1. Cloud Native Core Console Installation and Upgrade Guide
  2. Introduction

1 Introduction

This document provides information on how to install and upgrade Oracle Communications Cloud Native Core Console.

Overview

The Cloud Native Core Console (CNC Console) is a single screen solution to configure and manage Network Functions (NFs). The CNC Console has the following two modules:
  • CNC Console Core (CNCC Core): CNCC Core acts as GUI or API portal for NFs and OCCNE common services. CNCC Core module includes CNC Console and its integration with other Cloud native core network functions. The CNCC provides user interface that can be used to configure parameters for the following CNC network functions:
    • Binding Support Function (BSF)
    • Service Communication Proxy (SCP)
    • Network Repository Function (NRF)
    • Cloud Native Core Policy
    • Security Edge Protection Proxy (SEPP)
    • Unified Data Repository (UDR)
    • Network Slice Selection Function (NSSF)
    • CNE Common Services
    • Data Director (DD)
  • CNC Console Identity Access Management (CNCC IAM): CNCC IAM acts as local identity provider and broker for external identity provider. CNCC IAM module includes the required authentication and authorization procedures such as creating and assigning roles to users.

Continuous Delivery Control Server (CDCS)

CNC Console can be deployed using Continuous Delivery Control Server (CDCS) or Command Line Interface (CLI) procedures as described in Installing CNC Console. CDCS provides continuous delivery functionality for multi-site Cloud Native Core (CNC) installations. For more information about CDCS, see Oracle Communications Cloud Native Core CD Control Server User Guide.

CDCS is a centralized server that automates CNC Console deployment processes such as install, upgrade, and rollback CNC Console. CLI provides an interface to run various commands required to install, upgrade, and roll back CNC Console.

CNC Console installation comprises of prerequisites, pre-deployment , installation, and post installation tasks. You must perform CNC Console installation tasks in the same sequence as outlined in the following table:

Task Sub tasks Reference Applicable for CDCS Applicable for CLI
Prerequisites: This section describes how to set up the installation environment.   Prerequisites Yes Yes
  Software Requirements Software Requirements Yes Yes
  Environment Setup Requirements Environment Setup Requirements Yes Yes
  Resource Requirements Resource Requirements Yes Yes
Downloading CNC Console   Downloading CNC Console package See Oracle Communications CD Control Server Installation and Upgrade Guide Yes
CNC Console Pre-deployment Configuration   CNC Console Pre-deployment Configuration Yes Yes
  Verifying and Creating CNC Console Namespace Verifying and Creating CNC Console Namespace Yes Yes
  Configuring Database Configuring Database Yes Yes
  Installing CNC Console      
CNC Console Pre-deployment Configurations   CNC Console Pre-deployment Configurations Yes Yes
Global Configurations   Global Configurations Yes Yes
  CNC Console Configuration for Service Account CNC Console Configuration for Service Account Yes Yes
Configuring ASM and OSO in M-CNCC IAM Configuring ASM and OSO in M-CNCC IAM Yes Yes
CNC Console IAM Pre-deployment Configuration   CNC Console IAM Pre-deployment Configuration Yes Yes
  Configuring M-CNCC IAM Database Configuring M-CNCC IAM Database Yes Yes
  Configuring Secret for Default or Admin User in M-CNCC IAM Configuring Secret for Default or Admin User in M-CNCC IAM Yes Yes
  Configuring Secret to Enable HTTPS in M-CNCC IAM Configuring Secret to Enable HTTPS in M-CNCC IAM Yes Yes
  Configuring LDAPS in M-CNCC IAM Configuring LDAPS in M-CNCC IAM Yes Yes
M-CNCC Core Pre-deployment Configuration   M-CNCC Core Pre-deployment Configuration Yes Yes
Configuring MySQL in M-CNCC Core Configuring MySQL in M-CNCC Core Yes Yes
  Configuring Secret to Enable HTTPS in M-CNCC Core Configuring Secret to Enable HTTPS in M-CNCC Core Yes Yes
A-CNCC Core Pre-deployment Configuration   A-CNCC Core Pre-deployment Configuration Yes Yes
  Configuring A-CNCC Core Database Configuring A-CNCC Core Database Yes Yes
  Configuring Secret to Enable HTTPS in A-CNCC Core Configuring Secret to Enable HTTPS in A-CNCC Core Yes Yes
  Configuring A-CNCC Core mTLS Configuring A-CNCC Core mTLS Yes Yes
Deploying CNC Console   Deploying CNC Console See Oracle Communications CD Control Server Installation and Upgrade Guide Yes
  Verifying CNC Console Installation Verifying CNC Console Installation Yes Yes
Customizing CNC Console   Customizing CNC Console Yes Yes
Accessing CNC Console   Accessing CNC Console Yes Yes
Upgrading CNC Console   Upgrading CNC Console See Oracle Communications CD Control Server Installation and Upgrade Guide Yes
Uninstalling CNC Console   Uninstalling CNC Console Yes Yes
CNC Console IAM PostInstallation Steps   CNC Console IAM PostInstallation Steps Yes Yes
Performing Helm Test   Performing Helm Test Yes Yes
Configuring CNC Console to support ASM and OSO   Configuring CNC Console to support ASM and OSO Yes Yes
CNC Console Debug Tools   CNC Console Debug Tools Yes Yes

CNC Console Compatibility Matrix

The following table provides the list of network functions that are compatible with CNC Console 22.4.x:

Release 22.4.1

Table 1-1 Compatibility Matrix

Network Functions Compatible Versions
BSF 22.4.x
NRF 22.4.x
NSSF 22.4.x
Policy 22.4.x
SCP 22.4.x
SEPP 22.4.x
UDR 22.4.x

Table 1-2 Compatibility Matrix

Components Compatible Versions
DD 22.0.0
OCCNE 22.2.x, 22.3.x, 22.4.x
cnDBTier 22.2.x, 22.3.x, 22.4.x
CDCS 22.3.x, 22.4.x
OSO 1.6.x, 1.10.x, 22.3.x
ASM 1.4.6-am9, 1.6.14-am4, 1.9.8-am1
Release 22.4.0

Table 1-3 Compatibility Matrix

Network Functions Compatible Versions
BSF 22.4.0
NRF 22.4.0
NSSF 22.4.0
Policy 22.4.0
SCP 22.4.0
SEPP 22.4.0
UDR 22.4.0

Table 1-4 Compatibility Matrix

Components Compatible Versions
DD 22.0.0
OCCNE 22.2.x, 22.3.x, 22.4.x
cnDBTier 22.2.x, 22.3.x, 22.4.x
CDCS 22.3.x, 22.4.x
OSO 1.6.x, 1.10.x, 22.3.x
ASM 1.4.6-am9, 1.5.7-am3, 1.6.14-am4, 1.9.8-am1

CNC Console Deployment Architecture

Introduction

The CNC Console supports both single and multiple cluster deployments. In a single cluster deployment, the CNC Console manages NFs and OCCNE common services deployed in the local Kubernetes clusters. In a multiple cluster deployment, the CNC Console manages NFs and OCCNE common services deployed in the remote Kubernetes clusters. This section explains the Console component overview, terminology used and Console Single Cluster and Multi Cluster deployment details.

CNC Console Component Overview

The following diagram represents the component overview of CNC Console.

Figure 1-1 CNC Console Component Overview

img/deploymentdiagram.png
The CNC Console has following 2 components:
  • M-CNCC
  • A-CNCC

M-CNCC

Manager CNC Console or M-CNCC is a CNCC instance which manages multiple A-CNCC and local instances.

M-CNCC has two components M-CNCC IAM and M-CNCC Core.

M-CNCC IAM

Manager CNC Console IAM or M-CNCC IAM is an IAM component of M-CNCC. M-CNCC IAM contains M-CNCC IAM Ingress Gateway (CNCC IAM IGW) and M-CNCC IAM Back End (M-CNCC IAM BE) microservices.

M-CNCC Core

Manager CNC Console Core or M-CNCC Core is a core component of M-CNCC which provide GUI and API access portal for accessing NF and OCCNE common service. M-CNCC Core contains M-CNCC Core Ingress Gateway (CNCC Core IGW) and M-CNCC Core Back End (M-CNCC Core BE) microservices.

A-CNCC

A-CNCC Core

Agent CNC Console or A-CNCC Core is a CNCC Core instance which manages local NF(s) and local OCCNE common services(s). It is managed by M-CNCC.

A-CNCC Core contains A-CNCC Core Ingress Gateway and A-CNCC Core Back End microservices.

A-CNCC Core has no IAM component

A-CNCC Core is an optional component needed to manage NF instances.

Single Cluster Deployment Architecture

In a single cluster deployment, CNC Console can manage NFs and OCCNE common services deployed in the local kubernetes cluster.

The following diagram represents the CNCC single cluster deployment:

Figure 1-2 Single Cluster Deployment Architecture

img/singlecluster22.2.0.png

Multi Cluster Deployment Architecture

In a multi cluster deployment, CNC Console can manage NFs and OCCNE common services deployed in the remote kubernetes cluster(s). CNC Console instance called A-CNCC is needed on remote kubernetes clusters for this deployment. CNC Console instance providing the API access through GUI portal and managing the A-CNCC(s) is called M-CNCC.

The following diagram represents the CNC Console multi cluster deployment:

Figure 1-3 Multi Cluster Deployment Architecture

img/multicluster22.2.0.png

Note:

  • For a single cluster deployment both manager (CNCC IAM, M-CNCC Core) and agent(A-CNCC) to be deployed on the same cluster.
  • For a multi cluster deployment, if manager cluster has a local NF deployment then both manager (CNCC IAM, M-CNCC Core) and agent (A-CNCC) to be deployed on the same cluster.
  • In case manager cluster does not have a local NF deployment, then only manager (CNCC IAM, M-CNCC Core) is to be deployed and agent (A-CNCC) to be deployed on a cluster where NFs are present on the cluster.
  • The manager manages CNE or OSO common services if present in a cluster.
    • Manager in a cluster is preferred over Agent in the same cluster to manage the CNE common services.
    • Agent in a cluster can manage CNE common service in absence of a Manager in the same cluster.
  • Agent is needed only when NFs are present on the cluster.

Supported Deployment Models

The following deployment models are supported by Console:
  • Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)
  • Single Cluster, Multiple Instances (One Console for many NFs or Instances in a cluster)
  • Multiple Clusters, Single Instance (Multiple clusters with single NF or Instance in each cluster, M-CNCC/A-CNCC sitting in same or different clusters)
  • Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same or different clusters)

Deployment Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)

This deployment model has dedicated Console for each NF in a cluster.

Figure 1-4 Deployment Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)

img/deployment-model1.png
The deployment model 1 has the following characteristics:
  • Dedicated Console for a NF. Only single instance of NF is supported.
  • Console shares the cnDBTier with NF.
  • Any failure in NF cnDBTier impacts Console. Access to CNE Common Services (CS) is lost on any failure in NF cnDBTier.
  • NFs and Console release compatibility must be maintained.
  • M-CNCC and A-CNCC are managed by Single Helm Chart.

Deployment Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster)

This deployment model has one Console for many NFs/Instances in a cluster.

Figure 1-5 Deployment Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster)

img/deployment-model2.png
The deployment model 2 has the following characteristics:
  • Shared Console for multiple NFs. NFs can be of same or different NF Type.
  • Console needs dedicated cnDBTier shared between M-CNCC and A-CNCC.
  • NFs and Console release compatibility must be maintained.
  • M-CNCC and A-CNCC are managed by Single Helm Chart

Deployment Model 3 - Multiple Clusters, Single Instance (Multiple clusters with single NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters)

This deployment model is for multiple clusters with single NF/Instance in each cluster. M-CNCC/A-CNCC can be in same/different clusters.

Figure 1-6 Deployment Model 3 - Multiple Clusters, Single Instance (Multiple clusters with single NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters)

img/deployment-model3.png
The deployment model 3 has the following characteristics:
  • Dedicated Console for a single NF.
  • Console shares the cnDBTier with NF.
  • Any failure in NF cnDBTier impacts Console. Access to CNE Common Services (CS) is lost on any failure in NF cnDBTier.
  • NFs and Console release compatibility must be maintained.
  • Managers can be deployed as Active/Active/Active.
  • Multiple Agents are supported.
  • M-CNCC can be deployed without A-CNCC in case there are no local NFs to be managed at the Kubernetes Cluster.
  • M-CNCC and A-CNCC are managed by Single Helm Chart.
  • M-CNCC cannot manage NFs located in another M-CNCC Kubernetes Cluster.

Deployment Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters)

This deployment model is for multiple clusters with multiple NF/Instance in each cluster. M-CNCC/A-CNCC can be in same/different clusters.

Figure 1-7 Deployment Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters)

img/deployment-model4.png
The deployment model 4 has the following characteristics:
  • Shared Console for multiple NFs. NFs can be of same or different NF Type.
  • Console needs dedicated cnDBTier shared between M-CNCC and A-CNCC.
  • NFs and Console release compatibility must be maintained.
  • Managers can be deployed as Active/Active/Active.
  • Multiple Agents are supported.
  • M-CNCC and A-CNCC are managed by Single Helm Chart.
  • M-CNCC cannot manage NFs located in another M-CNCC Kubernetes Cluster.

CNC Console Deployment Model Matrix

CNC Console Deployment Model Matrix

The following table provides details on support of console deployment models for various network functions:

Table 1-5 CNC Console Deployment Model Matrix

Deployment Models Policy BSF SCP UDR NRF SEPP NSSF DD
Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster) YES YES YES YES YES YES YES YES
Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster) YES YES YES YES YES NO NO YES
Model 3 - Multiple Clusters, Single Instance (Multiple clusters with single NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters) YES YES YES YES YES YES YES YES
Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters) YES YES YES YES YES NO NO YES

Note:

Upgrade Order (Source Release 22.2.x, 22.3.x and Target Release 22.4.0)

  • Console should be upgraded first followed by NF for all the supported NFs.

Note:

  • Single Console Instance supports single instances of all NFs. Example: A single instance of Console can handle single instance of POLICY, SCP, NRF etc.
  • Multiple Instance of NF Support means a single instance of Console can handle multiple instances of a single NF type within a Kubernetes cluster. Example: a single Console can handle multiple instances of POLICY or SCP within a Kubernetes cluster.

Note:

From Release 22.2.0 onwards, CNC Console has a consistent deployment model for Single cluster and multicluster deployment. Single cluster deployment has Manager (M-CNCC IAM (CNCC IAM), M-CNCC Core ) and Agent (A-CNCC Core) deployed in a same Kubernetes cluster.

Configuration Workflow

This section explains the configuration workflow for the following scenarios:

Fresh Installation

This section explains how to do a fresh installation.

The following diagram represents the fresh installation.

Figure 1-8 Fresh Installation of M-CNCC and A-CNCC

img/freshinstallation-22.3.0.png

Procedure:

1.Install M-CNCC IAM, A-CNCC Core, M-CNCC Core on M-CNCC Kubernetes clusters

  • Configuration Input: M-CNCC IAM(s), A-CNCC Core(s) and instances.
  • A-CNCC Core on M-CNCC k8s cluster is optional and needed only if there are NF instances on the M-CNCC k8s cluster.

    Note:

    CS Instances are managed directly by M-CNCC Core and does not need A-CNCC Core.

2.Install A-CNCC Core on A-CNCC k8s clusters

  • Configuration Input: M-CNCC IAMs and local instances.

See Installing CNC Console section for installation procedure.

Add a New M-CNCC

This section explains how to add a new M-CNCC.

The following diagram represents the addition of a new M-CNCC:

Figure 1-9 Add a new M-CNCC

img/addnewm-cncc.png

Procedure:

1. Install M-CNCC IAM, A-CNCC Core, M-CNCC Core on M-CNCC Kubernetes cluster

  • Configuration Input: M-CNCC IAM(s), A-CNCC Core(s) and instances.
  • A-CNCC Core on M-CNCC k8s cluster is optional and needed only if there are NF instances on the M-CNCC k8s cluster.

    Note:

    CS Instances are managed directly by M-CNCC Core and does not need A-CNCC Core.

2. Update A-CNCC Core(s) on A-CNCC k8s cluster(s)

  • Configuration Update: Newly added M-CNCC IAM.

See Installing CNC Console section for installation procedure.

Add a New A-CNCC

This section explains how to add a new A-CNCC.

The following diagram represents the addition of a new A-CNCC:

Figure 1-10 Add a new A-CNCC

img/addnewa-cncc.png

Procedure

1.Install A-CNCC Core on new A-CNCC Kubernetes cluster.

  • Configuration Input: M-CNCC IAMs and local instances.

2.Update M-CNCC Core on existing M-CNCC Kubernetes clusters.

  • Configuration Update: Newly added A-CNCC.

See Installing CNC Console section for installation procedure.

Remove M-CNCC from A-CNCC

This section explains how to remove M-CNCC from A-CNCC.

The following diagram represents the removal of M-CNCC from A-CNCC:

Figure 1-11 Remove M-CNCC from A-CNCC

img/removem-cnccfroma-cncc22.3.0.png

Procedure

1.Update A-CNCC (one or more)

  • Configuration Update: Edit A-CNCC configuration to remove M-CNCC IAM

See Installing CNC Console section for installation procedure.

Remove A-CNCC from M-CNCC

This section explains how to remove A-CNCC from M-CNCC.

The following diagram represents the removal of A-CNCC from M-CNCC:

Figure 1-12 Remove A-CNCC from M-CNCC

img/removea-cnccfromm-cncc22.3.0.png

Procedure

1.Update M-CNCC (one or more)

  • Configuration Update: Edit M-CNCC Core configuration to remove A-CNCC

See Installing CNC Console section for installation procedure.

CNC Console Configuration Maximum Limits

The Ffollowing table covers the maximum limit defined in CNC Console configuration.

Table 1-6 CNC Console Configuration Maximum Limits

Attribute Name Max Limit
Max length of cnccId 40
Max length of instanceId 80
Max number of A-CNCC (aCnccs) 36
Max number of instances 288
Max number of M-CNCC (mCnccs) 3

CNC Console and CnDBTier Resource Usage Guidelines

This section explains the guidelines for CNC Console and cnDBTier Resource usage Guidelines.

Note:

In case of deployment using shared DBTier between NF and Console, Console DB Profile sizing needs to be included in NF DB Profile sizing.

Note:

  • DBProfile-1 and DBProfile-2 replica count to be updated as per GR setup.
  • Depending on GR setup of 2/3/4 site choose replica count 2/4/6 for SQL (ndbmysqld).

Table 1-7 CNC Console and CnDBTier Resource Usage

Deployment Model DBTier Usage DBTier Resource Profile Console Resources
Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)

Console and NF have a single shared DBTier

  • Manager IAM, Manager Core and Agent Core on same k8s cluster use shared DBTier
  • DBProfile-1
For the details, see cnDBTier Profiles

Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster)

Dedicated DBTier for Console

  • Manager IAM, Manager Core and Agent Core on same k8s cluster use single Console DBTier
  • DBProfile-1

For the details, see cnDBTier Profiles

Model 3 - Multiple Clusters, Single Instance. (Multiple clusters with single NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters)

Console and NF have a single shared DBTier

  • Manager IAM, Manager Core and Agent Core on same k8s cluster use shared DBTier
  • Agent Core on a remote k8s cluster uses shared DBTier
  • Manager - DBProfile-1

For the details, see cnDBTier Profiles

  • Agent - DBProfile-2

For the details, see cnDBTier Profiles

Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters)

Dedicated DBTier for Console per k8s cluster

  • Manager IAM, Manager Core and Agent Core on same k8s cluster use single Console DBTier
  • Agent Core on a remote k8s cluster uses dedicated single Console DBTier
  • Manager - DBProfile-1

For the details, see CnDBTier profiles

  • Agent - DBProfile-2

For the details, see CnDBTier profiles

Note:

  • Time synchronization is required between Kubernetes nodes across cluster for functioning of CNCC security procedures.
  • Ensure NTP sync before proceeding with M-CNCC IAM, M-CNCC Core, and A-CNCC Core installation.

Reference

Refer to the following documents for more information:

  • Oracle Communications Cloud Native Core Service Communication Proxy User Guide
  • Oracle Communications Cloud Native Core Network Repository Function User Guide
  • Oracle Communications Cloud Native Core Policy User Guide
  • Oracle Communications Cloud Native Core Unified Data Repository User Guide
  • Oracle Communications Cloud Native Core Binding Support Function User Guide
  • Oracle Communications Cloud Native Core Security Edge Protection Proxy User Guide
  • Oracle Communications Cloud Native Core Network Slice Selection Function User Guide
  • Oracle Communications Cloud Native Core Network Repository Function Installation and Upgrade Guide
  • Oracle Communications Cloud Native Core Service Communication Proxy Installation Guide
  • Oracle Communications Cloud Native Core Unified Data Repository Installation and Upgrade Guide
  • Oracle Communications Cloud Native Core Binding Support Function Installation Guide
  • Oracle Communications Cloud Native Core Policy Installation Guide
  • Oracle Communications Cloud Native Core Security Edge Protection Proxy Installation Guide
  • Oracle Communications Cloud Native Core Network Slice Selection Function Installation Guide