ +autoscale: $(M)/autoscale
+ +$(M)/autoscale: $(M)/helm-ready
+ + helm repo add kedacore https://kedacore.github.io/charts
+ + helm upgrade --install --wait $(HELM_GLOBAL_ARGS) \
+ + --namespace=autoscale \
+ + --create-namespace \
+ + --values=$(AUTOSCALE_VALUES) \
+ + keda-aiab \
+ + $(AUTOSCALE_CHART)
+ + touch $(M)/autoscale
+ +
+ +autoscale-aiab: $(M)/autoscale
+ + kubectl apply -f resources/keda.yaml
+ +
+ +autoscale-clean:
+ + kubectl delete -f resources/keda.yaml
+ + helm -n autoscale delete keda-aiab || true
+ + kubectl delete namespace autoscale || true
+ + rm $(M)/autoscale
+ +
+ reset-test: | oaisim-clean omec-clean router-clean
+ @cd $(M); rm -f omec oaisim 5g-core
+
+ diff --git a/resources/5g-monitoring/kustomization.yaml b/resources/5g-monitoring/kustomization.yaml
+ index 96bc72b..0b757e9 100644
+ --- a/resources/5g-monitoring/kustomization.yaml
+ +++ b/resources/5g-monitoring/kustomization.yaml
+ @@ -5,6 +5,7 @@
+ resources:
+ - ./metricfunc-monitor.yaml
+ - ./upf-monitor.yaml
+ + - ./smf-monitor.yaml
+
+ configMapGenerator:
+ - name: grafana-ops-dashboards
+
+
+Create a file resources/keda.yaml with the following content
+
+.. code-block::
+
+ ---
+ apiVersion: keda.sh/v1alpha1
+ kind: ScaledObject
+ metadata:
+ name: smf-scale
+ namespace: omec
+ spec:
+ scaleTargetRef:
+ kind: Deployment
+ name: smf
+ minReplicaCount: 1
+ maxReplicaCount: 5
+ cooldownPeriod: 30
+ pollingInterval: 1
+ triggers:
+ - type: prometheus
+ metadata:
+ serverAddress: http://rancher-monitoring-prometheus.cattle-monitoring-system.svc:9090
+ metricName: n4_messages_total
+ query: |
+ sum(n4_messages_total{job="smf"})
+ threshold: "50"
+
+Create file resources/5g-monitoring/smf-monitor.yaml with following content
+
+.. code-block::
+
+ apiVersion: monitoring.coreos.com/v1
+ kind: ServiceMonitor
+ metadata:
+ name: smf
+ namespace: omec
+ spec:
+ endpoints:
+ - path: /metrics
+ port: prometheus-exporter
+ namespaceSelector:
+ matchNames:
+ - omec
+ selector:
+ matchLabels:
+ app: smf
+
+Add an empty autoscale.yaml in aiab folder. This file can be used to add override values for keda helm chart.
+
+.. code-block::
+
+ touch autoscale.yaml
+
diff --git a/developer/rogue-subscriber.rst b/developer/rogue-subscriber.rst
new file mode 100644
index 0000000..9c062d8
--- /dev/null
+++ b/developer/rogue-subscriber.rst
@@ -0,0 +1,41 @@
+..
+ SPDX-FileCopyrightText: 2023-present Intel Corporation
+ SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+ SPDX-License-Identifier: Apache-2.0
+
+.. _rogue-subscriber:
+
+Rogue Subscriber Blocking
+=========================
+
+.. image:: ../_static/images/rogue-subscriber.png
+ :width: 500px
+
+This feature enables 5G network to revoke subscription of malicious UE. It is required that UPF is
+configured to support malicious subscriber identification. The custom user application can read the malicious
+subscriber's IP Address identified by the UPF and can make available to 5G core network via Metric-Function.
+The 5G network shall revoke malicious UEs subscription based on UE IP-Addresses received.
+
+Please follow detailed flow
+
+* The UPF shall detect malicious UE IP-Address and the user application shall learn it.
+* The user application shall maintain the malicious subscriber's IP Address.
+* The Controller functionality of the MetricFunction shall keep polling the user application to fetch malicious
+ subscriber's IP
+ Address.
+* The metricfunc manages all subscriber contexts, so the Controller identifies the IMSI associated to malicious
+ Subscriber IP.
+* The MetricFunc Pod notifies the ROC to disable the SIM Card associated with malicious subscriber.
+* ROC updates the Config Server(webui) with updated Device Group(s) and slice(s) information.
+* AMF initiates a network-triggered deregistration procedure to detach the UE from the 5G core.
+
+The Metric-Function configuration to poll the user application
+
+.. code-block::
+
+ userAppApiServer:
+ addr: "userapp.omec.svc"
+ port: 9301
+ rocEndPoint:
+ addr: "aether-roc-umbrella-aether-roc-gui-v2-1-external.aether-roc.svc"
+ port: 80
diff --git a/dict.txt b/dict.txt
index 81d8a51..2a17bfd 100644
--- a/dict.txt
+++ b/dict.txt
@@ -7,6 +7,7 @@
AiaB
Analytics
Auth
+Autoscaling
Backend
Balancer
De
@@ -73,6 +74,7 @@
Xn
aether
aetherproject
+aiab
alloc
amf
anrelease
@@ -81,6 +83,8 @@
apis
apn
ausf
+autoscale
+autoscaling
behaviour
bess
bitrate
@@ -92,6 +96,7 @@
configmap
configs
configurability
+cpu
customProfile
customProfiles
dataplane
@@ -131,12 +136,14 @@
golang
gpp
grpc
+hpa
hss
hssdb
http
hyperscale
hyperscaler
iUPF
+imsi
imsis
instantiation
iot
@@ -144,13 +151,17 @@
iptables
jitter
json
+keda
keepalive
+kubectl
kubernetes
+kustomization
latencies
macroENB
mbr
mcc
menlo
+metricfunc
microservice
miniKube
minikube
@@ -163,8 +174,12 @@
namespace
nat
natively
+nfServiceStats
+nfServiceStatsSummary
+nfstatus
ng
ngap
+nmetric
nrf
nssf
nwreqpdusessrelease
@@ -199,9 +214,11 @@
repos
retransmission
retransmissions
+roc
runtime
scalability
scalable
+scaler
sctp
sctplb
sd
diff --git a/index.rst b/index.rst
index 85a06e3..e8a97fe 100644
--- a/index.rst
+++ b/index.rst
@@ -93,6 +93,7 @@
design/design-smf.rst
design/design-amf.rst
+ design/design-metricfunc.rst
.. toctree::
:maxdepth: 2
@@ -104,6 +105,8 @@
developer/aiab5g.rst
developer/gnbsim.rst
developer/testpod.rst
+ developer/rogue-subscriber.rst
+ developer/auto-scaling-5g-nfs.rst
.. toctree::
:maxdepth: 2
