Scribd Logo
Upload

Welcome to Scribd!

  • MOP UDM Deployment-22.8: AWS Based

    Uploaded by

    praveensingh
    11 views15 pages

    Original Title

    null

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views15 pages

    MOP UDM Deployment-22.8: AWS Based

    Uploaded by

    praveensingh

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    MOP

    UDM Deployment-22.8

    AWS Based—
    ZTS Software
    SW COMPONENT VERSION CHECKSUM (SHA256)

    ZTS ZTS 22.8 363b643a35fbee77349481293c7e1e976daf


    207d415789309623333b30462774
    ZTS_1.15.128.tar.gz

    UDM Software

    SW COMPONENT VERSION CHECKSUM (SHA256)

    AUSF/UDM AUSF_UDM_NGCAL2280314.tar.gz 02C0F0209469A5889E37D53AD7F141B20238D3A0A825


    EB76EE63D0A71ECD7785

    1.Prerequisites for Linux server setup/AWS Platform access Enable


    1.WSL for Linux and Virtual Machine Platform

    2.AWS account
    3.AWS EKS cluster enabled
    4.EC2 server (Linux) with aws cli, helm, kubectl and docker installed. (Deployment server).
    2. Image Onboarding
    1.Load the images into S3 bucket from local jump(ubantu) server.

    2. Load the images from S3 bucket to local AWS CLI.

    3. Tag the images for AWS Repositories.

    4. Login to ECR

    5. Create Repositories for each Images

    6. Push the images into AWS ECR.


    Image Onboard Command

    3.Create Namespace for ZTS


    kubectl create ns zts1

    4.Prepare values.yaml and refvalues.yaml


    1. values.yaml -Use PlaTo tool to generate for ZTS services—this file contains the information about
    imageRegistry/storageClass/ multuscidr/ route/route_gw/ztslenvoylbip/ztslenvoylbip2/VNF
    Name/WOrkwer node selector/Nodeaffinity etc.

    2. ztsref_values.yaml -Use Acord tool to generate yaml ref file which contains—this file contains the
    information about Replica count/memory & CPU Means Resource Information

    5. Deploy ZTS via helm command


    6. User add in key clock GUI
    GUI Access
    Install VNC Viewer from Software centre
    Users --> cmadmin/ zts1user/ dauser/ imuser/ wsuser

    Groups: ssadmin caadmins, SettingsAdminGroup and cmadmins

    6. Generate Netconf.xml -- The netconf.xml contains all the configuration and


    integration data which required for operation of the AUSF_UDM.

    This file is generated through Nokia yang-based planning tool using Generic.xml & share by
    Network Team.

    AUSF_UDM_NGCAL2280314\INSTALL_MEDIA\SCHEMA/Generic.xml

    **Note— we need to upload Netconf file in cmcontroller pod in /tmp folder

    7.After this we provision the certificate

    8.Onboard images for AUSF-UDM


    app-pre-installer—this file contains the information About network Enable & lan Information like
    ldap LAN/HTTP2 lan/LI LAN/HSM lan/Trigger Lan/ etc.

    reg-helm chart value.yaml—its contains Information about Image repository/node selector/Service


    Fqdn/vnf name/ZTS user information/Password etc/resource information

    9. Create and deploy network service for APP_PRE_INSTALLER for AUSF-UDM


    helm install app-pre-installer -f name app-pre-installer_value.yaml -n udm01

    **kubectl get danmnets -n -n udm01

    10. deploy AUSF UDM


    helm install reg-helm-charts reg-helm-charts-228.314.0.tgz -f reg-helm-chart_value.yaml -n
    udm01

    Learning -1
    Pods are Not Scheduled due to labels mis match with cluster nodes

    - Node Selector and node Affinity to be update with correct labels for all helm charts values.yaml

    Learning -2
    AUSF Pod is not running fully due to Config error

    -Ueauthn pod resource metrics release value is present as 2 instead of 1 for initial deployment

    UDM overview---

    5G Architecture – SBA (Service Based Architecture)


    AUSF/UDM Services--

    AUSF UDM is a service which is divided in sub service.

    AUSF---Nausf ueauth—this is use for mgmt. of user identification & authorization.

    UDM—Nudm-sdm—it manages all subscribers data and services. It allows to retrieve user
    subscription data when required.

    —Nudm-ueauth-- This service provides updated authentication related subscriber data to the
    subscribed NF . For AKA based authentication, it supports 5G AKA and EAP-AKA’ algorithms.

    Nudm-uecm—it is use to context data mgmt. like customer data is inside the old AMF then its use to
    quay for new AMF & carried out old to new AMF,

    Nudm-ee—its Allow NF consumer to subscribe to receive an event, Monitoring event, suppose


    Subscriber in Roaming this kind of event is notified by EE.
    Supporting service of AUSF UDM -:

    NIM - NRF Interaction Module service -- This service allows AUSF_UDM services to register its
    availability with NRF over Nnrf interface. The service instances are used to discover other NFs and
    their services.

    HTTP/2 Load balancer (LB):It acts a dedicated interface for communication between AUSF_UDM
    services and external NFs

    Lawful Interception (LI): This service provides both X1 and X2 interfaces for UDM and AUSF Network
    functions. It is used to intercept the subscriber related events. & collect and provide
    communications data of individuals or organizations to law enforcement department.

    ARPF: -Authentication credential repository & processing function This service provides
    Authentication vector generation logic for all AKA based authentications. It provides APIs for UDM-
    UEAUTH service for requesting Authentication vectors. It also support Encrypt/De Encrypt facility for
    Subscriber Key(Ki).

    SIDF: Subscriber Identity De-Concealing Function (SIDF) –basically it supports de-conceals SUCI to
    SUPI

    Trigger: It supports LDAP interface from AUSF_UDM for Subscriber profile access from OneNDS/SDL.

    ----------------------------------------------------------Configuration/Integration-----------------------------------------
    Let us understand with an example, below mention configuration for ldap, we need to configure at udm side, there is 4
    service in UDM so we have to update below mention configuration at all service.

    Step1-for udmUeauth

    1.Kubectl exec -it <pod name> -n <namespace name> -c <container name> bash
    2.ssh -p 2024 cmadmin/pw-xyz

    3.configre terminal & copypaste configuration & wr it for save configration

    REGISTERS UDMUEAUTH UdmUeauthLdapInterface HostConfigTable 200.30.221.74

    PriorityValue 1

    CapacityValue 1

    PortValue 16611

    REGISTERS UDMUEAUTH UdmUeauthLdapInterface HostConfigTable 200.30.221.75

    PriorityValue 1

    CapacityValue 1

    PortValue 16611

    Step2-for udmee

    1.Kubectl exec -it <pod name> -n <namespace name> -c <container name> bash

    2.ssh -p 2024 cmadmin/pw-xyz

    3.configre terminal & copypaste configuration & wr it for save configration

    REGISTERS UDM_EE UdmEeLdapInterface HostConfigTable 200.30.221.74

    PriorityValue 1

    CapacityValue 1

    PortValue 16611

    REGISTERS UDM_EE UdmEeLdapInterface HostConfigTable 200.30.221.75

    PriorityValue 1

    CapacityValue 1

    PortValue 16611

    Step3-for udmsdm

    1.Kubectl exec -it <pod name> -n <namespace name> -c <container name> bash

    2.ssh -p 2024 cmadmin/pw-xyz

    3.configre terminal & copypaste configuration & wr it for save configration

    REGISTERS UDM_SDM UdmSdmLdapInterface HostConfigTable 200.30.221.74

    PriorityValue 1

    CapacityValue 1

    PortValue 16611

    REGISTERS UDM_SDM UdmSdmLdapInterface HostConfigTable 200.30.221.75

    PriorityValue 1

    CapacityValue 1

    PortValue 16611
    Step4-for udmUeauth

    1.Kubectl exec -it <pod name> -n <namespace name> -c <container name> bash

    2.ssh -p 2024 cmadmin/pw-xyz

    3.configre terminal & copypaste configuration & wr it for save configration

    REGISTERS UDM_UECM UdmUecmLdapInterface HostConfigTable 200.30.221.74

    PriorityValue 1

    CapacityValue 1

    PortValue 16611

    REGISTERS UDM_UECM UdmUecmLdapInterface HostConfigTable 200.30.221.75

    PriorityValue 1

    CapacityValue 1

    PortValue 16611

    For NetAct Integration we need to give below mention information to NetAct team

    You might also like