1 Introduction

This guide describes how to install or upgrade Oracle Communications Cloud Native Configuration Console (CNC Console) in a cloud native environment or Oracle Cloud Infrastructure (OCI), using Command Line Interface (CLI) procedures. It also includes information on performing fault recovery for CNC Console.

Note:

  • This guide covers the installation instructions when Podman is the container platform and Helm is the Packaging Manager. For any other container platform, the operator must use the commands based on their deployed container runtime environment.
  • kubectl commands can vary based on the platform deployment. Replace kubectl with Kubernetes environment-specific command line tool to configure Kubernetes resources through kube-api server. The instructions provided in this document are accirding to the CNE version of kube-api server.

Caution:

User, computer and applications, and character encoding settings may cause issues when copy-pasting commands, or any content from PDF. PDF reader version also affects the copy-pasting functionality. It is recommended to verify the pasted content especially when hyphens, or any special characters are a part of the copied content.

1.1 Overview

CNC Console is a single screen solution to configure and manage Network Functions (NFs). The CNC Console has the following two modules:
  • CNC Console Core: CNC Console Core acts as GUI or API portal for NFs and CNE common services. CNC Console Core module includes CNC Console and its integration with other Cloud Native Core network functions. The CNC Console provides user interface that can be used to configure parameters for the following CNC network functions:
    • Oracle Communications Cloud Native Core, Binding Support Function (BSF)
    • Oracle Communications Cloud Native Core, Service Communication Proxy (SCP)
    • Oracle Communications Cloud Native Core, Network Repository Function (NRF)
    • Oracle Communications Cloud Native Core, Network Exposure Function (NEF)
    • Common API Framework (CAPIF)
    • Oracle Communications Cloud Native Core, Converged Policy (Policy)
    • Oracle Communications Cloud Native Core, Security Edge Protection Proxy (SEPP)
    • Oracle Communications Cloud Native Core, Unified Data Repository (UDR)
    • CNE Common Services
    • Data Director (DD)
    • Oracle Communications Network Data Analytics Function (NWDAF)
    • Provisioning Gateway (PROVGW)
    • Oracle Communications Cloud Native Core, Certificate Management (OCCM)
  • CNC Console Identity Access Management (IAM): CNC Console IAM acts as local identity provider and broker for external identity providers. CNC Console IAM module includes the required authentication and authorization procedures such as creating and assigning roles to users.

Oracle Cloud Infrastructure (OCI)

OCI is a set of complementary cloud services that enable you to build and run CNC Console in an HA hosted environment with high performance computer capabilities (as physical hardware instances) and storage capacity in a flexible overlay virtual network that is securely accessible from your on-premises network.

Note:

CNC Console on OCI Deployment:

The Manager CNC Console IAM Resource component is inconsequential when deploying CNC Console on OCI. Consequently, any sections related to M-CNCC IAM in the installation guide should be ignored.

CNC Console installation comprises of prerequisites, preinstallation , installation, and postinstallation tasks. You must perform CNC Console installation tasks in the same sequence as outlined in the following table:

Task Sub tasks Reference Non-OCI Environment OCI Environment
Applicable for CLI Applicable for OCI
Prerequisites: This section describes how to set up the installation environment.   Prerequisites Yes Yes
  Software Requirements Software Requirements Yes Yes
  Environment Setup Requirements Environment Setup Requirements Yes Yes
  Resource Requirements Resource Requirements Yes Yes
Downloading CNC Console   Downloading CNC Console package Yes Yes
Preinstallation Tasks   Preinstallation Tasks Yes Yes
  Verifying and Creating CNC Console Namespace Verifying and Creating CNC Console Namespace Yes Yes
  Configuring Database Configuring Database Yes Yes
  Installing CNC Console Installing CNC Console   Yes
  Global Configurations Global Configurations Yes Yes
  OCI IAM Preinstallation Steps Configuring OCI IAM No Yes
  CNC Console Configuration for Service Account CNC Console Configuration for Service Account Yes Yes
Configuring ASM and OSO in M-CNCC IAM \Configuring CNC Console to support Aspen Service Mesh Yes No
CNC Console IAM Pre-deployment Configuration   CNC Console IAM Pre-deployment Configuration Yes No
  Configuring M-CNCC IAM Database Configuring M-CNCC IAM Database Yes No
  Configuring Secret for Default or Admin User in M-CNCC IAM Configuring Secret for Default or Admin User in M-CNCC IAM Yes No
  Configuring OCI IAM Secret Configuring OCI IAM Secret Yes Yes
  Configuring Secret to Enable HTTPS in M-CNCC IAM Configuring Secret to Enable HTTPS in M-CNCC IAM Yes No
  Configuring LDAPS in M-CNCC IAM Configuring LDAPS in M-CNCC IAM Yes No
M-CNCC Core Pre-deployment Configuration   M-CNCC Core Pre-deployment Configuration Yes Yes
Configuring MySQL in M-CNCC Core Configuring MySQL in M-CNCC Core Yes Yes
  Configuring Secret to Enable HTTPS in M-CNCC Core Configuring Secret to Enable HTTPS in M-CNCC Core Yes Yes
A-CNCC Core Pre-deployment Configuration   A-CNCC Core Pre-deployment Configuration Yes Yes
  Configuring Secret to Enable HTTPS in A-CNCC Core Configuring Secret to Enable HTTPS in A-CNCC Core Yes Yes
  Configuring A-CNCC Core mTLS Configuring A-CNCC Core mTLS Yes Yes
Deploying CNC Console   Deploying CNC Console Yes Yes
  Verifying CNC Console Installation Verifying CNC Console Installation Yes Yes
Customizing CNC Console   Customizing CNC Console Yes Yes
Accessing CNC Console   Accessing CNC Console Yes Yes
Upgrading CNC Console   Upgrading CNC Console Yes Yes
Uninstalling CNC Console   Uninstalling CNC Console Yes Yes
CNC Console IAM PostInstallation Steps   CNC Console IAM PostInstallation Steps Yes Yes
Performing Helm Test   Performing Helm Test Yes Yes
Configuring CNC Console to support ASM and OSO   Configuring CNC Console to support ASM and OSO Yes Yes

1.2 CNC Console Deployment Architecture

Introduction

The CNC Console supports both single and multicluster deployments. In a single cluster deployment, the CNC Console manages NFs and CNE common services deployed in the local Kubernetes clusters. In a multicluster deployment, the CNC Console manages NFs and CNE common services deployed in the remote Kubernetes clusters. This section explains the CNC Console component overview, terminologies used, and CNC Console single Cluster and multicluster deployment details.

CNC Console Component Overview

The following diagrams represents the component overview of CNC Console:

The non OCI component overview of CNC Console:

Figure 1-1 Non OCI

img/nonoci_24.3.0.png
The OCI component overview of CNC Console:

Figure 1-2 OCI

img/oci_24.3.0.png
The CNC Console has following two components:
  • M-CNCC
  • A-CNCC

M-CNCC

Manager CNC Console or M-CNCC is a CNC Console instance which manages multiple A-CNCC and local instances.

For Non OCI:

M-CNCC has two components M-CNCC IAM and M-CNCC Core.

For OCI:

M-CNCC has only M-CNCC Core component. M-CNCC IAM is substituted with OCI IAM.

M-CNCC IAM

Manager CNC Console IAM or M-CNCC IAM is an IAM component of M-CNCC. M-CNCC IAM contains M-CNCC IAM Ingress Gateway (CNC Console IAM IGW) and M-CNCC IAM Back End (M-CNCC IAM BE) microservices.

M-CNCC Core

Manager CNC Console Core or M-CNCC Core is a core component of M-CNCC which provides GUI and API access portal for accessing NF and OCCNE common service. M-CNCC Core contains M-CNCC Core Ingress Gateway (CNC Console Core IGW) and M-CNCC Core Back End (M-CNCC Core BE) microservices.

A-CNCC

A-CNCC Core

Agent CNC Console or A-CNCC Core is a CNC Console Core instance which manages local NF(s) and local CNE common services(s). It is managed by M-CNCC.
  • A-CNCC Core contains A-CNCC Core Ingress Gateway.
  • A-CNCC Core has no IAM component.

1.2.1 Single Cluster Deployment Architecture

In a single cluster deployment, CNC Console can manage NFs and CNE common services deployed in the local Kubernetes cluster.

The following diagram represents the CNC Console single cluster deployment:

Figure 1-3 CNC Console Single Cluster Deployment Architecture


CNC Console Single Cluster Deployment Architecture

Figure 1-4 OCI


OCI

1.2.2 Multicluster Deployment Architecture

Note:

  • Not supported for OCI deployment.
  • From CNC Console 24.2.0 onwards, Manager A-CNCC now is assigned LoadBalancer by default, and an option is provided to change it to ClusterIP.

In a multicluster deployment, CNC Console can manage NFs and CNE common services deployed in the remote Kubernetes cluster(s). CNC Console instance called A-CNCC is needed on remote kubernetes clusters for this deployment. CNC Console instance that provides the API access through GUI portal and manages the A-CNCC(s) is called M-CNCC.

The following diagram represents the CNC Console multicluster deployment:

Figure 1-5 CNC Console Multi Cluster Deployment Architecture


CNC Console Multicluster Deployment Architecture

Note:

  • For a single cluster deployment, both Manager (M-CNCC) and Agent (A-CNCC) is deployed on the same cluster.
  • For a multicluster deployment,
    • If the manager cluster has a local NF deployment, both M-CNCC and A-CNCC should be deployed on the same cluster.
    • If the manager cluster does not have a local NF deployment, only M-CNCC should be deployed. A-CNCC should be deployed on a cluster where NFs are present.
  • The Manager manages CNE or OSO common service if present in a cluster.
    • Manager in a cluster is preferred over Agent in the same cluster to manage the CNE common services.
    • Agent in a cluster can manage CNE common service in absence of a Manager in the same cluster.
  • Agent is needed only when NFs are present on the cluster.

1.3 Supported Deployment Models

The following deployment models are supported by CNC Console:
  • Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)
  • Single Cluster, Multiple Instances (One Console for many NFs or Instances in a cluster)
  • Multiple Clusters, Single Instance (Multiple clusters with single NF or Instance in each cluster, M-CNCC/A-CNCC sitting in same or different clusters)
  • Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same or different clusters)

1.3.1 Deployment Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)

Note:

Common Service (CS) is not applicable for OCI deployment.

This deployment model has dedicated Console for each NF in a cluster.

Figure 1-6 Deployment Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)


Deployment Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster)

The Deployment Model 1 has the following characteristics:
  • Dedicated CNC Console for a NF. Only single instance of NF is supported.
  • CNC Console shares the cnDBTier with NF.
  • Any failure in NF cnDBTier impacts CNC Console. Access to CNE Common Services (CS) is lost in case of any failure in NF cnDBTier.
  • NFs and CNC Console release compatibility must be maintained.
  • M-CNCC and A-CNCC are managed by single Helm chart.

1.3.2 Deployment Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster)

Note:

Common Service (CS) is not applicable for OCI deployment.

This deployment model has one Console for many NFs/Instances in a cluster.

Figure 1-7 Deployment Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster)


Deployment Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster)

The Deployment Model 2 has the following characteristics:
  • Shared CNC Console for multiple NFs. NFs can be of same or different NF Type.
  • CNC Console needs dedicated cnDBTier for M-CNCC.
  • NFs and CNC Console release compatibility must be maintained.
  • M-CNCC and A-CNCC are managed by single Helm chart.

1.3.3 Deployment Model 3 - Multiple Clusters, Single Instance (Multiple clusters with single NF or Instance in each cluster, M-CNCC or A-CNCC in the same or different clusters)

Note:

Not supported for OCI deployment.

This deployment model is for multiple clusters with single NF Instance in each cluster. M-CNCC or A-CNCC can be in same or different clusters.

Figure 1-8 Deployment Model 3 - Multiple Clusters, Single Instance (Multiple clusters with single NF or Instance in each cluster, M-CNCC or A-CNCC in the same or different clusters)


Deployment Model 3 - Multiple Clusters, Single Instance (Multiple clusters with single NF or Instance in each cluster, M-CNCC or A-CNCC in the same or different clusters)

The Deployment Model 3 has the following characteristics:
  • Dedicated CNC Console for a single NF.
  • CNC Console shares the cnDBTier with NF.
  • Any failure in cnDBTier impacts CNC Console. Access to CNE Common Services (CS) is lost on any failure in cnDBTier.
  • NFs and CNC Console release compatibility must be maintained.
  • Managers can be deployed as Active/Active/Active.
  • Multiple agents are supported.
  • M-CNCC can be deployed without A-CNCC in case there are no local NFs to be managed at the Kubernetes cluster. This deployment needs a dedicated cnDBTier as depicted in the diagram above.
  • M-CNCC and A-CNCC are managed by single Helm chart.
  • M-CNCC can manage NFs located in another M-CNCC Kubernetes cluster.

Note:

For more information, see Multicluster Configuration for Manager Cluster having Agent with ClusterIP.

1.3.4 Deployment Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple or NF Instance in each cluster, M-CNCC or A-CNCC in the same or different clusters)

Note:

Not supported for OCI deployment.

This deployment model is for multiple clusters with multiple NF or Instance in each cluster. M-CNCC or A-CNCC can be in same/different clusters.

Figure 1-9 Deployment Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF or Instance in each cluster, M-CNCC or A-CNCC sitting in same or different clusters)


Deployment Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF or Instance in each cluster, M-CNCC or A-CNCC in same or different clusters)

The Deployment Model 4 has the following characteristics:
  • Shared CNC Console for multiple NFs. NFs can be of same or different NF Type.
  • CNC Console needs dedicated cnDBTier for M-CNCC.
  • NFs and CNC Console release compatibility must be maintained.
  • Managers can be deployed as Active/Active/Active.
  • Multiple agents are supported.
  • M-CNCC and A-CNCC are managed by a single Helm Chart.
  • M-CNCC can manage NFs located in another M-CNCC Kubernetes cluster.

Note:

For more information, see Multicluster Configuration for Manager Cluster having Agent with ClusterIP.

1.4 CNC Console Deployment Model Matrix

CNC Console Deployment Model Matrix

The following table provides details on support of console deployment models for various network functions:

Note:

In the following table, only Model 1 and Model 2 are supported for OCI deployment.

Table 1-1 CNC Console Deployment Model Matrix

Deployment Models Policy BSF SCP UDR NRF NEF CAPIF SEPP NSSF DD PROVGW NWDAF OCCM
Model 1 - Single Cluster, Single Instance (Dedicated Console for each NF in a cluster) Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Model 2 - Single Cluster, Multiple Instances (One Console for many NFs/Instances in a cluster) Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Model 3 - Multiple Clusters, Single Instance (Multiple clusters with single NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters) Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Model 4 - Multiple Clusters, Multiple Instances (Multiple clusters with multiple NF/Instance in each cluster, M-CNCC/A-CNCC sitting in same/different clusters) Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

Note:

  • Single instance of CNC Console supports either single instances of all NFs or multiple instances of a single NF types within a Kubernetes cluster.
  • For example, a single instance of CNC Console can either handle a single instance of Policy, SCP, NRF and so on, or multiple instances of Policy or SCP within a Kubernetes cluster.

1.5 Configuration Workflow

Note:

Not applicable for OCI deployment because multicluster is not supported.

This section explains the configuration workflow for the following scenarios:

  • Fresh Installation
  • Add a new M-CNCC
  • Add a new A-CNCC
  • Remove M-CNCC from A-CNCC
  • Remove A-CNCC from M-CNCC

1.5.1 Fresh Installation of M-CNCC and A-CNCC

This section explains how to do a fresh installation of M-CNCC and A-CNCC.

The following diagram represents the fresh installation of M-CNCC and A-CNCC.

Figure 1-10 Fresh Installation of M-CNCC and A-CNCC

img/freshinstallation-22.3.0.png

Procedure:

  1. Install M-CNCC IAM, A-CNCC Core, and M-CNCC Core on M-CNCC Kubernetes clusters.
    • Configuration Input: M-CNCC IAM(s), A-CNCC Core(s), and instances
    • A-CNCC Core on M-CNCC Kubernetes cluster is optional and needed only if there are NF instances on the M-CNCC Kubernetes cluster.

      Note:

      CS Instances are managed directly by M-CNCC Core and does not need A-CNCC Core.
  2. Install A-CNCC Core on A-CNCC Kubernetes clusters.
    • Configuration Input: M-CNCC IAMs and local instances

See Installing CNC Console section for installation procedure.

1.5.2 Add a New M-CNCC

This section explains how to add a new M-CNCC.

The following diagram represents the addition of a new M-CNCC:

Figure 1-11 Add a new M-CNCC

img/addnewm-cncc.png

Procedure:

1. Install M-CNCC IAM, A-CNCC Core, M-CNCC Core on M-CNCC Kubernetes cluster.

  • Configuration Input: M-CNCC IAM(s), A-CNCC Core(s) and instances
  • A-CNCC Core on M-CNCC Kubernetes cluster is optional and needed only if there are NF instances on the M-CNCC k8s cluster.

    Note:

    CS Instances are managed directly by M-CNCC Core and does not need A-CNCC Core.

2. Update A-CNCC Core(s) on A-CNCC Kubernetes cluster(s)

  • Configuration Update: Newly added M-CNCC IAM

See Installing CNC Console section for installation procedure.

1.5.3 Add a New A-CNCC

This section explains how to add a new A-CNCC.

The following diagram represents the addition of a new A-CNCC:

Figure 1-12 Add a new A-CNCC

img/addnewa-cncc.png

Procedure

1.Install A-CNCC Core on new A-CNCC Kubernetes cluster.

  • Configuration Input: M-CNCC IAMs and local instances.

2.Update M-CNCC Core on existing M-CNCC Kubernetes clusters.

  • Configuration Update: Newly added A-CNCC.

See Installing CNC Console section for installation procedure.

1.5.4 Remove M-CNCC from A-CNCC

This section explains how to remove M-CNCC from A-CNCC.

The following diagram represents the removal of M-CNCC from A-CNCC:

Figure 1-13 Remove M-CNCC from A-CNCC

img/removem-cnccfroma-cncc22.3.0.png

Procedure

1.Update A-CNCC (one or more)

  • Configuration Update: Edit A-CNCC configuration to remove M-CNCC IAM

See Installing CNC Console section for installation procedure.

1.5.5 Remove A-CNCC from M-CNCC

This section explains how to remove A-CNCC from M-CNCC.

The following diagram represents the removal of A-CNCC from M-CNCC:

Figure 1-14 Remove A-CNCC from M-CNCC

img/removea-cnccfromm-cncc22.3.0.png

Procedure

1.Update M-CNCC (one or more)

  • Configuration Update: Edit M-CNCC Core configuration to remove A-CNCC

See Installing CNC Console section for installation procedure.

1.6 CNC Console Configuration Maximum Limits

The following table covers the maximum limit defined in CNC Console configuration.

Table 1-2 CNC Console Configuration Maximum Limits

Attribute Name Max Limit
Max length of cnccId 40
Max length of instanceId 80
Max number of A-CNCC (aCnccs) 36
Max number of instances 288
Max number of M-CNCC (mCnccs) 3

1.7 Reference

Refer to the following documents for more information:

  • Oracle Communications Cloud Native Core, Service Communication Proxy User Guide
  • Oracle Communications Cloud Native Core, Network Repository Function User Guide
  • Oracle Communications Cloud Native Core, Policy User Guide
  • Oracle Communications Cloud Native Core, Unified Data Repository User Guide
  • Oracle Communications Cloud Native Core, Binding Support Function User Guide
  • Oracle Communications Cloud Native Core, Security Edge Protection Proxy User Guide
  • Oracle Communications Cloud Native Core, Network Slice Selection Function User Guide
  • Oracle Communications Cloud Native Core, Network Repository Function Installation, Upgrade, and Fault Recovery Guide
  • Oracle Communications Cloud Native Core, Service Communication Proxy Installation Guide
  • Oracle Communications Cloud Native Core, Unified Data Repository Installation, Upgrade, and Fault Recovery Guide
  • Oracle Communications Cloud Native Core, Binding Support Function Installation Guide
  • Oracle Communications Cloud Native Core, Policy Installation Guide
  • Oracle Communications Cloud Native Core, Security Edge Protection Proxy Installation Guide
  • Oracle Communications Cloud Native Core, Network Slice Selection Function Installation Guide
  • Oracle Communications Networks Data Analytics Installation and Fault Recovery Guide
  • Oracle Communications Cloud Native Core, Certificate Management User Guide
  • Oracle Communications Cloud Native Core, Certificate Management Installation, Upgrade, and Fault Recovery Guide
  • Oracle Communications Cloud Native Core, Network Exposure Function Installation, Upgrade, and Fault Recovery Guide
  • Oracle Communications Cloud Native Core, Network Exposure Function User Guide

1.8 Oracle Error Correction Policy

The table below outlines the key details for the current and past releases, their Generally Available (GA) dates, the latest patch versions, and the end dates for the Error Correction Grace Period.

Table 1-3 Premier Support Details

Release Number General Availability (GA) Date Latest Patch Version Error Correction Grace Period End Date
3.24.2 July 2024 24.2.0 July 2025
3.24.1 April 2024 24.1.0 April 2025
3.23.4 April 2024 23.4.1 April 2025
2.23.3 January 2024 23.3.2 January 2025
3.24.3 October 2024 24.3.0 October 2025

Note:

For a release, Sev1 and Critical Patch Update (CPU) patches are supported for 12 months. For more information, see Oracle Communications Cloud Native Core and Network Analytics Error Correction Policy.

1.9 Oracle Open Source Support Policies

Oracle Communications Cloud Native Core uses open source technology governed by the Oracle Open Source Support Policies. For more information, see Oracle Open Source Support Policies.