3 Customizing SCP

This chapter provides information about customizing SCP deployment in a cloud native environment.

The SCP deployment is customized by overriding the default values of various configurable parameters.

Perform the following procedure to customize the ocscp_values.yaml file as per the required parameters:

1. Unzip the ocscp_csar_24_3_0_0_0.zip folder available in the extracted release package. For more information about how to download the package from MOS, see Downloading the SCP Package.
2. Open the Scripts folder to get the following files that are used to customize the deployment parameters during installation:
   • ocscp_values_24.3.0.yaml: This file is used to customize the deployment parameters during installation.
   • ocscp_servicemesh_config_values_24.3.0.yaml: This file is used to configure ASM data plane in the ASM setup.
   • ocscp_metric_dashboard_promha_24.3.0.json: This file is used by Grafana to use for CNE with Prometheus Operator.
   • ocscp_metric_dashboard_24.3.0.json: This file is used by Grafana to use CNE with Prometheus.
   • ocscp_alerting_rules_promha_24.3.0.yaml: This file is used for Prometheus Operator.
   • ocscp_alertrules_24.3.0.yaml: This file is used for Prometheus.
   • ocscp_oci_alertrules_24.3.0.zip: This file is used for creating alerts from OCI terraform files.
   • ocscp_oci_metric_dashboard_24.3.0.zip: This file is used for viewing metrics information on the OCI monitoring dashboard.
   • toplevel.mib: This is a top level mib file that defines OIDs for all NFs.
   • ocscp_mib_tc_24.3.0.mib: This mib file defines Objects and their data types.
   • ocscp_mib_24.3.0.mib: This file fetches the Objects from the top level mib file and based on the Alert notification, these objects can be selected for display.
   • ocscp_configuration_openapi_24.3.0.json: This file is OPEN API specification for SCP configuration.
   • ocscp_dbtier_24.3.0_custom_values_24.3.0.yaml: This file is used to install cnDBTier with resources recommended for SCP.
3. Customize the ocscp_values_24.3.0.yaml file available in the Scripts folder of ocscp_csar_24_3_0_0_0.zip.
4. Save the updated ocscp_values_24.3.0.yaml file in the Files/Helm folder.

For more information about the configurable parameters, see Configuration Parameters.

3.1 Configuration Parameters

The following sections provide configuration parameters in the Helm file.

3.1.1 Global Parameters

The following table lists the Global parameters:

Table 3-1 Global Parameters

Parameter Name	Data Type	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
domain	string	Labels can be letter a-z, number 0-9, hyphen (-). Hyphen cannot be first character. Label combined with dot (.) forms domain	svc.cluster.local	M	Option to configure the service domain of the Kubernetes cluster. To know cluster domain, run the following command: kubectl -n kube-system get configmap kubeadm-config -o yaml | grep clusterName
clusterDomain	string	Labels can be letter a-z, number 0-9, hyphen (-). Hyphen cannot be first character. Label combined with dot (.) forms domain	cluster.local	M	Option to configure the domain of the Kubernetes cluster. This value is similar to the domain value that excludes "svc". For example, if domain is svc.cluster.local, clusterDomain is cluster.local.
serviceSpecifications.workerServices.publicSignalingIPSpecified	Boolean	true/false	false	O	Option to enable or disable Loadbalancer IP configuration statically for the Signaling interface.
serviceSpecifications.workerServices.publicSignalingIP	IPv4 Address	Valid IPV4 address as per RFC 791	N/A	C	Option to configure static Signaling Loadbalancer IP. The configured value is used only if signalingloadbalanceripenabled is configured as true.
serviceSpecifications.workerServices.ipFamilyPolicy	*workerIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	C	ipFamilyPolicy to be allocated to scpWorker service. This value depends on global.serviceIpFamilyPolicy.scpWorker.
serviceSpecifications.workerServices.ipFamilies	*workerIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	C	ipFamilies to be allocated to scpWorker service. This value depends on global.serviceIpFamilies.scpWorker.
serviceSpecifications.workerServices.publicSignalingIPv6	<IPv6 Address>	Valid IPv6 address	NA	C	Configures static signaling Loadbalancer IP. The configured value is used if publicSignalingIPv6Specified is configured as true.
serviceSpecifications.workerServices.publicSignalingIPv6Specified	<boolean>	true or false	false	O	Enables or disables Loadbalancer IPv6 configuration statically for Signaling interfaces.
adminport	integer	Min- 0, Max-65535	8001	M	Option to configure Admin Port that is used for debugging purpose.
imageRepository	string	valid repository	<scp_repository_path>:5000/ocscp	M	Set imageRepository to the repository where SCP images are loaded.
preventiveAuditOnLastNFInstanceDeletion	boolean	true/false	false	M	Flag to support preventive audit on the last NF instance deletion feature.
ignoreNrfRegionOrSetIdforNFProfileHash	boolean	true/false	false	M	Flag to include or exclude nrfRegionOrSetId in the nf profile hash calculation.
debugToolContainerMemoryLimit	string	2Gi	2Gi	M	Indicates container memory requests. This populates "resources.requests.memory" and "resources.limit.memory" sections.
extraContainersImageDetails.image	string	ocdebug-tools	ocdebug-tools	M	Indicates debug tool image name.
extraContainersImageDetails.tag	string	<debug_tools_tag>	<debug_tools_tag>	M	Indicates debug tool image tag.
extraContainersImageDetails.imagePullPolicy	string	Always	Always	M	Indicates Image Pull Policy.
extraContainersTpl.command	string array	/bin/sleep infinity	/bin/sleep infinity	M	Indicates string array used for container command.
extraContainersTpl.name	string	tools	tools	M	Indicates the name of the container.
extraContainersTpl.resources.limits	string	-	-	M	Limits describes the maximum amount of compute resources allowed.
extraContainersTpl.resources.requests	string	-	-	M	Requests describes the minimum amount of compute resources required.
extraContainersTpl.resources.limits.cpu	integer	1	1	M	Indicates CPU limits.
extraContainersTpl.resources.limits.memory	string	2Gi	2Gi	M	Indicates memory limits.
extraContainersTpl.resources.limits.ephemeral-storage	string	4Gi	4Gi	M	Indicates ephemeral storage limits.
extraContainersTpl.resources.requests.cpu	integer	0.5	0.5	M	Indicates CPU requests.
extraContainersTpl.resources.requests.memory	string	1Gi	1Gi	M	Indicates memory requests.
extraContainersTpl.resources.requests.ephemeral-storage	string	2Gi	2Gi	M	Indicates ephemeral storage requests.
extraContainersTpl.volumeMounts	string	NA	NA	M	Mounts the volume.
extraContainersTpl.volumeMounts.mountPath	string	NA	/tmp/tools	M	Path for volume mount.
extraContainersTpl.volumeMounts.name	string	NA	debug-tools-dir	M	Name of the directory for debug tool logs storage.
extraContainersVolumesTpl.name	string	NA	debug-tools-dir	M	Name of the volume for debug tool logs storage. This should be the same as the extraContainersTpl.volumeMounts.name.
extraContainersVolumesTpl.emptyDir.medium	String	memory	memory	M	Location of the emptyDir volume.
extraContainersVolumesTpl.emptyDir.sizeLimit	String	NA	2Gi	M	Size of the emptyDir volume.
serviceMeshEnabled	boolean	true/false	false	M	Indicates if the service mesh is used.
serviceLogLevels.scpcAudit	string	DEBUG/ INFO/ WARN/ ERROR	&auditLogLevelRef INFO	M	Indicates the log level for scpc-audit microservice. Note: Do not change the reference variable (&auditLogLevelRef).
serviceLogLevels.scpcConfiguration	string	DEBUG/ INFO/ WARN/ ERROR	&configLogLevelRef INFO	M	Indicates the log level for scpc-configuration microservice. Note: Do not change the reference variable (&configLogLevelRef).
serviceLogLevels.scpcSubscription	string	DEBUG/ INFO/ WARN/ ERROR	&subsLogLevelRef INFO	M	Indicates the log level for scpc-subscription microservice. Note: Do not change the reference variable (&subsLogLevelRef).
serviceLogLevels.scpcNotification	string	DEBUG/ INFO/ WARN/ ERROR	&notifLogLevelRef INFO	M	Indicates the log level for scpc-notification microservice. Note: Do not change the reference variable (&notifLogLevelRef).
serviceLogLevels.scpNrfProxy	string	DEBUG/ INFO/ WARN/ ERROR	&nrfproxyLogLevelRef WARN	M	Indicates the log level for scp-nrfproxy microservice. Note: Do not change the reference variable (&nrfproxyLogLevelRef).
serviceLogLevels.scpcAlternateResolution	string	NA	INFO	M	Identifies the log level of the scpc-alternate-resolution microservice. Note: You must enable scpcAlternateResolution and rel16 parameters to use the scpc-alternate-resolution microservice.
serviceLogLevels.scpCache	string	DEBUG/ INFO/ WARN/ ERROR	&cacheLogLevelRef WARN	M	Indicates the log level for scp-cache microservice. Note: Do not change the reference variable (&cacheLogLevelRef).
serviceLogLevels.scpWorker	string	DEBUG/ INFO/ WARN/ ERROR	&workerLogLevelRef WARN	M	Indicates the log level for scp-worker microservice. Note: Do not change the reference variable (&workerLogLevelRef).
serviceLogLevels.scpMediation	string	DEBUG/ INFO/ WARN/ ERROR	WARN	M	Indicates the log level for scp-worker microservice. The reference variable Note: Do not change the reference variable (&mediationLogLevelRef).
test.nfName	string	NA	ocscp	M	NF name on which the helm test is performed.
test.image.name	string	NA	nf_test	M	Image name for the helm test container image.
test.image.tag	string	NA	24.3.0	M	Image tag to be used for helm test container.
test.image.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Image pull policy.
test.config.logLevel	string	Possible Values - WARN INFO DEBUG	WARN	M	Log level for helm test pod.
test.config.timeout	integer	Min-0, Max:65535 Unit: seconds	240	M	Option timeout is the total time required for deployment of OCSCP and helm test to take place for checking the readiness probe of OCSCP pods.
test.resources	string	NA	- horizontalpodautoscalers/v1 - deployments/v1 - configmaps/v1 - serviceaccounts/v1 - roles/v1 - services/v1 - rolebindings/v1	M	Helm resources to be tested.
test.complianceEnable	boolean	NA	true	M	Performs compliance check for each Kubernetes resource.
customExtension.allResources.lables	string	Kubernetes label object syntax	{}	O	Option to configure custom labels for the entire deployment applicable to all resource types. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value> ......
customExtension.allResources.annotations	string	Kubernetes annotation object syntax	{}	O	Option to configure custom annotations for the entire deployment applicable to all resource types. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> ..... Note: The following are the mandatory annotations if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "false"
customExtension.lbServices.labels	string	Kubernetes label object syntax	{}	O	Option to configure custom labels for the LoadBalancer pods of the deployment applicable to "Service" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value> ......
customExtension.lbServices.annotations	string	Kubernetes annotation object syntax	{}	O	Option to configure custom annotations for the LoadBalancer pods of the deployment applicable to "Service" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> ..... Note: Following is the mandatory annotations if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "true" If SCP is integrated with OSO 1.6 (with ASM), use the following annotations: oracle.com/cnc: "true"
customExtension.lbDeployments.labels	string	Kubernetes label object syntax	{}	O	Option to configure custom labels for the LoadBalancer pods of the deployment applicable to "Deployment" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value> ......
customExtension.lbDeployments.annotations	string	Kubernetes annotation object syntax	{}	O	Option to configure custom annotations for the LoadBalancer pods of the deployment applicable to "Deployment" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> .....
customExtension.nonlbServices.labels	string	Kubernetes label object syntax	{}	O	Option to configure custom labels for the Non LoadBalancer pods of the deployment applicable to "Service" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value> ......
customExtension.nonlbServices.annotations	string	Kubernetes annotation object syntax	{}	O	Option to configure custom annotations for the Non LoadBalancer pods of the deployment applicable to "Service" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> .....
customExtension.nonlbDeployments.labels	string	Kubernetes label object syntax	{}	O	Option to configure custom labels for the Non LoadBalancer pods of the deployment applicable to "Deployment" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value> ......
customExtension.nonlbDeployments.annotations	string	Kubernetes annotation object syntax	{}	O	Option to configure custom annotations for the Non LoadBalancer pods of the deployment applicable to "Deployment" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> ..... Note: Following is the mandatory annotations if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "true" If SCP is integrated with OSO 1.6 (with ASM), use the following annotations: oracle.com/cnc: "true"
k8sResource.container.prefix	string	NA	{}	O	Option to add prefix to container names.
k8sResource.container.suffix	string	NA	{}	O	Option to add suffix to container names.
hookJob.resources.limits.cpu	integer	N/A	3	M	Maximum limit of CPU for hook job.
hookJob.resources.limits.memory	integer	N/A	3Gi	M	Maximum limit of memory for hook job in Giga Bytes.
hookJob.resources.requests.cpu	integer	N/A	3	M	Maximum allocated vCPU for hook job.
hookJob.resources.requests.memory	integer	N/A	3Gi	M	Requested memory (RAM) for hook job in Giga Bytes.
hookAlerts.prometheus.fqdn	string	N/A	occne-prometheus-server.occne-infra.svc.cluster.local	M	Fully Qualified Domain Name of Prometheus. Note: This configuration is required to ensure that alerts are raised when rollback to this release is performed.
hookAlerts.prometheus.port	integer	Valid port value	80	M	Port of Prometheus. Note: This configuration is required to ensure that alerts are raised when rollback to this release is performed.
hookAlerts.prometheus.pathToFetchAlertManagerEndPoint	string	N/A	"/prometheus/api/v1/alertmanagers"	M	Path to obtain Alertmanager endpoint. Note: This configuration is required to ensure that alerts are raised when rollback to this release is performed.
hookAlerts.alertManagerContainerPort	integer	Valid port value	9093	M	Alertmanager container port. Note: This configuration is required to ensure that alerts are raised when rollback to this release is performed.
hookAlerts.customAlertExpiryEnabled	boolean	true/false	false	M	This variable indicates that alert expiry occurs according to the resolve_timeout value of Alertmanager and upgrade or rollback hooks clear the alerts as applicable. If it is set to true, auto alert clear occurs after the customAlertExpiryDuration value and upgrade or rollback hooks may not clear the alerts. Note: This configuration is required to ensure that alerts are raised when rollback to this release is performed.
hookAlerts.customAlertExpiryDuration	integer		60	M	The custom duration (in minutes) post which alerts are automatically cleared. It is applicable only when customAlertExpiryEnabled is set to true. Note: This configuration is required to ensure that alerts are raised when rollback to this release is performed.
database.dbHost	string	Valid IPv4 address as per RFC 791 or Valid FQDN	N/A	M	Hostname or IP address of DB connection service.
database.dbPort	string	Valid port value	N/A	M	Port for MySQL Database connection service.
database.dbAppUserSecretName	string	N/A	N/A	M	Name of the Kubernetes secret object containing the Database username and password.
database.dbPrivilegedUserSecretName	string	N/A	N/A	M	Name of the Kubernetes secret object containing the Database username and password for an admin user.
database.createUser	boolean	true/false	true	M	This parameter can enable or disable the automatic database and application user creation.
coherence.clusterName	string	N/A	scp-coherence-cluster	M	This is the name of the cluster that is created by Coherence. It must not exceed 66 characters.
coherence.federation.remoteScpOne.fqdnOrIp	string	NA	ocscp-scp-cache.fedsvc.svc.cluster.local	M	Indicates the remote SCP Federation Service FQDN or IP.
coherence.federation.remoteScpOne.port	integer	valid port range	30001	M	Indicates the remote SCP Federation Container and Service Port.
coherence.federation.remoteScpOne.clusterName	string	NA	ocscp-scp-coherence-cluster-fedsvc	M	Indicates the name of the cluster that is created by Coherence. It must not exceed 66 characters. Note: The only reason to keep it outside, if two different SCP cluster names become identical, this field must be changed.
coherence.federation.remoteScpOne.nfInstanceId	string	NA	6faf1bbc-6e4a-4454-a507-a14ef8e1bc5f	M	Indicated the NFInstanceId of the remote SCP.
coherence.federation.remoteScpTwo.fqdnOrIp	string	NA	ocscp-scp-cache.fed2svc.svc.cluster.local	M	Indicates the remote SCP Federation Service FQDN or IP.
coherence.federation.remoteScpTwo.port	integer	valid port range	30001	M	Indicates the remote SCP Federation Container and Service Port.
coherence.federation.remoteScpTwo.clusterName	string	NA	ocscp-scp-coherence-cluster-fed2svc	M	Indicates the name of the cluster that is created by Coherence. It must not exceed 66 characters. Note: The only reason to keep it outside, if two different SCP cluster names become identical, this field must be changed.
coherence.federation.remoteScpTwo.nfInstanceId	string	NA	6faf1bbc-6e4a-4454-a507-a14ef8e1bc5d	M	Indicated the NFInstanceId of the remote SCP.
scpProfileInfo.fqdn	string	Labels can be alphanumeric and can also include hyphen (-). Hyphen cannot be the first character. Label combined with dot (.) forms domain.	N/A	M	Fully Qualified Domain Name of SCP. You can define the SCP FQDN value.
scpProfileInfo.nfType	string	CUSTOM_ORACLE_SCP, SCP	CUSTOM_ORACLE_SCP	M	For SCP Release 15 deployment, only CUSTOM_ORACLE_SCP is supported.
scpProfileInfo.locality	string	location of SCP.	NA	M	Locality of the SCP Instance, for example, geographic location and data center. Same locality must be present in ServingLocalities. Note: This value is case-sensitive.
scpProfileInfo.priority	integer	0 to 65535	1	O	Mention the priority of SCP. Note: The priority is considered within an SCP set.
scpProfileInfo.capacity	integer	0 to 65535	65535	O	Mention the capacity of SCP. Note: The capacity is considered within an SCP set.
scpProfileInfo.load	integer	0 to 100	0	O	Mention the load of SCP.
scpProfileInfo.mediation_status	string	mediation_status: ENABLED/DISABLED	DISABLED	O	Option to enable and disable mediation. Note: When this option is enabled, all the requests get routed towards mediation. To disable it, you must redeploy SCP.
scpProfileInfo.plmnList.mcc	string	Must be of three digits ranging from 0 to 9	"410"	O	Indicates the mobile country code required for PLMN IDs supported by SCP. This PLMN List is managed by the SCP and is utilized in roaming scenarios to route requests to the SCP if it supports the specified PLMN.
scpProfileInfo.plmnList.mnc	string	Can be of two or three digits ranging from 0 to 9	"213"	O	Indicates the mobile network code required for PLMN IDs supported by SCP. This PLMN List is managed by the SCP and is utilized in roaming scenarios to route requests to the SCP if it supports the specified PLMN.
scpProfileInfo.customInfo.mateScpInfo.capacity	integer	Min = 0, Max = 65535	500	M	Static capacity information in the range of 0-65535 expressed as a weight relative to other SCP instances of the same type. Note: The mateScpInfo object is not applicable for SCP Release 16 deployment, so comment this parameter and populate the mate (alternate) SCP instance information in the mateScpInfoList object.
scpProfileInfo.customInfo.mateScpInfo.priority	integer	Priority: Min = 0, Max = 65535.	5	M	Priority, relative to other mate SCP instance, in the range of 0-65535. Note: The mateScpInfo object is not applicable for SCP Release 16 deployment, so comment this parameter and populate the mate (alternate) SCP instance information in the mateScpInfoList object.
scpProfileInfo.customInfo.mateScpInfo.mateSCPLocalities	string	Localities: As per 3GPP TS 29.510 spec	mateSCPLocalities: - Loc10	M	List of mated localities of SCP. Note: The mateScpInfo object is not applicable for SCP Release 16 deployment, so comment this parameter and populate the mate (alternate) SCP instance information in the mateScpInfoList object.
scpProfileInfo.customInfo.mateScpInfo.scpFqdn	string	Labels can be letter a-z, number 0-9, hyphen (-). Hyphen cannot be first character. Label combined with dot (.) forms domain	N/A	M	Fully Qualified Domain Name of SCP Format: <releaseName>- scpworker.< Namespace>.<do main> Note: The mateScpInfo object is not applicable for SCP Release 16 deployment, so comment this parameter and populate the mate (alternate) SCP instance information in the mateScpInfoList object.
scpProfileInfo.customInfo.mateScpInfo.scpInstanceId	string	String uniquely identifying SCP service instance. The format of the SCP Service Instance ID is Universally Unique Identifier (UUID) version 4, as described in IETF RFC 4122 [15].	N/A	O	Instance ID of the SCP service. Note: The mateScpInfo object is not applicable for SCP Release 16 deployment, so comment this parameter and populate the mate (alternate) SCP instance information in the mateScpInfoList object.
scpProfileInfo.customInfo.mateScpInfoList[].capacity	integer	Min = 0, Max = 65535	500	M	Static capacity information in the range of 0-65535, expressed as a weight relative to other mate SCP instance. Note: This parameter is applicable only for Release 16 SCP deployment.
scpProfileInfo.customInfo.mateScpInfoList[].priority	integer	Priority: Min = 0, Max = 65535.	5	M	priority: (relative to other SCPs) in the range of 0-65535 to be used for NF selection; lower values indicate a higher priority. Note: This parameter is applicable only for Release 16 SCP deployment.
scpProfileInfo.customInfo.mateScpInfoList[].scpFqdn	string	Labels can be letter a-z, number 0-9, hyphen (-). Hyphen cannot be first character. Label combined with dot (.) forms domain	N/A	M	Fully Qualified Domain Name of the mated SCP Format: <releaseName>- scpworker.< Namespace>.<do main> Note: This parameter is applicable only for Release 16 SCP deployment.
scpProfileInfo.customInfo.mateScpInfoList[].scpInstanceId	string	String uniquely identifying SCP service instance. The format of the SCP Service Instance ID is Universally Unique Identifier (UUID) version 4, as described in IETF RFC 4122 [15].	N/A	O	Mated SCP instance ID. Note: This parameter is applicable only for Release 16 SCP deployment.
scpProfileInfo.customInfo.mateScpInfoList[].mateSCPLocalities	string	Localities: As per 3GPP TS 29.510 spec	mateSCPLocalities: - Loc10	M	List of mated SCP localities. Note: This parameter is applicable only for Release 16 SCP deployment.
scpProfileInfo.customInfo.servingLocalities	string	NA	servingScope: Loc7, Loc8, Loc9, USEast	M	List of serving localities of SCP apart from the locality present in the "locality" attribute. Note: This value is case-sensitive.
scpProfileInfo.customInfo.supportedNRFRegionOrSetIdList	list	Reg1, Reg2, Reg3	NA	O	The value refers to NRF Sets defined in the nrfProfiles parameter. This identifies the NRF set to be used for learning topology or audit procedures.
scpProfileInfo.customInfo.mateSiteInfo	map	NA	mateSiteInfo: mateSite1: mateSiteLocalities: - Loc21 - Loc22 mateSite2: mateSiteLocalities: - Loc31 - Loc32	O	Indicates the map of 5G NFs localities in each mate site. The key of the map is a string type that represents the unique name of the mate site. The value is MateSiteLocalities with 5G NFs localities in the mate site.
scpProfileInfo.customInfo.mateSiteInfo.mateSiteLocalities	array	NA	NA	O	Indicates the list of 5G NFs localities in each mate site.
scpProfileInfo.customInfo.supportedNRFRegionOrSetIdList	string	NA	supportedNRFRegionOrSetIdList: Reg1, Reg2	M	List of supported NRF Regions in Release 15 based on the "releaseVersion" parameter in SCP deployment or list of supported NRF SetIds in Release 16. For information about Release 15 and Release 16, see 3GPP TS 23.501. This parameter is used by ocscp-audit and ocscp-subscription microservices to select NRF from the given setIds to perform audit and subscription.
scpProfileInfo.nfInstanceId	string	String uniquely identifying a NF instance. The format of the NF Instance ID shall be a Universally Unique Identifier (UUID) version 4 as described in IETF RFC 4122 [15].	N/A	M	String uniquely identifying the SCP instance. The format of the Instance ID is a Universally Unique Identifier (UUID) version 4 as described in IETF RFC 4122.
scpProfileInfo.servingScope	string	NA	NA	C	5G NFs localities to be served by the SCP instance. Note: This parameter is applicable only for Release 16 unless NRF handles it in Release 15 as a special case. For information about Release 15 and Release 16, see 3GPP TS 23.501.
scpProfileInfo.nfSetIdList	string	NA	NA	C	NF Set ID to which SCP belongs to. Note: This parameter is applicable only for Release 16 unless NRF handles it in Release 15 as a special case. For information about Release 15 and Release 16, see 3GPP TS 23.501.
scpProfileInfo.scpInfo.scpPrefix	string	NA	NA	O	This is an optional deployment specific string to construct the apiRoot of the next hop SCP. For more information, see Clause 6.10 of 3GPP TS 29.500.
scpProfileInfo.scpInfo.scpPorts.https	integer	Min- 0, Max-65535	8080	C	SCP port number for HTTPS. Example: https: 9443 Note: With https port being uncommented, http cannot be commented as it is required for internal communication by SCP.
scpProfileInfo.scpInfo.scpPorts.http	integer	Min- 0, Max-65535	8080	M	SCP port number for HTTP. This port cannot be commented as it is required by SCP for internal communication. Example: http: 8080
nrfProfiles.nfServices.capacity	integer	0 to 65535	5000	O	Capacity of the NRF among the NRF list. It is used for load balancing between the NRFs.
nrfProfiles.nfServices.apiPrefix	string	Can be combination of letters from a-z and A-Z	NA	O	Location of NRF.
nrfProfiles.nfServices.fqdn	string	fqdn: Labels can be letter a-z, number 0-9, hyphen(-). Hyphen cannot be first character. Label combined with dot(.) forms domain.	NA	O	FQDN of NRF.
nrfProfiles.nfServices.ipEndPoints	list of IP address and port	[{"ipv4Address": <IpV4 Address>, "port": <integer>}] or  [{"ipv6Address": <IpV6 Address>, "port": <integer>}] or [{"ipv4Address": <IpV4 Address>, "port": <integer>}, {"ipv6Address": <IpV6 Address>, "port": <integer>}]	NA	O	List of IPv4 Address or IPv6 Address, or both IPv4 and IPv6 Addresses transport and port combination of the given NRF.
nrfProfiles.nfServices.load	integer	0 to 100	0	O	Mention the load of the service.
nrfProfiles.nfServices.nfServiceStatus	string	REGISTERED or SUSPENDED (TS 29.510)	REGISTERED	O	Status of service. It is not used by SCP but must be present in the NF profile format with all mandatory fields.
nrfProfiles.nfServices.scheme	string	NA	http	O	HTTP scheme.
nrfProfiles.nfServices.serviceInstanceId	string	String uniquely identifying a NF service instance. The format of the NF Service Instance ID is Universally Unique Identifier (UUID) version 4, as described in IETF RFC 4122 [15].	f86b54b7-aef9-4c78-b346-3bfb7f380812	O	Instance ID of the SCP service. Note: If you want to configure any services, you must provide the configuration while deploying it through Helm using the custom ocscp_values.yaml file. When SCP is deployed with Release 16 and the NF type is SCP, comment all the parameters under the nfServices category.
nrfProfiles.nfServices.serviceName	string	NA	nnrf-nfm	O	Supported values for serviceName: nscp-5g-sbi-proxy (Proxy Service) nmediation-http (Mediation service) nscp-5g-sbi-proxy is a mandatory service. However, when nftype is SCP, this service is not mandatory. The other two services are optional. If these services are provided with nfServiceStatus REGISTERED, they register with NRF. If nfServiceStatus is SUSPENDED or UNDISCOVERABLE, then there is no registration with NRF for the corresponding service. If provided irrespective of nfServiceStatus, they are used in virtual service creation. Note: nscp-5g-sbi-proxy is a conditional service and might not be removed from ocscp_values.yaml. This service is supported only in the Release 15 deployment model. nmediation-http service is optional. If you want to configure any of these services, then the user must provide this configuration while deploying it through helm using the custom ocscp_values.yaml file.
nrfProfiles.nfServices.priority	integer	0 to 65535	0	O	Priority of NRF among the NRF list. It is used for load balancing between the NRFs.
nrfProfiles.nfServices.versions.apiFullVersion	string	NA	1.0.0	O	Version of API.
nrfProfiles.nfServices.versions.apiVersionInUri	string	NA	v1	O	URI of API.
nrfProfiles.nfServices.capacity	integer	0 to 65535	5000	O	Capacity of the NRF among the NRF list. It is used for load balancing between the NRFs.
nrfProfiles.nfServices.apiPrefix	string	Can be combination of letters from a-z and A-Z	NA	O	Location of NRF.
nrfProfiles.nfServices.fqdn	string	fqdn: Labels can be letter a-z, number 0-9, hyphen(-). Hyphen cannot be first character. Label combined with dot(.) forms domain.	NA	O	FQDN of NRF.
nrfProfiles.nfServices.ipEndPoints	list of IP address and port	[{"ipv4Address": <IpV4 Address>, "port": <integer>}] or  [{"ipv6Address": <IpV6 Address>, "port": <integer>}] or [{"ipv4Address": <IpV4 Address>, "port": <integer>}, {"ipv6Address": <IpV6 Address>, "port": <integer>}]	NA	O	List of IPv4 Address or IPv6 Address, or both IPv4 and IPv6 Addresses transport and port combination of the given NRF.
nrfProfiles.nfServices.load	integer	0 to 100	0	O	Mention the load of the service.
nrfProfiles.nfServices.nfServiceStatus	string	REGISTERED or SUSPENDED (TS 29.510)	REGISTERED	O	Status of service. It is not used by SCP but must be present in the NF profile format with all mandatory fields.
nrfProfiles.nfServices.scheme	string	NA	http	O	HTTP scheme.
nrfProfiles.nfServices.serviceInstanceId	string	String uniquely identifying a NF service instance. The format of the NF Service Instance ID is Universally Unique Identifier (UUID) version 4, as described in IETF RFC 4122 [15].	f86b54b7-aef9-4c78-b346-3bfb7f380812	O	Instance ID of the SCP service. Note: If you want to configure any services, you must provide the configuration while deploying it through Helm using the custom ocscp_values.yaml file. When SCP is deployed with Release 16 and the NF type is SCP, comment all the parameters under the nfServices category.
nrfProfiles.nfServices.serviceName	string	NA	nnrf-disc	O	Supported values for serviceName: nscp-5g-sbi-proxy (Proxy Service) nmediation-http (Mediation service) nscp-5g-sbi-proxy is a mandatory service. However, when nftype is SCP, this service is not mandatory. The other two services are optional. If these services are provided with nfServiceStatus REGISTERED, they register with NRF. If nfServiceStatus is SUSPENDED or UNDISCOVERABLE, then there is no registration with NRF for the corresponding service. If provided irrespective of nfServiceStatus, they are used in virtual service creation. Note: nscp-5g-sbi-proxy is a conditional service and might not be removed from ocscp_values.yaml. This service is supported only in the Release 15 deployment model. nmediation-http service is optional. If you want to configure any of these services, then the user must provide this configuration while deploying it through helm using the custom ocscp_values.yaml file.
nrfProfiles.nfServices.priority	integer	0 to 65535	0	O	Priority of NRF among the NRF list. It is used for load balancing between the NRFs.
nrfProfiles.nfServices.versions.apiFullVersion	string	NA	1.0.0	O	Version of API.
nrfProfiles.nfServices.versions.apiVersionInUri	string	NA	v1	O	URI of API.
scplocalityconfig.mapping_param	string	LOCALITY, NFINSTANCEID, FQDN	LOCALITY	M	Mapping parameter or the key to look for is used to query the corresponding field in NF profile received in response to NF discovery. This configuration is used to update the Discovery response based on the match criteria (id_value) with SCP IP/Port/FQDN in NF Profile received. It is used to handle AMF discovery from any consumer so that consumer can send requests back to SCP and not directly to AMF after discovering it. For this functionality, consumers must send AMF discovery requests to SCP.
scplocalityconfig.mapping_info.id_value	string	NA	N/A	M	Used to match value against the value obtained from the mapping parameter.
scplocalityconfig.mapping_info.ip_v4_address	string	Valid IPV4 address as per RFC 791	NA	M	The IP address to be used while updating ipv4Address and callback URI in NF discovery response.
scplocalityconfig.mapping_info.fqdn	string	Labels can be letter a-z, number 0-9, hyphen (-). Hyphen cannot be first character. Label combined with dot (.) forms domain.	NA	M	The FQDN to be used while updating FQDN in the NF discovery response.
scplocalityconfig.mapping_info.port	integer	0 to 65535	NA	M	The port to be used while updating port in NF discovery response.
PROBING_LISTENER_PORT	integer	Min- 0, Max-65535	8002	M	This port is used by scp-worker listening for probing.
SIGNALLING_LISTENER_PORT	integer	Min- 0, Max-65535	8080	M	The signaling listener port used by scp-worker.
SIGNALLING_LISTENER_PORT_HTTPS	integer	Min- 0, Max-65535	9443	O	This port will be used for scp-worker listening for signaling of HTTPS connections. Note: This parameter is mandatory when HTTPS is enabled.
scpServiceAccountName	string	NA	NA	O	Service account that SCP pods use. You may provide SCP service account but if it is left empty or removed, a default Service Account is created by SCP for its use. Default is empty. The following rules are required by SCP: rules: - apiGroups: [""] resources: - pods - services - configmaps verbs: ["get", "list", "watch"] - apiGroups: - "" # "" indicates the core API group resources: - secrets - endpoints verbs: ["get", "list", "watch"] For information about defining permissions using roles for SCP, see Creating Service Account, Role, and Rolebinding.
securityContext.runAsUser	Integer	-	1002	O	A security context defines privilege and access control settings for a pod or container. The default values is picked in case no parameter is provided for security context as mentioned in the following example: securityContext: {}
securityContext.runAsGroup	Integer	-	1002	O	Contains the primary group ID of the processes within any container of the pod.
securityContext.fsGroup	Integer	-	1002	O	Contains the supplemental group applied to some volumes. If the fsGroup field is specified, all process of container are also a part of the supplementary group for the given value.
enableContainerSecurityContext	Boolean	true or false	true	O	Enables security context for containers.
containerSecurityContext	allowPrivilegeEscalation: Boolean	true or false	false	M	Controls if a process can obtain more privileges than its primary process. This boolean data type controls whether the no_new_privs parameter gets configured on the container process. allowPrivilegeEscalation is always set to true when the container: is run as privileged. has CAP_SYS_ADMIN.
containerSecurityContext.runAsNonRoot	Boolean	true or false	true	M	Prevents containers from starting as root user.
containerSecurityContext.readOnlyRootFilesystem	Boolean	true or false	false	M	Mounts the container's root filesystem as read-only.
containerSecurityContext.privileged	Boolean	true or false	false	M	Provides containers' access to the host’s resources and kernel capabilities.
containerSecurityContext.runAsUser	Integer	Valid IDs for security context for user	10000	M	Specifies that for any container in the pod, all processes must run with the provided user ID.
containerSecurityContext.capabilities.add	List of Strings	Valid Linux capabilities	drop: -all	M	Manages Linux capabilities for containers. Using Linux capabilities, you can grant certain privileges to a process without granting all the privileges of the root user.
containerSecurityContext.capabilities.drop	List of Strings	Valid Linux capabilities	drop: -all	M	Manages Linux capabilities for containers. Using Linux capabilities, you can grant certain privileges to a process without granting all the privileges of the root user.
nrfProfiles.nfType	string		NRF	M	nfType must be NRF.
nrfProfiles.nfSetIdList	string	Regions or SetIds that NRF can support	N/A	C	In Release 15, based on the "releaseVersion" parameter in SCP deployment, empty list is treated as the default region with the condition that SCP Info is also configured with Blank. Partial configuration is invalid and is not accepted. In Release 16, it is mandatory to specify SetId of NRF. If SCP is deployed with rel15, the format example is: Reg1 If SCP is deployed with rel16, the format example is: set1.nrfset.5gc.mnc014.mcc310
nrfProfiles.capacity	integer	0 to 65535	10000	O	This field specifies the capacity of NRF. This parameter is considered within a set of NRF instances or NRF service instances.
nrfProfiles.locality	string	This is operator defined information about the location of NRF.	N/A	M	This field is used to denote whether the NRF is local for SCP or unknown for SCP. If NRF Locality is within the Serving or Mate Locality of SCP, it is considered as local. Otherwise, it is considered as unknown. Producer NF profiles learnt from local NRF has all existing routing support. NF profiles learnt from unknown NRF only supports routing through another unknown SCP when the “3gpp-sbi-target-apiroot” header is present, which is called as interSCP routing or default routing. Note: This value is case-sensitive.
nrfProfiles.nfInstanceId	string	String uniquely identifying a NF instance. The format of the NF Instance ID shall be a Universally Unique Identifier (UUID) version 4, as described in IETF RFC 4122 [15].	N/A	M	String uniquely identifying the NRF instance. The format of the instance ID is a Universally Unique Identifier (UUID) version 4 as described in IETF RFC 4122. Example: 6faf1bbc-6e4a-2828-a507-a14ef8e1bc5a
nrfProfiles.priority	integer	0 to 65535	0	O	This field specifies the priority of NRF. Lower value means higher priority. For example, primary NRF can be indicated as priority = 0 and secondary NRF as priority = 1. Similarly, further levels of NRF priority can be indicated. This parameter is considered within a set of NRF instances or NRF service instances.
nrfProfiles.interPlmnFqdn	string	NA	nrf.5gc.mnc<MNC>.mcc<MCC>.3gppnetwork.org	O	SCP selects NRF that matches the "3gpp-Sbi-target-apiRoot" header in the received Discovery Request from V-PLMN in roaming scenarios.
nrfProfiles.plmnList.mcc	string	Must be of three digits ranging from 0 to 9	"213"	O	Indicates the mobile country code required for PLMN IDs supported by NRF. This is the PLMN list served by the NRF. It is used in roaming scenarios to forward NRF-oriented requests to the NRF that supports the PLMN list.
nrfProfiles.plmnList.mnc	string	Can be of two or three digits ranging from 0 to 9	"313"	O	Indicates the mobile network code required for PLMN IDs supported by NRF. This is the PLMN list served by the NRF. It is used in roaming scenarios to forward NRF-oriented requests to the NRF that supports the PLMN list.
nrfProfiles.snpnList.mcc	string	Must be of three digits ranging from 0 to 9	"345"	O	Indicates the mobile country code required for Standalone Non Public Network (SNPN) supported by NRF.
nrfProfiles.snpnList.mnc	string	Can be of two or three digits ranging from 0 to 9	"445"	O	Indicates the mobile network code required for Standalone Non Public Network (SNPN) supported by NRF.
nrfProfiles.snpnList.nid	string	NA	000007ed9d5	O	Indicates the network identifier required for Standalone Non Public Network (SNPN) supported by NRF.
nrfProfiles.customInfo.preferredNrfForOnDemandDiscovery	boolean	true or false	true	M	Specifies the NRF preferred by scp-nrfproxy for delegated discovery. Note: This parameter must be set only for one NRF instance.
nrfProfiles.nfServices.serviceName	string	NA	NA	O	Supported values for serviceName: nnrf-nfm and nnrf-disc
nrfProfiles.nfServices.fqdn	string	fqdn: Labels can be letter a-z, number 0-9, hyphen(-). Hyphen cannot be first character. Label combined with dot(.) forms domain.	NA	O	FQDN of the NRF service mentioned in nrfProfiles.nfServices.serviceName.
nrfProfiles.nfServices.port	integer	port: 0 to 65535	80	O	Port number of the NF service.
nrfProfiles.nfServices.apiPrefix	string	apiPrefix: Can be combination of letters from a-z and A-Z		O	Can be a combination of letters from a-z and A-Z
nrfProfiles.nfServices.scheme	string	http or https	http	O	HTTP scheme used by SCP to interact with NRF. Note: This value is case-sensitive.
nrfProfiles.nfServices.priority	integer	0 to 65535	0	O	Mention the priority of the service.
nrfProfiles.nfServices.capacity	integer	0 to 65535	100	O	Mention the capacity of the service.
nrfProfiles.nfServices.load	integer	0 to 100	0	O	Mention the load of the service.
nrfProfiles.nfServices.nfServiceStatus	string	REGISTERED or SUSPENDED (TS 29.510)	REGISTERED	O	Mention the status of the NRF service.
nrfProfiles.nfServices.ipEndPoints	list of IP address and port	[{"ipv4Address": <IpV4 Address>, "port": <integer>}] or  [{"ipv6Address": <IpV6 Address>, "port": <integer>}] or [{"ipv4Address": <IpV4 Address>, "port": <integer>}, {"ipv6Address": <IpV6 Address>, "port": <integer>}]	NA	O	List of IPv4 Address or IPv6 Address, or both IPv4 and IPv6 Addresses transport and port combination of the given NRF.
nrfProfiles.nfServices.apiPrefix	integer	Can be combination of letters from a-z and A-Z	NA	O	API Prefix.
nrfProfiles.nfServices.versions.apiFullVersion	string	NA	NA	O	API Prefix of the NRF Service identified by nrfProfiles.nfServices.serviceName.
nrfProfiles.nfServices.versions.apiVersionInUri	string	NA	NA	O	API version of the URI of the NRF Service identified by nrfProfiles.nfServices.serviceName.
nrfProfiles.nfServices.serviceInstanceId	string	String uniquely identifying a NF service instance. The format of the NF Service Instance ID is Universally Unique Identifier (UUID) version 4, as described in IETF RFC 4122 [15].	f86b54b7-aef9-4c78-b346-3bfb7f380812	O	This is service InstanceID of the NRF service referred by nrfProfiles.nfServices.serviceName. Note: nfServices are completely optional. One or all services can be removed. For removing all services, you must remove the nfServices key. The nfServices block from ocscp_values.yaml can be removed if you want to configure any of these services. You must provide this configuration while deploying it through Helm using the custom ocscp_values.yaml file. This parameter is mandatory for rel15 deployment and optional for rel16 deployment.
tracingEnable	&scpworkerTracingEnabled true	true or false	true	O	Option to enable or disable Jaeger tracing. The reference variable &scpworkerTracingEnabled should not be changed, however, the value true/false can be changed.
enableTraceBody	&scpworkerJaegerBodyEnabled false	true or false	false	O	Option to enable or disable tracing for full body of all Request or Response messages. The configuration is added only if tracingenable is configured as true. The reference variable &scpworkerJaegerBodyEnabled should not be changed, however, the value true/false can be changed.
releaseVersion	list	rel15 or rel16	rel16	M	Option to enable either Release 15 or Release 16 while deploying SCP. For information about Release 15 and Release 16, see 3GPP TS 23.501.
scpMetricVersion	string	-	Default value for CNE: v1 Default value for OCI: v2	M	This parameter defines the metric version. If v2 is used, some of the dimensions are clubbed together to keep the dimension count below 20. This must be used for OCI deployments. If v1 is used, no change in metric dimension from prior releases and the dimension count can go beyond 20 dimensions. This is used for CNE deployments.
dnsSRVAlternateRouting	boolean	true or false	false	M	Enables or disables the Alternate Routing based on the DNS SRV Records feature. Note: You must perform the Helm install while enabling or disabling this feature.
nrfProxyService	boolean	true or false	false	M	Enables or disables the scp-nrfproxy microservice. Note: This parameter is applicable only for SCP Release 16 deployment.
mediationService	boolean	true or false	false	M	Enables or disables Mediation.
nrfProxyOauthService	boolean	true or false	false	M	Enables or disables the nrfproxy-oauth service.
dnsSrvSchemeConfig.defaultScheme	string	https or http	https	O	This is the default scheme to be used to create Domain Name System (DNS) Service (SRV) Service Proto Name (SPN) for NF profile level FQDN. The same configuration is used to derive the scheme to perform DNS SRV alternate route of notification messages when NFService is unknown and nativeEgressHttpsSupport is set to true.
dnsSrvSchemeConfig.exceptionList	List<String>	Valid NF Types	""	O	The list of NF types that must use non-default scheme for SPN creation. For example, if the default scheme is HTTPS, then the non-default will be HTTP, and vice versa.
serviceIpFamilyPolicy.scpcAudit	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpcAudit service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpcConfiguration	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpcConfiguration service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpcSubscription	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpcSubscription service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpcNotification	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpcNotification service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpcAlternateResolution	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpcAlternateResolution service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpCache	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpCache service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpNrfProxyOauth	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpNrfProxyOauth service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpNrfproxy	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpNrfproxy service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpWorker	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpWorker service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpMediation	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpMediation service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpMediationTest	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpMediationTest service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilyPolicy.scpcLoadManager	<string>	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	M	ipFamilyPolicy to be allocated to scpcLoadManager service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpcAudit	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpcAudit service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpcConfiguration	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpcConfiguration service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpcSubscription	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpcSubscription service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpcNotification	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpcNotification service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpcAlternateResolution	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpcAlternateResolution service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpCache	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpCache service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpNrfProxyOauth	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpNrfProxyOauth service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpNrfproxy	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpNrfproxy service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpWorker	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpWorker service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpMediation	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpMediation service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpMediationTest	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpMediationTest service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
serviceIpFamilies.scpcLoadManager	List<String>	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	M	ipFamilies to be allocated to scpcLoadManager service. For supported combinations of serviceIpFamilies and serviceIpFamilyPolicy, see Table 3-2.
scpPreferEgressTrafficOnIPv6	Boolean	true or false	false	C	This parameter is used to prefer IPv6 for egress connections when both IPv4 and IPv6 addresses are available. This value is set to true when: ipFamilyPolicy is PreferDualStack or RequireDualStack. SCP uses IPv6 address for egress traffic. Note: In the absence of IPv6, routing occurs through IPv4. The above mentioned configuration is not applicable for egress connections where IP address is obtained from NF Profile.
xfccHeaderDecode.certExtractIndex	integer	0//right most,-1//left most, 2-3rd from right most	0	M	Parameters that control XFCC header extraction by specifying indexes and field names. If there are no additional hops adding XFCC header between consumer and SCP Worker, the default extraction index value of 0 is used for both certificate and field. In case there are additional hops adding XFCC header between consumer and SCP Worker, extraction index value of -1 is used for both certificate and field. Indicates certificate extraction index. Note: From SCP 22.3.0, the xfccHeaderDecode block, which is used for configuring decoding of the xfcc header, cannot be used from the deployment file. You can use the new SCP Consumer NF Info Configuration REST API parameter to configure this information. For more information about this parameter, see Oracle Communications Cloud Native Core, Service Communication Proxy REST Specification Guide. This block will be removed in the next release.
xfccHeaderDecode.extractField	string		DNS	M	Parameters that control XFCC header extraction by specifying indexes and field names. Indicates the field name to extract. Note: From SCP 22.3.0, the xfccHeaderDecode block, which is used for configuring decoding of the xfcc header, cannot be used from the deployment file. You can use the new SCP Consumer NF Info Configuration REST API parameter to configure this information. For more information about this parameter, see Oracle Communications Cloud Native Core, Service Communication Proxy REST Specification Guide. This block will be removed in the next release.
xfccHeaderDecode.extractIndex	integer	0//right most,-1//left most, 2-3rd from right most	0	M	Parameters that control XFCC header extraction by specifying indexes and field names. Indicates the index from which the field is extracted. Note: From SCP 22.3.0, the xfccHeaderDecode block, which is used for configuring decoding of the xfcc header, cannot be used from the deployment file. You can use the new SCP Consumer NF Info Configuration REST API parameter to configure this information. For more information about this parameter, see Oracle Communications Cloud Native Core, Service Communication Proxy REST Specification Guide. This block will be removed in the next release.
istioSidecarQuitUrl	&sidecarQuitUrl "http://127.0.0.1:15000/quitquitquit"		"http://127.0.0.1:15000/quitquitquit"	M	Field to define the URL that is used for quitting service mesh sidecar. This URL is used to quit the istio sidecar after successful completion of hook job. The reference variable &sidecarQuitUrl should not be changed, however, the value "http://127.0.0.1:15000/quitquitquit" can be changed. Applicable only when serviceMeshEnabled is set to true.
istioSidecarReadyUrl	&sidecarReadyUrl "http://127.0.0.1:15000/ready"		"http://127.0.0.1:15000/ready"	M	Field to define the URL that is used for checking the service mesh sidecar status and start application when the status is ready. The reference variable &sidecarReadyUrl should not be changed, however, the value "http://127.0.0.1:15000/ready" can be changed. Applicable only when serviceMeshEnabled is set to true.
serviceSpecifications.port.coherenceMgmtSvcPort	integer	Min-1024, Max-65535	9000	M	The service port to access the Coherence cluster status using the rest based URI.
serviceSpecifications.port.coherenceMsgPort1	integer	Min- 1024, Max-65535	8095	M	The Coherence communication port start range.
serviceSpecifications.port.coherenceMsgPort2	integer	Min- 1024, Max-65535	8096	M	The Coherence communication port end range.
serviceSpecifications.port.publicSignalingPort	integer	Min- 0, Max-65535	8000	M	An option to configure signaling ports.
serviceSpecifications.port.publicSignalingPortHttps	integer	Min- 0, Max-65535	443	O	Signaling port to be used for HTTPS connections. To be enabled if user wants to use HTTPS. If enabled, security certificates must be configured in the appropriate sections to enable communication over HTTPS.
serviceSpecifications.workerServices.name	string	NA	scp-worker	M	The name of the scp-worker service. Note: The default service name, scp-worker, cannot be modified. However, you can edit or modify only the newly added service names.
serviceSpecifications.workerServices.networkNameEnabled	boolean	true/false	false	O	An option to enable or disable metalLB IP allocation from the pool for Signaling interfaces.
serviceSpecifications.workerServices.networkName	boolean	true/false	false	C	An annotation that notifies metalLB to allocate an IP address for the Signaling interface of SCP. The annotation is added when networkNameEnabled is set to true.
serviceSpecifications.workerServices.publicSignalingIPSpecified	boolean	true/false	false	M	Regulates the value of serviceSpecifications.workerServices.publicConfigIP. If this parameter is set to true, then the value provided for serviceSpecifications.workerServices.publicConfigIP is considered. Note: This configuration is applicable for SERVICE 2.
serviceSpecifications.workerServices.publicSignalingIP	string	valid IP address	NA	O	Public configured IP address of the scp-worker service. Note: This configuration is applicable for SERVICE 2.
serviceSpecifications.workerServices.publicSignalingIPv6Specified	<boolean>	true or false	false	O	Enables or disables Loadbalancer IPv6 configuration statically for Signaling interfaces. Note: This configuration is applicable for SERVICE 2.
serviceSpecifications.workerServices.publicSignalingIPv6	<IPv6 Address>	Valid IPv6 address	NA	C	Configures static signaling Loadbalancer IP. The configured value is used if publicSignalingIPv6Specified is configured as true. Note: This configuration is applicable for SERVICE 2.
serviceSpecifications.workerServices.ipFamilyPolicy	*workerIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	SingleStack	C	ipFamilyPolicy to be allocated to scpWorker service. This value depends on global.serviceIpFamilyPolicy.scpWorker. Note: This configuration is applicable for SERVICE 2.
serviceSpecifications.workerServices.ipFamilies	*workerIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	[IPv4]	C	ipFamilies to be allocated to scpWorker service. This value depends on global.serviceIpFamilies.scpWorker. Note: This configuration is applicable for SERVICE 2.
serviceSpecifications.workerServices.port.staticNodePortEnabled	boolean	true/false	false	M	Regulates the value of serviceSpecifications.workerServices.port.nodePort. If this parameter is set to true, then the value provided for serviceSpecifications.workerServices.port.nodePort is considered.
serviceSpecifications.workerServices.port.nodePort	string	30000-32768	NA	O	The static node port of the scp-worker service.
serviceSpecifications.workerServices.customExtension.labels	string	K8s label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to the "Service" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
serviceSpecifications.workerServices.customExtension.annotations	string	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to the "Service" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>
serviceSpecifications.scpSubscriptionInfo.ip	string	Valid IP address obtained from the metalLB pool	NA	O	Used for constructing callbackUri for NF profile notification from NRF. metallb or masterIp, this ip is obtained from metallb pool. You can provide either IPv4 or IPv6 address.
serviceSpecifications.scpSubscriptionInfo.scheme	string	http	http	O	The preferable scp-worker scheme for callback notifications.
scpSoothsayerConfig.systemOptions.trafficPolicy.connectionPool.http.idleTimeout	integer	NA	600s	O	HTTP idle timeout for upstream connections. Only HTTP IdleTimeout is configured. idleTimeout must be set to a value that is less than kube-proxy timeout value so that before kube-proxy silently discards connection, the connection gets terminated gracefully by HTTP.
scpSoothsayerConfig.systemOptions.trafficPolicy.connectionPool.tcp.connectTimeout	integer	NA	250ms	O	TCP keep alive settings for upstream connections.
scpSoothsayerConfig.systemOptions.trafficPolicy.connectionPool.tcp.tcpKeepalive.probes	integer	Maximum number of keepalive probes to send without response before deciding the connection is dead. Min value: 1, Max value: 16 minutes	9 minutes	O	Sets the tcpKeepalive parameter to enable TCP Keepalives. tcpKeepalive.probes - Maximum number of keepalive probes to send without response before deciding the connection is dead.
scpSoothsayerConfig.systemOptions.trafficPolicy.connectionPool.tcp.tcpKeepalive.time	integer	The time duration that a connection must be idle before keep-alive probes start being sent. Min value: 1 sec, Max value: 7200 sec	180s	O	The time duration that a connection must be idle before keep-alive probes start is sent.
scpSoothsayerConfig.systemOptions.trafficPolicy.connectionPool.tcp.tcpKeepalive.interval	integer	The time duration between keep-alive probes. Min value: 1 sec, Max value: 120 sec	1s	O	The time duration between keep-alive probes.
scpSoothsayerConfig.nrfServiceForAudit	string	nnrf-nfm/nnrf-disc	nnrf-nfm	O	Configures the NRF Service type service to retrieve profiles from NRF. Possible values are: nnrf-nfm nnrf-disc You must configure one of the above mentioned values, which is used by Audit to query to NRF for fetching profiles.
scpSoothsayerConfig.reverseProxyEnabled	boolean	true/false	true	M	If it is enabled, then all the NFs, which support reverseProxy, Reverse proxy (reverseProxySupport = true), get enabled by default. In case you want to disable after deployment, then use the APIs provided to reconfigure the reverseProxySupport option. Note: This parameter is not supported and will be removed in the future release.
ddSslConfiguration	string	NA	NA	O	This parameter is used to configure SSL or TLS certificate for the Traffic Feed feature. Certification Authority (CA) and Truststore password information is required to generate TrustStore to connect to Oracle Communications Network Analytics Data Director (OCNADD). For more information about OCNADD, see Oracle Communications Network Analytics Data Director User Guide. You must create secret with CA and TrustStore password files and provide these details in the deployment file. The storeType field indicates the type of truststore (jks and p12 supported).
ddSslConfiguration.sslEnabledProtocol	string	TLSv1.3, TLSv1.2	TLSv1.3	O	Indicates the TLS version to be used for SSL connection.
ddSslConfiguration.cipherSuitesTlsV1_2	string	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256	O	Indicates the cipher suites available for TLSv1.2 connections.
ddSslConfiguration.cipherSuitesTlsV1_3	string	TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256	TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256	O	Indicates the cipher suites available for TLSv1.3 connections.
ddSslConfiguration.k8NameSpace	string	NA	scpsvc	O	Indicates the namespace of the Kubernetes secret.
ddSslConfiguration.primary.k8SecretName	string	NA	primary-ocscpdd-secret	O	Secret must be created for truststore password, certificate, privateKey, and keystore password which is required for TrafficFeed SSL connection and details to be provided: Name of secret that contains truststore password information Note: A valid Truststore password file name and secret should be provided to establish TrafficFeed SSL connection
ddSslConfiguration.primary.trustStorePassword.fileName	string	NA	ddtrust.txt	O	Secret must be created for truststore password, certificate, privateKey, and keystore password which is required for TrafficFeed SSL connection and details to be provided: File name that has password for truststore Note: A valid Truststore password file name and secret should be provided to establish TrafficFeed SSL connection
ddSslConfiguration.primary.caBundle.k8SecretName	string	NA	primary-ocscpdd-secret	O	Secret must be created for caBundle, which is used to generate the truststore required for the SSL connection with TrafficFeed, and details to be provided: Name of secret that contains caBundle data Note: A valid caBundle file name and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.primary.caBundle.fileName	string	NA	certificate.crt	O	Secret must be created for caBundle, which is used to generate the truststore required for the SSL connection with TrafficFeed, and details to be provided: File name of caBundle Note: A valid caBundle file name and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.primary.trustStoreType	string	NA	p12	O	This parameter indicates the TrustStore type, JKS or PKCS12.
ddSslConfiguration.primary.certificate.rsa	string	NA	dd_certificate.cer	O	Primary TLS certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: rsa certificate file name Note: A valid certificate file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.primary.certificate.ecdsa	string	NA	dd_ssl_ecdsa_certificate.crt	O	Primary TLS certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: ecdsa certificate file name Note: A valid certificate file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.primary.certificate.ecdsa	string	NA	dd_rsa_private_key_pkcs1.pem	O	Primary PrivateKey should be created for certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: rsa private key file name Note: A valid privateKey file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.primary.privateKey.ecdsa	string	NA	dd_ssl_ecdsa_private_key.pem	O	Primary PrivateKey should be created for certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: ecdsa private key file name Note: A valid privateKey file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.primary.keyStorePassword.fileName	string	NA	ddkey.txt	O	Primary keyStore password required for TrafficFeed SSL connection and details should be provided: File name that has password for keystore Note: A valid keystore password file name and secret must be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.primary.keyStoreType	string	NA	p12	O	This parameter indicates the Keystore type, JKS or PKCS12.
ddSslConfiguration.secondary.k8SecretName	string	NA	secondary-ocscpdd-secret	O	Secret must be created for truststore password, certificate, privateKey, and keystore password which is required for TrafficFeed SSL connection and details to be provided: Name of secret that contains truststore password information Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid Truststore password file name and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.trustStorePassword.fileName	string	NA	ddtrust.txt	O	Secret must be created for truststore password, certificate, privateKey, and keystore password which is required for TrafficFeed SSL connection and details to be provided: File name that has password for truststore Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid Truststore password file name and secret should be provided to establish TrafficFeed SSL connection
ddSslConfiguration.secondary.caBundle.k8SecretName	string	NA	secondary-ocscpdd-secret	O	Secret must be created for caBundle, which is used to generate the truststore required for the SSL connection with TrafficFeed, and details to be provided: Name of secret that contains caBundle data Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid caBundle file name and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.caBundle.fileName	string	NA	certificate.crt	O	Secret must be created for caBundle, which is used to generate the truststore required for the SSL connection with TrafficFeed, and details to be provided: File name of caBundle Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid caBundle file name and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.trustStoreType	string	NA	p12	O	This parameter indicates the TrustStore type, JKS or PKCS12. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates.
ddSslConfiguration.secondary.certificate.rsa	string	NA	dd_certificate.cer	O	Secondary TLS certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: rsa certificate file name Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid certificate file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.certificate.ecdsa	string	NA	dd_ssl_ecdsa_certificate.crt	O	Secondary TLS certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: ecdsa certificate file name Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid certificate file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.privateKey.rsa	string	NA	dd_rsa_private_key_pkcs1.pem	O	Secondary PrivateKey should be created for certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: rsa private key file name Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid privateKey file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.privateKey.ecdsa	string	NA	dd_ssl_ecdsa_private_key.pem	O	Secondary PrivateKey should be created for certificate used for keyStore required for TrafficFeed SSL connection and details should be provided: ecdsa private key file name Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid privateKey file name for RSA or ECDSA and secret should be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.keyStorePassword.fileName	string	NA	ddkey.txt	O	Secondary keyStore password required for TrafficFeed SSL connection and details should be provided: File name that has password for keystore Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid keystore password file name and secret must be provided to establish TrafficFeed SSL connection.
ddSslConfiguration.secondary.keyStoreType	string	NA	p12	O	This parameter indicates the Keystore type, JKS or PKCS12. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates.
ddSslConfiguration.initialAlgorithm	string	NA	RS256	O	This parameter indicates the SSL Algorithm.
ddSaslConfiguration.userName.fileName	string	NA	userName.txt	O	This parameter is used to configure SSL for TrafficFeed feature. Password information is used by SCP to connect to OCNADD with SASL as security mechanism. You must create secret with userName files and provide details in deployment file. Note: A valid username and password file name and secret must be provided to establish TrafficFeed SASL connection.
ddSaslConfiguration.userName.k8SecretName	string	NA	ocscpddsasl-secret	O	This parameter is used to configure SSL for TrafficFeed feature. UserName information is used by SCP to connect to OCNADD with SASL as security mechanism. You must create secret with userName files and provide details in deployment file. Note: A valid username and password file name and secret must be provided to establish TrafficFeed SASL connection.
ddSaslConfiguration.password.fileName	string	NA	password.txt	O	This parameter is used to configure SSL for TrafficFeed feature. Password information is used by SCP to connect to OCNADD with SASL as security mechanism. You must create secret with password files and provide details in deployment file. Note: A valid username and password file name and secret must be provided to establish TrafficFeed SASL connection.
ddSaslConfiguration.password.k8SecretName	string	NA	ocscpddsasl-secret	O	This parameter is used to configure SSL for TrafficFeed feature. Password information is used by SCP to connect to OCNADD with SASL as security mechanism. You must create secret with password files and provide details in deployment file. Note: A valid username and password file name and secret must be provided to establish TrafficFeed SASL connection.
sbiProxySslConfigurations.server.tlsVersion	string	The allowed values are: TLSv1.3,TLSv1.2 TLSv1.3 TLSv1.2	TLSv1.3,TLSv1.2	O	Indicates the version of Transport Layer Security (TLS).
sbiProxySslConfigurations.k8NameSpace	string	NA	scpsvc	O	Indicates Kubernetes namespace.
sbiProxySslConfigurations.server.cipherSuitesTlsV1_2	string	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256	O	Indicates the cipher suites available for TLSv1.2 connections.
sbiProxySslConfigurations.server.cipherSuitesTlsV1_3	string	TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256	TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256	O	Indicates the cipher suites available for TLSv1.3 connections.
sbiProxySslConfigurations.server.primary.secretName	string	NA	server-primary-ocscp-secret	O	Indicates the name of Kubernetes secret. Note: A valid Truststore password file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.primary.privateKey.rsa	string	NA	server_rsa_private_key_pkcs1.pem	O	Indicates the RSA private key file name. Note: A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.primary.privateKey.ecdsa	string	NA	ssl_ecdsa_private_key.pem	O	Indicates the ecdsa private key file name. Note: A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.primary.certificate.rsa	string	NA	server_ocscp.cer	O	Indicates the RSA certificate file name. Note: A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.primary.certificate.ecdsa	string	NA	ssl_ecdsa_certificate.crt	O	Indicates the ecdsa certificate file name. Note: A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.primary.caBundle.k8SecretName	string	NA	server-primary-ocscp-secret	O	Indicates the name of Kubernetes secret that contains caBundle data. Note: A valid caBundle file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.primary.caBundle.fileName	string	NA	server_caroot.cer	O	Indicates the file name of caBundle. Note: A valid caBundle file name and secret should be provided to establish server side SSL connection. For HTTPS communication, you can use multiple intermediate and root CA certificates by combining them into a single CA bundle file. This combined CA bundle can be configured under the sbiProxySslConfigurations Helm parameter.
sbiProxySslConfigurations.server.primary.keyStorePassword.fileName	string	NA	key.txt	O	Indicates the file name that has password for keystore. Note: A valid keyStore password file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.primary.trustStorePassword.fileName	string	NA	trust.txt	O	Indicates the file name that has password for truststore. Note: A valid Truststore password file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.secretName	string	NA	server-secondary-ocscp-secret	O	Indicates the name of Kubernetes secret. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid Truststore password file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.privateKey.rsa	string	NA	2nd_server_rsa_private_key_pkcs1.pem	O	Indicates the RSA private key file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.privateKey.ecdsa	string	NA	ssl_ecdsa_private_key.pem	O	Indicates the ecdsa private key file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.certificate.rsa	string	NA	2nd_server_ocscp.cer	O	Indicates the RSA certificate file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.certificate.ecdsatlsVersion	string	NA	ssl_ecdsa_certificate.crt	O	Indicates the ecdsa certificate file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.caBundle.k8SecretName	string	NA	server-secondary-ocscp-secret	O	Indicates the name of Kubernetes secret that contains caBundle data. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid caBundle file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.caBundle.fileName	string	NA	server_caroot.cer	O	Indicates the file name of caBundle. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid caBundle file name and secret should be provided to establish server side SSL connection. For HTTPS communication, you can use multiple intermediate and root CA certificates by combining them into a single CA bundle file. This combined CA bundle can be configured under the sbiProxySslConfigurations Helm parameter.
sbiProxySslConfigurations.server.secondary.keyStorePassword.fileName	string	NA	key.txt	O	Indicates the file name that has password for keystore. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid keyStore password file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.server.secondary.trustStorePassword.fileName	string	NA	trust.txt	O	Indicates the file name that has password for truststore. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid Truststore password file name and secret should be provided to establish server side SSL connection.
sbiProxySslConfigurations.terminateTLSConnsOnCertExpiry.client	boolean	true or false	false	O	Helm configuration for Egress (client) connections to determine whether to terminate or maintain existing HTTPS connections when the configured TLS certificate is updated or renewed. When the TLS certificate expires, SCP: Maintains the existing HTTPS connections that were using the expired certificates. Creates new HTTPS connections that use the updated or renewed TLS certificate.
sbiProxySslConfigurations.client.primary.nfType	string	NA	default	O	Indicates the client NF type.
sbiProxySslConfigurations.client[0].tlsVersion	string	The allowed values are: TLSv1.3,TLSv1.2 TLSv1.3 TLSv1.2	TLSv1.3,TLSv1.2	O	Indicates the TLS version to be used by the client.
sbiProxySslConfigurations.client[0].cipherSuitesTlsV1_2	string	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256	O	Indicates the cipher suites that can be used for TLSv1.2 connections.
sbiProxySslConfigurations.client[0].cipherSuitesTlsV1_3	string	TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256	TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256	O	Indicates the cipher suites that can be used for TLSv1.3 connections.
sbiProxySslConfigurations.client.primary.secretName	string	NA	default-primary-ocscp-secret	O	Indicates the name of Kubernetes secret. Note: A valid Truststore password file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.primary.privateKey.rsa	string	NA	client_rsa_private_key_pkcs1.pem	O	Indicates the RSA private key file name. Note: A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.primary.privateKey.ecdsa	string	NA	ssl_ecdsa_private_key.pem	O	Indicates the ecdsa private key file name. Note: A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.primary.certificate.rsa	string	NA	client_ocscp.cer	O	Indicates the RSA certificate file name. Note: A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.primary.certificate.ecdsa	string	NA	ssl_ecdsa_certificate.crt	O	Indicates the ecdsa certificate file name. Note: A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.primary.caBundle.k8SecretName	string	NA	default-primary-ocscp-secret	O	Indicates the name of Kubernetes secret that contains caBundle data. Note: A valid caBundle file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.primary.caBundle.fileName	string	NA	server_caroot.cer	O	Indicates the file name of caBundle. Note: A valid caBundle file name and secret should be provided to establish client side SSL connection. For HTTPS communication, you can use multiple intermediate and root CA certificates by combining them into a single CA bundle file. This combined CA bundle can be configured under the sbiProxySslConfigurations Helm parameter.
sbiProxySslConfigurations.client.primary.keyStorePassword.fileName	string	NA	key.txt	O	Indicates the file name that has password for keystore. Note: A valid keyStore password file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.primary.trustStorePassword.fileName	string	NA	trust.txt	O	Indicates the file name that has password for truststore. Note: A valid Truststore password file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.secretName	string	NA	default-secondary-ocscp-secret	O	Indicates the name of Kubernetes secret. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid Truststore password file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.privateKey.rsa	string	NA	2nd_client_rsa_private_key_pkcs1.pem	O	Indicates the RSA private key file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.privateKey.ecdsa	string	NA	ssl_ecdsa_private_key.pem	O	Indicates the ecdsa private key file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid privateKey file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.certificate.rsa	string	NA	2nd_client_ocscp.cer	O	Indicates the RSA certificate file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.certificate.ecdsa	string	NA	ssl_ecdsa_certificate.crt	O	Indicates the ecdsa certificate file name. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid certificate file name whether for RSA or ECDSA and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.caBundle.k8SecretName	string	NA	default-secondary-ocscp-secret	O	Indicates the name of Kubernetes secret that contains caBundle data. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid caBundle file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.caBundle.fileName	string	NA	caroot.cer	O	Indicates the file name of caBundle. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid caBundle file name and secret should be provided to establish client side SSL connection. For HTTPS communication, you can use multiple intermediate and root CA certificates by combining them into a single CA bundle file. This combined CA bundle can be configured under the sbiProxySslConfigurations Helm parameter.
sbiProxySslConfigurations.client.secondary.keyStorePassword.fileName	string	NA	key.txt	O	Indicates the file name that has password for keystore. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid keyStore password file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.client.secondary.trustStorePassword.fileName	string	NA	trust.txt	O	Indicates the file name that has password for truststore. Note: You can configure this parameter only if you want to enable the secondary TLS certificate to support multiple TLS certificates. A valid Truststore password file name and secret should be provided to establish client side SSL connection.
sbiProxySslConfigurations.initialAlgorithm	string	ES256 and RS256	RS256	O	Indicates SSL or TLS algorithm. The supported algorithms are: ES256 and RS256.
sbiProxySslConfigurations.client[0].nfTypeExtensionSelfValidation	boolean	true,false	false	O	You can configure this parameter to enable or disable validation of the nfType extension value in the SCP's client TLS certificate. If enabled and the nfType extension is present in the TLS certificate, SCP will verify that the value is "SCP".
sslCertExpiryCriticalThreshold	integer	Should be less than sslCertExpiryMajorThreshold and sslCertExpiryMinorThreshold	30D Note: The allowed dimensions are D for days, H for hours, and M for minutes, and the default value is days (D).	M	Indicates the certificate expiry threshold values for triggering Minor, Major, and Critical alerts for TLS certificate expiration.
sslCertExpiryMajorThreshold	integer	Should be less than sslCertExpiryMinorThreshold and higher than sslCertExpiryCriticalThreshold	90D Note: The allowed dimensions are D for days, H for hours, and M for minutes, and the default value is days (D).	M	Indicates the certificate expiry threshold values for triggering Minor, Major, and Critical alerts for TLS certificate expiration.
sslCertExpiryMinorThreshold	integer	Should be higher than sslCertExpiryMajorThreshold and sslCertExpiryCriticalThreshold	180D Note: The allowed dimensions are D for days, H for hours, and M for minutes, and the default value is days (D).	M	Indicates the certificate expiry threshold values for triggering Minor, Major, and Critical alerts for TLS certificate expiration.
enableTlsExtensionsCompliance	boolean	true,false	true	M	You can configure this parameter to enable or disable the control of certain TLS extensions. This involves disabling specific TLS extensions and setting values for the signature_algorithms, signature_algorithms_cert, and supported_groups (Named Groups) extensions. The signature_algorithms and signature_algorithms_cert extensions correspond to Signature Schemes, while supported_groups is the same as Named Groups. These controls will apply to all TLS communication in the SCP worker. If disabled, the JDK system defaults will be used. If enabled, the following settings will apply: Disabled Extensions: session_ticket, status_request, status_request_v2, psk_key_exchange_modes, pre_shared_key, early_data, certificate_authorities, ec_point_formats Signature Schemes: ecdsa_secp521r1_sha512, ecdsa_secp384r1_sha384, ecdsa_secp256r1_sha256, ed448, ed25519, rsa_pss_rsae_sha512, rsa_pss_rsae_sha384, rsa_pss_rsae_sha256, rsa_pss_pss_sha512, rsa_pss_pss_sha384, rsa_pss_pss_sha256, rsa_pkcs1_sha512, rsa_pkcs1_sha384, rsa_pkcs1_sha256 Named Groups: secp521r1, secp384r1, secp256r1, x448, x25519
tlsSessionResumptionDisabled	boolean	true,false	true	M	Disables TLS session resumption when the pre_shared_key extension is disabled. This variable must be set to true when the pre_shared_key extension is disabled, and conversely.
clientDisabledExtensions	string	-	session_ticket,status_request,status_request_v2,psk_key_exchange_modes,pre_shared_key,early_data,certificate_authorities,ec_point_formats	C	Disables the extensions in HTTPS communication while interacting with client.
serverDisabledExtensions	string	-	session_ticket,status_request,status_request_v2,psk_key_exchange_modes,pre_shared_key,early_data,ec_point_formats	C	Disables the extensions in HTTPS communication while interacting with server.
clientAllowedSignatureSchemes	string	-	ecdsa_secp521r1_sha512,ecdsa_secp384r1_sha384,ecdsa_secp256r1_sha256,ed448,ed25519,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,rsa_pss_rsae_sha256,rsa_pss_pss_sha512,rsa_pss_pss_sha384,rsa_pss_pss_sha256,rsa_pkcs1_sha512,rsa_pkcs1_sha384,rsa_pkcs1_sha256	C	Lists the signature schemes allowed for the client in HTTPS communication.
serverAllowedSignatureSchemes	string	-	ecdsa_secp521r1_sha512,ecdsa_secp384r1_sha384,ecdsa_secp256r1_sha256,ed448,ed25519,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,rsa_pss_rsae_sha256,rsa_pss_pss_sha512,rsa_pss_pss_sha384,rsa_pss_pss_sha256,rsa_pkcs1_sha512,rsa_pkcs1_sha384,rsa_pkcs1_sha256	C	Lists the signature schemes allowed for the server in HTTPS communication.
allowedNamedGroups	string	-	secp521r1,secp384r1,secp256r1,x448,x25519	C	Lists the allowed name groups in HTTPS communication.
enableDnsBasedNrfBootStrapInfoFeature	boolean	true,false	false	O	Enables or disables the nrf_bootstrap_info feature in the SCP deployment.
deRegisterScpDuringMigration	boolean	true,false	false	O	Deregisters SCP with the old or static nrfset if both NRFs in the migration from static to DNS SRV are the same.
preferredDNSSRVNrfSetIdForOnDemandDiscovery	strings	NA	setnrfl1.nrfset.5gc.mnc012.mcc345	O	Preferred DNSSRV NrfSetId to be used for on demand discovery when the nrf_bootstrap_info feature is enabled during deployment.
nrfSrvConfiguration.nrfSrvFqdn	strings	NA	nrf1svc.scpsvc.svc.cluster.local	M	NRF SRV FQDN for the corresponding NRF SRV configuration.
nrfSrvConfiguration.nfSetIdList	strings	NA	"setnrfl1.nrfset.5gc.mnc012.mcc345"	M	SetId for this NRF SRV configuration. This setId must be unique for each NRF SRV configuration; this setId must not be present in other NRF SRV configurations.
nrfSrvConfiguration.performSubscription	boolean	true/false	false	O	Allow to decide whether NRF from this NRF SRV is used for subscription or not.
nrfSrvConfiguration.plmnList.mcc	integer	Must be of three digits ranging from 0 to 9	330	O	Indicates the mobile country code required for PLMN IDs supported by NRF used in NRF DNS SRV. This is the PLMN list served by the NRF used in the NRF DNS SRV feature. It is employed in roaming scenarios to route NRF-related requests to the NRF that supports the PLMN list.
nrfSrvConfiguration.plmnList.mnc	integer	Can be of two or three digits ranging from 0 to 9	143	O	Indicates the mobile network code required for PLMN IDs supported by NRF used in NRF DNS SRV. This is the PLMN list served by the NRF used in the NRF DNS SRV feature. It is employed in roaming scenarios to route NRF-related requests to the NRF that supports the PLMN list.
nrfSrvConfiguration.performAudit	boolean	true,false	true	O	Allows to decide whether NRF from this NRF SRV should be used for a audit or not.
nrfSrvConfiguration.registerScp	boolean	true,false	true	O	Allows to decide whether to register SCP with the NRF from the NRF Set.
nrfSrvConfiguration.scheme	string	"http","https"	http	M	Used for the URI Scheme. The supported value is http/https.
nrfSrvConfiguration.apiPrefix	string	NA	USEast	O	Used for apiPrefix.
nrfSrvConfiguration.versions	string	apiVersionInUri: <string> apiFullVersion: <string>	apiVersionInUri: v1 apiFullVersion: 1.0.0	M	Lists the NFServiceVersion. Configuring multiple API versions is permissible, but at least one entry in the version list must have its apiVersionInUri set to "v1." This is because SCP currently utilizes "v1" for its self-generated requests towards NRF. .
nrfSrvConfiguration.serviceNames	string	nnrf-nfm nnrf-disc nnrf-oauth2	nnrf-nfm nnrf-disc nnrf-oauth2	M	This is the name of the service. The supported value is nnrf-nfm/nnrf- disc/nnrf-oauth2.
nrfSrvConfiguration.isInterPlmnFqdn	boolean	true,false	false	O	Allows you to decide if SCP has to support inter-PLMn alternate routes or not.

Note:

Release 15 deployment model is not supported from SCP 23.4.0.

The following table describes various combinations of serviceIpFamilies and serviceIpFamilyPolicy for SCP microservices:

Table 3-2 serviceIpFamilies to serviceIpFamilyPolicy Mapping

serviceIpFamilies	serviceIpFamilyPolicy
	SingleStack	PreferDualStack	RequireDualStack
IPv4	Y	Y (*)	Y (*)
IPv6	Y	Y (**)	Y (**)
IPv4, IPv6	N	Y	Y
IPv6, IPv4	N	Y	Y

• * indicates that services will also be assigned IPv6 addresses if the deployment environment has both IPv4 and IPv6 addresses. In this case, IpFamilies are exposed in the following order:
  • IPv4
  • IPv6
• ** indicates that services will also be assigned IPv4 addresses if the deployment environment has both IPv4 and IPv6 addresses. In this case, IpFamilies are exposed in the following order:
  • IPv6
  • IPv4

3.1.2 SCPC-Configuration Parameters

The following table lists the SCPC-Configuration parameters.

Table 3-3 SCPC-Configuration Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scpc-configuration.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator	scpc-configuration	M	Indicates Image Tag to be used for configuration container
scpc-configuration.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters	SCP Images	M	Indicates the Tag name of SCP configuration image.
scpc-configuration.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scpc-configuration.resources.requests.memory	integer	NA	2Gi	M	Indicates the requested memory (RAM) for configuration microservice in Giga Bytes.
scpc-configuration.resources.requests.cpu	integer	NA	2	M	Indicates the maximum allocated vCPU for configuration microservice.
scpc-configuration.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-configuration.resources.limits.memory	integer	NA	2Gi	M	Indicates the maximum limit of memory for configuration microservice.
scpc-configuration.resources.limits.cpu	integer	NA	2	M	Indicates the maximum limit of CPU for configuration microservice.
scpc-configuration.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-configuration.log.level	string		*configLogLevelRef	O	Enables the required level of logging for the service. Note: Do not modify this reference variable.
scpc-configuration.defaultTopologySource	string	(NRF,LOCAL)	NRF	O	Sets Topology Source globally for all NFs .
scpc-configuration.initializationFailTimeout	integer	NA	160000	O	initializationFailTimeout in ms - Maximum lifetime in milliseconds of a connection in the pool after it is closed.
scpc-configuration.idleTimeout	integer	NA	10000	O	idleTimeout in ms - Maximum idle time for connection.
scpc-configuration.minimumIdle	integer	NA	1	O	Indicates the minimum number of idle connections maintained by HikariCP in a connection pool.
scpc-configuration.connectionTimeout	integer	NA	20000	O	connectionTimeout in ms - Maximum number of milliseconds that a client waits for a connection
scpc-configuration.maxPoolSize	integer	NA	10	O	Indicates the maximum pool size Hikari CP can create.
scpc-configuration.maxLifetime	integer	NA	240	O	Indicates the maximum lifetime in ms of a connection in the pool after it is closed.
scpc-configuration.service.type	string	ClusterIP, LoadBalancer, NodePort,ExternalName	LoadBalancer	O	When this value is enabled, it overrides the default derivation of service type. Note: If Oracle Communications Cloud Native Configuration Console (CNC Console) is used, it is recommended to use ClusterIP.
scpc-configuration.service.publicConfigIPSpecified	boolean	true or false	false	O	Option to enable or disable Loadbalancer IP configuration statically for the OAM interface.
scpc-configuration.service.publicConfigIP	<IPv4 Address>	Valid IPV4 address as per RFC 791	NA	C	Option to configure static Loadbalancer IP. Configured value is used only if oamloadbalanceripenabled is configured as true.
scpc-configuration.service.staticnodeportenabled	boolean	true or false	false	O	Option to enable or disable configuring static Node Port for the OAM interface.
scpc-configuration.service.nodeport	integer	30000 to 32767	31612	C	Option to configure static Node Port for OAM interface. Configured value will be used only if staticnodeportenabled is configured as true.
scpc-configuration.service.configServiceNetworkNameEnabled	boolean	true or false	false	O	Option to enable or disable metalLB IP allocation dynamically from the pool for the OAM interface.
scpc-configuration.service.configServiceNetworkName	string	NA	metallb.universe.tf/address-pool: oam	C	Indicates the metalLB network name.
scpc-configuration.service.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-configuration.service.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-configuration.service.ipFamilyPolicy	*configIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpcConfiguration service. This value depends on the value of global.serviceIpFamilyPolicy.scpcConfiguration.
scpc-configuration.service.ipFamilies	*configIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpcConfiguration service. This value depends on the value of global.serviceIpFamilies.scpcConfiguration.
scpc-configuration.deployment.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-configuration.deployment.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-configuration.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Configuration service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Configuration service pods.
scpc-configuration.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scpc-configuration	O	Value of the node label.
scpc-configuration.istioSidecarQuitUrl	string		*sidecarQuitUrl	C	Defines the URL for quitting service mesh sidecar. This URL is used to hook job when hook is completed and quits the sidecar. Applicable only in serviceMeshEnabled is set to true. Note: Do not modify this reference variable.
scpc-configuration.istioSidecarReadyUrl	string		*sidecarReadyUrl	C	Define the URL for checking service mesh sidecar status and start the application when the status is ready. Applicable only in serviceMeshEnabled is set to true. Note: Do not modify this reference variable.

3.1.3 SCPC-Subscription Parameters

The following table lists the SCPC-Subscription parameters.

Table 3-4 SCPC-Subscription Parameters

Parameter Name	Data Type	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scpc-subscription.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator	ocscp-subscription	M	NA
scpc-subscription.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters	SCP Images	M	Indicates Image Tag to be used for the Configuration container.
scpc-subscription.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scpc-subscription.resources.requests.memory	integer	NA	2Gi	M	Indicates the requested memory (RAM) for configuration microservice in Giga Bytes.
scpc-subscription.resources.requests.cpu	integer	NA	2	M	Indicates the maximum allocated vCPU for configuration microservice.
scpc-subscription.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-subscription.resources.limits.memory	integer	NA	2Gi	M	Indicates the maximum limit of memory for configuration microservice.
scpc-subscription.resources.limits.cpu	integer	NA	2	M	Indicates the maximum limit of CPU for configuration microservice.
scpc-subscription.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-subscription.guardTime	integer	Min: 5 Max: 180 (in seconds)	10	O	Configures guardTime in seconds. This is the advance time before validityTimerExpiry at which subscription is initiated.
scpc-subscription.subscriptionValidityPeriod	integer	Min: 1 Max: 168 (in hours)	168	O	Parameter used to set the period after which a subscription gets expired. NRF may or may not accept honor this. Defaulted to 7 days, that is, 168 hours.
scpc-subscription.log.level	string		*subsLogLevelRef	O	Enables the required level of logging for the service. Note: Do not modify this reference variable.
scpToRegisterWithNrfRegionOrSetIds	string	Valid Regions or SetIds to be registered with or empty for no registration	[]	M	Sets scpToRegisterWithNrfRegions with regions to register the high priority NRFs in specified regions. Example: scpToRegisterWithNrfRegionOrSetIds: ["reg1,reg2"]. Or, it can be set in the following format: Example: scpToRegisterWithNrfRegionOrSetIds: - reg1 - reg2
scpc-subscription.initializationFailTimeout	integer	NA	160000	O	initializationFailTimeout in ms - Maximum lifetime in milliseconds of a connection in the pool after it is closed.
scpc-subscription.idleTimeout	integer	NA	10000	O	idleTimeout in ms - Maximum idle time for connection.
scpc-subscription.minimumIdle	integer	NA	1	O	Indicates the minimum number of idle connections maintained by HikariCP in a connection pool.
scpc-subscription.connectionTimeout	integer	NA	20000	O	connectionTimeout in ms - Maximum number of milliseconds that a client will wait for a connection.
scpc-subscription.maxPoolSize	integer	NA	10	O	Indicates the maximum pool size Hikari CP can create.
scpc-subscription.maxLifetime	integer	NA	240	O	Indicates the maximum lifetime in ms of a connection in the pool after it is closed.
scpc-subscription.service.type	string	ClusterIP, LoadBalancer, NodePort	ClusterIP	O	When this value is enabled, it overrides the default derivation of Service Type.
scpc-subscription.service.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-subscription.service.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-subscription.service.ipFamilyPolicy	*subsIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpcSubscription service. This value depends on the value of global.serviceIpFamilyPolicy.scpcSubscription.
scpc-subscription.service.ipFamilies	*subsIpFamilyPolicy	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpcSubscription service. This value depends on the value of global.serviceIpFamilyPolicy.scpcSubscription.
scpc-subscription.deployment.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-subscription.deployment.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-subscription.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Subscription service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Subscription service pods.
scpc-subscription.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scpc-subscription	O	Value of the node label.
scpc-subscription.istioSidecarQuitUrl	string		*sidecarQuitUrl	C	Defines the URL to use for quitting service mesh sidecar. This URL will be used to hook job once hook is successfully completed and quits the sidecar. Only applicable in serviceMeshEnabled is set to "true" Note: Do not modify this reference variable.
scpc-subscription.istioSidecarReadyUrl	string		*sidecarReadyUrl	C	Defines the URL to use for checking service mesh sidecar status and starts application once status is ready. Only applicable in serviceMeshEnabled is set to "true" Note: Do not modify this reference variable.

3.1.4 SCPC-Notification Parameters

The following table lists the SCPC-Notification parameters.

Table 3-5 SCPC-Notification Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scpc-notification.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocscp-notification	M	Indicates the Image name of SCP notification.
scpc-notification.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image Tag to be used for Configuration container.
scpc-notification.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scpc-notification.resources.requests.memory	integer	NA	4Gi	M	Indicates the requested memory (RAM) for configuration microservice in Giga Bytes.
scpc-notification.resources.requests.cpu	integer	NA	4	M	Indicates the maximum allocated vCPU for configuration microservice.
scpc-notification.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-notification.resources.limits.memory	integer	NA	4Gi	M	Indicates the maximum limit of memory for configuration microservice.
scpc-notification.resources.limits.cpu	integer	NA	4	M	Indicates the maximum limit of CPU for configuration microservice.
scpc-notification.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-notification.log.level	string		*notifLogLevelRef	O	Enables the required level of logging for the service. Note: Do not modify this reference variable.
scpc-notification.defaultLocalityToScp	boolean	true/false	true	O	If set to true, registration notification for NF coming to SCP with no locality present gets considered in SCP's locality and that NF gets treated as within serving locality.
scpc-notification.initializationFailTimeout	integer	NA	160000	O	initializationFailTimeout in ms - Maximum lifetime in milliseconds of a connection in the pool after it is closed.
scpc-notification.idleTimeout	integer	NA	10000	O	idleTimeout in ms - Maximum idle time for connection.
scpc-notification.minimumIdle	integer	NA	1	O	Indicates the minimum number of idle connections maintained by HikariCP in a connection pool.
scpc-notification.connectionTimeout	integer	NA	20000	O	connectionTimeout in ms - Maximum number of milliseconds that a client will wait for a connection.
scpc-notification.maxPoolSize	integer	NA	10	O	Indicates the maximum pool size Hikari CP can create.
scpc-notification.maxLifetime	integer	NA	240	O	Indicates the maximum lifetime in ms of a connection in the pool after it is closed.
scpc-notification.mergeNFServices.status	boolean	true/false	false	M	Option to enable and disable merge NFServices within an NF Profile.
scpc-notification.mergeNFServices.supportedNFServices	List of strings. (example in description)	Valid 5G NF Services as per 3GPP TS 29.510. []i.e. Blank, which means consider all supported NF Services. If not provided, all supported NF Services are considered.	nudm-uecm, nudm-sdm	C	List of NFService's for which merge nf services within an NF Profile is triggered. Format Example: supportedNFServices: - nudm-uecm - nudm-sdm Note: This list is considered only if above status flag is enabled.
scpc-notification.service.type	string	ClusterIP, LoadBalancer, NodePort .	ClusterIP	O	When this value is enabled, it overrides the default derivation of Service Type.
scpc-notification.service.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	Kubernetes label object syntax.	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-notification.service.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	Kubernetes annotations object syntax.	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-notification.service.ipFamilyPolicy	*notifIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpcNotification service. This value depends on the value of global.serviceIpFamilyPolicy.scpcNotification.
scpc-notification.service.ipFamilies	*notifIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpcNotification service. This value depends on the value of global.serviceIpFamilies.scpcNotification.
scpc-notification.deployment.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	Kubernetes label object syntax.	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-notification.deployment.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	Kubernetes annotations object syntax.	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-notification.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Notification service pods nodeKey: Key of the node label.	ocscp	O	Enables node selector for Notification service pods.
scpc-notification.nodeSelector.nodeValue	string	nodeValue: Value of the node label.	scpc-notification	O	Indicates the value of the node label.
scpc-notification.istioSidecarReadyUrl	string		*sidecarReadyUrl	C	Defines the URL to use for checking service mesh sidecar status and starts application once status is ready. Applicable only in serviceMeshEnabled is set to "true". Note: Do not modify this reference variable.

3.1.5 SCPC-Audit Parameters

The following table lists the SCPC-Audit parameters.

Table 3-6 SCPC-Audit Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scpc-audit.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocscp-audit	M	Indicates the Image name of the SCP audit.
scpc-audit.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image Tag to be used for Configuration container.
scpc-audit.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scpc-audit.resources.requests.memory	integer	NA	4Gi	M	Indicates the requested memory (RAM) for configuration microservice in Giga Bytes.
scpc-audit.resources.requests.cpu	integer	NA	3	M	Indicates the maximum allocated vCPU for configuration microservice.
scpc-audit.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-audit.resources.limits.memory	integer	NA	4Gi	M	Indicates the maximum limit of memory for configuration microservice.
scpc-audit.resources.limits.cpu	integer	NA	3	M	Indicates the maximum limit of CPU for configuration microservice.
scpc-audit.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-audit.auditInterval	integer	Min: 1, Max: 2147483647	3600	M	Time interval in seconds that users want to configure.
scpc-audit.auditInitialRetryInterval	integer	Min: 1, Max: 2147483647	2	M	Retry interval in seconds for which audit keeps on retrying until successful response from NRF.
scpc-audit.alternateResolutionAuditInterval	integer	Min: 1, Max: 2147483647	300	M	Indicates the DNS SRV audit interval in seconds.
scpc-audit.log.level	string		*auditLogLevelRef	O	Enables desired level of logging for the service. Note: The value is the same as the serviceLogLevels.scpcAudit in the global section.
scpc-audit.initializationFailTimeout	integer	NA	160000	O	initializationFailTimeout in ms - Maximum lifetime in milliseconds of a connection in the pool after it is closed.
scpc-audit.idleTimeout	integer	NA	10000	O	idleTimeout in ms - Maximum idle time for connection.
scpc-audit.minimumIdle	integer	NA	1	O	Indicates the minimum number of idle connections maintained by HikariCP in a connection pool.
scpc-audit.connectionTimeout	integer	NA	20000	O	connectionTimeout in ms - Maximum number of milliseconds that a client will wait for a connection.
scpc-audit.maxPoolSize	integer	NA	10	O	Indicates the maximum pool size Hikari CP can create.
scpc-audit.maxLifetime	integer	NA	240	O	Indicates the maximum lifetime in ms of a connection in the pool after it is closed.
scpc-audit.service.type	string	ClusterIP, LoadBalancer, NodePort	ClusterIP	O	When this value is enabled, it overrides the default derivation of Service Type.
scpc-audit.service.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-audit.service.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type
scpc-audit.service.ipFamilyPolicy	*auditIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpcAudit service. This value depends on the value of global.serviceIpFamilyPolicy.scpcAudit.
scpc-audit.service.ipFamilies	*auditIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpcAudit service. This value depends on the value of global.serviceIpFamilies.scpcAudit.
scpc-audit.deployment.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-audit.deployment.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-audit.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Audit service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Audit service pods.
scpc-audit.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scpc-audit	O	Indicates the value of the node label.
scpc-audit.istioSidecarReadyUrl	string		*sidecarReadyUrl	C	Defines the URL that is used for checking service mesh sidecar status and start the application when the status is ready. Applicable only when serviceMeshEnabled is set to true. Note: Do not modify this reference variable.

3.1.6 SCPC-Alternate-Resolution Parameters

The following table lists the SCPC-Alternate-Resolution parameters.

Table 3-7 SCPC-Alternate-Resolution Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scpc-alternate-resolution.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocscp-alternate-resolution	M	Indicates the Image name of scpc-alternate-resolution.
scpc-alternate-resolution.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image tag of scpc-alternate-resolution.
scpc-alternate-resolution.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scpc-alternate-resolution.resources.requests.memory	integer	NA	2Gi	M	Indicates the requested memory (RAM) for scpc-alternate-resolution in Giga Bytes.
scpc-alternate-resolution.resources.requests.cpu	integer	NA	2	M	Indicates the maximum allocated vCPU for scpc-alternate-resolution.
scpc-alternate-resolution.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-alternate-resolution.resources.limits.memory	integer	NA	2Gi	M	Indicates the maximum limit of memory for scpc-alternate-resolution.
scpc-alternate-resolution.resources.limits.cpu	integer	NA	2	M	Indicates the maximum limit of CPU scpc-alternate-resolution.
scpc-alternate-resolution.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scpc-alternate-resolution.log.level	string		*alternateResolutionLogLevelRef	O	Enables desired level of logging for the service.
scpc-alternate-resolution.dnsSrvTTLAuditInterval	integer	Min: 1, Max: 2147483647	1000	M	Indicates the TTL based audit interval in milliseconds.
scpc-alternate-resolution.istioSidecarReadyUrl	string		*sidecarReadyUrl	C	Defines the URL that is used for checking service mesh sidecar status and start the application when the status is ready. Applicable only when serviceMeshEnabled is set to true. Note: Do not modify this reference variable.
scpc-alternate-resolution.initializationFailTimeout	integer	NA	160000	O	Indicates the maximum lifetime of a connection in the pool after it is closed. It is calculated in milliseconds.
scpc-alternate-resolution.idleTimeout	integer	NA	10000	O	Indicates the maximum idle time for a connection in milliseconds.
scpc-alternate-resolution.minimumIdle	integer	NA	1	O	Indicates the minimum number of idle connections maintained by HikariCP in a connection pool.
scpc-alternate-resolution.connectionTimeout	integer	NA	20000	O	Indicates the maximum number of milliseconds that a client can wait for a connection.
scpc-alternate-resolution.maxPoolSize	integer	NA	10	O	Indicates the maximum pool size HikariCP can create.
scpc-alternate-resolution.maxLifetime	integer	NA	240	O	Indicates the maximum lifetime of a connection in the pool after it is closed. It is calculated in milliseconds.
scpc-alternate-resolution.service.type	string	ClusterIP, LoadBalancer, NodePort	ClusterIP	O	Indicates the default service type used is ClusterIP.
scpc-alternate-resolution.service.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-alternate-resolution.service.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-alternate-resolution.service.ipFamilyPolicy	*alternateResolutionIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpcAlternateResolution service. This value depends on the value of global.serviceIpFamilyPolicy.scpcAlternateResolution.
scpc-alternate-resolution.service.ipFamilies	*alternateResolutionIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpcAlternateResolution service. This value depends on the value of global.serviceIpFamilies.scpcAlternateResolution.
scpc-alternate-resolution.deployment.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scpc-alternate-resolution.deployment.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scpc-alternate-resolution.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to scpc-alternate-service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for scpc-alternate-service pods.
scpc-alternate-resolution.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scpc-alternate-service	O	Value of the node label.

3.1.7 SCP-Worker Parameters

The following table lists the SCP-Worker parameters.

Table 3-8 SCP-Worker Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scp-worker.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocscp-worker	M	Indicates the Image name of SCP worker.
scp-worker.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image Tag to be used for SCP Worker container.
scp-worker.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scp-worker.resources.requests.memory	integer	8Gi or 12Gi	8Gi	M	Indicates the requested memory (RAM) for scp-worker and scp-worker (large profile) microservice in Giga Bytes. Note: For large profile, change the memory as described in Resource Requirements.
scp-worker.resources.requests.cpu	integer	4 or 8	4	M	Indicates the maximum allocated vCPU for scp-worker and scp-worker (large profile) microservice. Note: For large profile, change the memory as described in Resource Requirements.
scp-worker.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-worker.resources.limits.memory	integer	8Gi or 12Gi	8Gi	M	Indicates the maximum limit of memory for scp-worker and scp-worker (large profile) microservice. Note: For large profile, change the memory as described in Resource Requirements.
scp-worker.resources.limits.cpu	integer	4 or 8	4	M	Indicates the maximum limit of CPU for scp-worker and scp-worker (large profile) microservice. Note: For large profile, change the memory as described in Resource Requirements.
scp-worker.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-worker.tracingenable	*scpworkerTracingEnabled	Reference Variable		O	Option to enable and disable Jaeger tracing. Default Value is False. Note: Do not modify this reference variable.
scp-worker.enableTraceBody	*scpworkerJaegerBodyEnabled	Reference Variable		O	Option to enable and disable tracing for full body of all Request or Response messages. The configuration is added only if tracingenable is configured as true.
scp-worker.traceSampling	integer	0.001 to 1	0.001	O	Option to set the sampling rate for Jaeger traces, that is, 0.01 means 1% of traffic passing through scp-worker will get traced.
scp-worker.log.level	string		*workerLogLevelRef	O	Enables the required level of logging for the service. Note: Do not modify this reference variable.
scp-worker.service.ipFamilyPolicy	*workerIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpWorker service. This value depends on the value of global.serviceIpFamilyPolicy.scpWorker.
scp-worker.service.ipFamilies	*workerIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpWorker service. This value depends on the value of global.serviceIpFamilies.scpWorker.
scp-worker.deployment.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scp-worker.deployment.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type. Note: Following is the mandatory annotations if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "true" If SCP is integrated with OSO 1.6 (with ASM), use the following annotations: traffic.sidecar.istio.io/excludeInboundPorts: "8001"
scp-worker.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Worker service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Worker service pods.
scp-worker.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scp-worker	O	Indicates the value of the node label.
scp-worker.prometheus.scrape	boolean	true/false	true	O	Option to enable or disable Prometheus metrics scraping.
scp-worker.minreplicas	integer	NA	2	M	Indicates the minimum replica count of scp-worker microservice.
scp-worker.maxreplicas	integer	Min: 2 Max: 32	32	M	Indicates the maximum replica count of scp-worker microservice.
scp-worker.maxPdbUnavailable	integer	NA	25%	M	Defines maximum unavailable value for Kubernetes pod disruption budget.
scp-worker.downstream.idleTimeout	integer	NA	600 (in seconds)	O	The idle timeout is defined as the period in which there are no active requests. When the idle timeout is reached the connection is closed. For more information, see the scenarios or recommendations mentioned in systemOptions under scpSoothsayerConfig. Note: The request based timeouts mean that HTTP/2 PINGs will not keep the connection alive.
scp-worker.downstream.tcpKeepalive.probes	integer	Min: 1 min Max: 16 minutes	9 min	tcpKeepalive- O tcpKeepalive.probes- M. if tcpKeepalive is set.	Sets the tcpKeepalive parameter to enable TCP Keepalives. tcpKeepalive.probes - Maximum number of keepalive probes to send without response before deciding the connection is dead.
scp-worker.downstream.tcpKeepalive.time	integer	Min: 1 Max: 7200 (in seconds)	180 (in seconds)	M. if tcpKeepalive is set.	The time duration that a connection must be idle before keep-alive probes start is sent.
scp-worker.downstream.tcpKeepalive.interval	integer	Min: 1 Max: 120 (in seconds)	1 second	M. if tcpKeepalive is set.	The time duration between keep-alive probes.
scp-worker.istioSidecarReadyUrl	string		*sidecarReadyUrl	C	Defines the URL that is used for checking service mesh sidecar status and start the application once status is ready. Only applicable when serviceMeshEnabled is set to true. Note: Do not modify this reference variable.
scp-worker.maxUpstreamConnectionPerDestination	integer	1 to 4	4	O	The maximum number of upstream connections per destination per worker pod.
scp-worker.isStartupProbeEnabled	boolean	true or false	true	O	Enables or disables startup probe. Note: To deploy SCP on CNE 1.8.4 and prior or on Kubernetes versions prior to 1.20.10. This parameter must be manually added in the scp-worker section of the custom-values.yaml file and set to false. In addition, add the following parameters: readinessProbe initialDelaySeconds: 5 livenessProbe: initialDelaySeconds: 180 Example: scp-worker: isStartupProbeEnabled: false readinessProbe: initialDelaySeconds: 5 livenessProbe: initialDelaySeconds: 180
scp-worker.scpAuthorityMetricLabelDisabled	boolean	true or false	true	M	This parameter disables the scpAuthority dimension for worker metrics, if the scpAuthorityMetricLabelDisabled is set to true.
scp-worker.scpNFAndSvcInstanceIdMetricLabelDisabled	boolean	true or false	false	M	This parameter disables the scpNFInstanceId and scpServiceInstanceId dimension for worker metrics, if the scpNFAndSvcInstanceIdMetricLabelDisabled is set to true.
scp-worker.tracer.host	fqdn	Labels can be letter a-z, number 0-9, hyphen (-). Hyphen cannot be first character. Label combined with dot (.) forms domain	NA	M	Configures trace collector FQDN such as Jaeger, APM agent, and so on. Note: Trace collector with OpenTelemetry port support should be configured, for example, jaeger-collector.
scp-worker.tracer.port	integer	Min: 0 Max: 65535	NA	M	Configures trace collector port such as Jaeger, APM agent, and so on. Note: Trace collector port with OpenTelemetry ports should be configured, for example, jaeger-collector ports 4317 or 4318.

3.1.8 SCP-Cache Parameters

The following table lists the SCP-Cache Parameters.

Note:

The minimum and maximum vCPU values of SCP-Cache can be set to 2 vCPUs if the rate limiting feature is not required. If the rate limiting feature is required, SCP-Cache vCPU must be updated from 2 to 8 vCPUs.

Table 3-9 SCP-Cache Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scp-cache.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocscp-cache	M	Indicates the Image name of ocscp-cache.
scp-cache.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image tag of ocscp-cache.
scp-cache.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scp-cache.resources.requests.memory	integer	NA	8Gi	M	Indicates the requested memory (RAM) for ocscp-cache in Giga Bytes.
scp-cache.resources.requests.cpu	integer	NA	8	M	Indicates the maximum allocated vCPU for ocscp-cache.
scp-cache.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-cache.resources.limits.memory	integer	NA	2Gi	M	Indicates the maximum limit of memory for ocscp-cache.
scp-cache.resources.limits.cpu	integer	NA	8	M	Indicates the maximum limit of CPU ocscp-cache.
scp-cache.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-cache.log.level	string		*cacheLogLevelRef	O	Enables desired level of logging for the service.
scp-cache.extraContainers	string	DISABLED, ENABLED, USE_GLOBAL_VALUE	USE_GLOBAL_VALUE	M	Spawns debug container along with application container in the pod. This debug container is used for debugging purposes. For more information about the debug tool, see Oracle Communications Cloud Native Core, Service Communication Proxy Troubleshooting Guide.
scp-cache.minreplicas	integer	NA	3	M	Indicates the minimum replica count of the ocscp-cache microservice.
scp-cache.maxreplicas	integer	NA	3	M	Indicates the maximum replica count of the ocscp-cache microservice.
scp-cache.maxPdbUnavailable	integer	NA	1	M	Defines maximum unavailable value for Kubernetes pod disruption budget.
scp-cache.istioSidecarQuitUrl	string	NA	*sidecarQuitUrl	M	Defines the URL that is used for quitting service mesh sidecar. This URL is used to quit the istio sidecar after the completion of hook job. The reference variable &sidecarQuitUrl should not be changed, however, the value "http://127.0.0.1:15000/quitquitquit" can be changed. It is applicable only when serviceMeshEnabled is set to true.
scp-cache.istioSidecarReadyUrl	string	NA	*sidecarReadyUrl	C	Defines the URL that is used for checking service mesh sidecar status and start the application once status is ready. It is applicable when serviceMeshEnabled is set to true. Note: Do not modify this reference variable.
scp-cache.service.type	string	ClusterIP, LoadBalancer, NodePort	LoadBalancer	O	When this value is enabled, it overrides the default derivation of service type.
scp-cache.service.publicCacheSvcFedIPSpecified	boolean	true or false	false	O	Enables or disables Loadbalancer IP configuration statically for a Signaling interface.
scp-cache.service.publicCacheSvcFedIP	ip address	IP Address format	10.75.212.88	O	Configures static Signaling Loadbalancer IP. The configured value is used only if publicCacheSvcFedIPSpecified is set to true.
scp-cache.service.cacheServiceNetworkNameEnabled	boolean	true or false	false	O	Enables or disables metalLB IP allocation dynamically from the pool for Signaling interface.
scp-cache.service.cacheServiceNetworkName	string	alpha-numeric	"metallb.universe.tf/address-pool: signaling"	O	Annotation to notify metalLB to allocate an IP for Signaling interface for scp-cache service. The annotation is added only if cacheServiceNetworkNameEnabled is set to true.
scp-cache.service.port.cohFederationPort	integer	Min-1024, Max-65535	30001	M	Indicates the container or service Port where the Federation service is hosted.
scp-cache.service.port.staticNodePortEnabled	boolean	true or false	false	O	Enables or disables configuration of static Node Port for Signaling interface.
scp-cache.service.port.nodePort	integer	As per the Kubernetes cluster, by default it ranges from 30000 to 32767	30001	O	Configures static Node Port for Signaling interfaces. The configured value is used only if staticNodePortEnabled is set to true.
scp-cache.service.port.coherenceMgmtSvcPort	integer	Min-1024, Max-65535	9000	M	The service port to access the coherence cluster status using the rest based URI.
scp-cache.service.port.coherenceMsgPort1	integer	Min- 1024, Max-65535	8095	M	The coherence communication port start range.
scp-cache.service.port.coherenceMsgPort2	integer	Min- 1024, Max-65535	8096	M	The coherence communication port end range.
scp-cache.service.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to the "Service" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-cache.service.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to the "Service" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>
scp-cache.service.ipFamilyPolicy	*cacheIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpCache service. This value depends on the value of global.serviceIpFamilyPolicy.scpCache.
scp-cache.service.ipFamilies	*cacheIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpCache service. This value depends on the value of global.serviceIpFamilies.scpCache.
scp-cache.deployment.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to "Service" Resource Type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-cache.deployment.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to "Service" Resource Type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> Note: The following annotations is mandatory if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "true" If SCP is integrated with OSO 1.6 (with ASM), use the following annotations: traffic.sidecar.istio.io/excludeInboundPorts: "8001"
scpc-cache.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Cache service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Cache service pods.
scpc-cache.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scpc-cache	O	Value of the node label.

3.1.9 SCP-nrfProxy Parameters

The following table lists the SCP-nrfProxy parameters.

Table 3-10 SCP-nrfproxy Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scp-nrfproxy.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocscp-nrfproxy	M	Indicates the Image name of ocscp-nrfproxy.
scp-nrfproxy.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image tag of ocscp-nrfproxy.
scp-nrfproxy.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scp-nrfproxy.resources.requests.memory	integer	NA	8Gi	M	Indicates the requested memory (RAM) for ocscp-nrfproxy in Giga Bytes.
scp-nrfproxy.resources.requests.cpu	integer	NA	8	M	Indicates the maximum allocated vCPU for ocscp-nrfproxy.
scp-nrfproxy.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-nrfproxy.resources.limits.memory	integer	NA	2Gi	M	Indicates the maximum limit of memory for ocscp-nrfproxy.
scp-nrfproxy.resources.limits.cpu	integer	NA	8	M	Indicates the maximum limit of CPU ocscp-nrfproxy.
scp-nrfproxy.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-nrfproxy.log.level	string	NA	*nrfproxyLogLevelRef	O	Enables desired level of logging for the service.
scp-nrfproxy.extraContainers	string	DISABLED, ENABLED, USE_GLOBAL_VALUE	USE_GLOBAL_VALUE	M	Spawns debug container along with application container in the pod. This debug container is used for debugging purposes. For more information about the debug tool, see Oracle Communications Cloud Native Core, Service Communication Proxy Troubleshooting Guide.
scp-nrfproxy.minreplicas	integer	NA	1	M	Indicates the minimum replica count of the ocscp-nrfproxy microservice.
scp-nrfproxy.maxreplicas	integer	NA	1	M	Indicates the maximum replica count of the ocscp-nrfproxy microservice.
scp-nrfproxy.downstream.idleTimeout	integer	NA	600 seconds	M	The idle timeout is defined as the period in which there are no active requests. When the idle timeout is reached, the connection is closed. For more information, see the scenarios or recommendations mentioned in systemOptions under scpSoothsayerConfig. Note: The request based timeouts mean that HTTP/2 PINGs will not keep the connection alive.
scp-nrfproxy.downstream.tcpKeepalive.probes	integer	Min: 1 min Max: 16 minutes	9 minutes	tcpKeepalive- O tcpKeepalive.probes- M. if tcpKeepalive is set.	Sets the tcpKeepalive parameter to enable TCP Keepalives. tcpKeepalive.probes - Maximum number of keepalive probes to send without response before deciding the connection is dead.
scp-nrfproxy.downstream.tcpKeepalive.time	integer	Min: 1 Max: 7200 (in seconds)	180 seconds	M. if tcpKeepalive is set.	The time duration that a connection must be idle before keep-alive probes start is sent.
scp-nrfproxy.downstream.tcpKeepalive.interval	integer	Min: 1 Max: 120 (in seconds)	1 second	M. if tcpKeepalive is set.	The time duration between keep-alive probes.
scp-nrfproxy.maxPdbUnavailable	integer	NA	25%	M	Defines maximum unavailable value for Kubernetes pod disruption budget.
scp-nrfproxy.istioSidecarQuitUrl	string	NA	*sidecarQuitUrl	M	Defines the URL that is used for quitting service mesh sidecar. This URL is used to quit the istio sidecar after the completion of hook job. The reference variable &sidecarQuitUrl should not be changed, however, the value "http://127.0.0.1:15000/quitquitquit" can be changed. It is applicable only when serviceMeshEnabled is set to true.
scp-nrfproxy.istioSidecarReadyUrl	string	NA	*sidecarReadyUrl	C	Defines the URL that is used for checking service mesh sidecar status and start the application once status is ready. It is applicable when serviceMeshEnabled is set to true. Note: Do not modify this reference variable.
scp-nrfproxy.service.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to the "Service" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-nrfproxy.service.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to the "Service" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>
scp-nrfproxy.service.ipFamilyPolicy	*nrfproxyIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpNrfproxy service. This value depends on the value of global.serviceIpFamilyPolicy.scpNrfproxy.
scp-nrfproxy.service.ipFamilies	*nrfproxyIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpNrfproxy service. This value depends on the value of global.serviceIpFamilies.scpNrfproxy.
scp-nrfproxy.deployment.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to "Service" Resource Type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-nrfproxy.deployment.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to "Service" Resource Type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> Note: The following annotations is mandatory if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "true" If SCP is integrated with OSO 1.6 (with ASM), use the following annotations: traffic.sidecar.istio.io/excludeInboundPorts: "8001"
scpc-nrfproxy.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Nrfproxy service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Nrfproxy service pods.
scpc-nrfproxy.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scpc-nrfproxy	O	Value of the node label.

3.1.10 SCP-Mediation Parameters

The following table lists the SCP-Mediation parameters.

Table 3-11 SCP-Mediation Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scp-mediation.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocmed-nfmediation	M	Indicates the Image name of scp-mediation.
scp-mediation.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image tag of scp-mediation.
scp-mediation.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scp-mediation.resources.requests.memory	integer	NA	4Gi	M	Indicates the requested memory (RAM) for scp-mediation in Giga Bytes.
scp-mediation.resources.requests.cpu	integer	NA	4	M	Indicates the maximum allocated vCPU for scp-mediation.
scp-mediation.resources.requests.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-mediation.resources.limits.memory	integer	NA	4Gi	M	Indicates the maximum limit of memory for scp-mediation.
scp-mediation.resources.limits.cpu	integer	NA	4	M	Indicates the maximum limit of CPU scp-mediation.
scp-mediation.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-mediation.log.level	string	NA	*mediationLogLevelRef	O	Enables desired level of logging for the service.
scp-mediation.upgradeStrategy	string	NA	rollingUpgrade	O	Specifies the strategy used during upgrade process. The only supported upgradeStrategy is rollingUpgrade.
scp-mediation.extraContainers	string	DISABLED, ENABLED, USE_GLOBAL_VALUE	USE_GLOBAL_VALUE	M	Spawns debug container along with application container in the pod. This debug container is used for debugging purposes. For more information about the debug tool, see Oracle Communications Cloud Native Core, Service Communication Proxy Troubleshooting Guide.
scp-mediation.minreplicas	integer	NA	1	M	Indicates the minimum replica count of the scp-mediation microservice.
scp-mediation.maxreplicas	integer	NA	1	M	Indicates the maximum replica count of the scp-mediation microservice.
scp-mediation.jaegerTracingEnabled	boolean	true or false	false	O	Enables Jaeger traces for mediation.
scp-mediation.bodyInTraceEnabled	boolean	true or false	true	O	Enables body traces for mediation.
scp-mediation.otel.jaeger.udpSender.host	string	NA	"jaeger-agent.occne-infra"	O	Indicates the host details of the Jaeger server.
scp-mediation.otel.jaeger.udpSender.port	integer	0 - 65535	6831	O	Indicates the port details of the Jaeger server.
scp-mediation.otel.jaeger.logSpans	boolean	true or false	false	O	Enables Jaeger log spans.
scp-mediation.otel.jaeger.probabilisticSamplingRate	string	0-1	0.001	O	Indicates the sampling rate for Jaeger
scp-mediation.service.active.forwardToTest	boolean	true or false	false	O	Enables mediation test mode and forward requests to test the deployment.
scp-mediation.service.type	string	ClusterIP, LoadBalancer, NodePort	ClusterIP	O	Indicates the default service type used is ClusterIP.
scp-mediation.service.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scp-mediation.service.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scp-mediation.service.ipFamilyPolicy	*mediationTestIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpMediation service. This value depends on the value of global.serviceIpFamilyPolicy.scpMediation.
scp-mediation.service.ipFamilies	*mediationTestIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpMediation service. This value depends on the value of global.serviceIpFamilies.scpMediation.
scp-mediation.deployment.customExtension.labels	<string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>	K8s label object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific labels applicable to "Service" Resource Type.
scp-mediation.deployment.customExtension.annotations	<string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>	K8s annotations object syntax	customExtension: labels: {} annotations: {}	O	Optional field to configure service specific annotations applicable to "Service" Resource Type.
scp-mediation.mediationConfig.serviceUrl	string	NA	mediationConfig: serviceUrl:<service>:<servicePort>/<baseUrl>	M	Indicates the setup URL to be used by the mediation service to connect to the mediation config. Note: <baseUrl> must match the mediationConfig.baseUrl property from the service application properties.
scpc-mediation.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Mediation service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Mediation service pods.
scpc-mediation.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scpc-mediation	O	Value of the node label.
nfName	string	NA	OSCP	M	This parameter is appended to the ProblemDetails implementation to specify the source NF name. This parameter must be configured during the SCP deployment.
nfFqdn	string	NA	ocscp-scp-worker.scpsvc.svc.cluster.local	M	This parameter is appended to the ProblemDetails implementation to specify the source NF FQDN as SCP's FQDN. This parameter must be configured during the SCP deployment.
partOf	string	NA	Release.Name	O	Indicates the value for the network-policy rule pertaining to mediation traffic.

3.1.11 SCP-Load-Manager Parameters

The following table lists the SCP-Load-Manager Parameters.

Note:

The minimum and maximum vCPU of SCP-Load-Manager can be set to 4 vCPUs if the number of supported NFs is less than 150. If the number of NFs is more than 150, use the default value, 8 vCPUs.

Table 3-12 SCP-Load-Manager Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scp-load-manager.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	ocscp-load-manager	M	Indicates the Image name of ocscp-load-manager.
scp-load-manager.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	SCP Images	M	Indicates the Image tag of ocscp-load-manager.
scp-load-manager.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	M	Indicates if the image has to be pulled.
scp-load-manager.resources.requests.memory	integer	NA	8Gi	M	Indicates the requested memory (RAM) for ocscp-load-manager in Giga Bytes.
scp-load-manager.resources.requests.cpu	integer	NA	8	M	Indicates the maximum allocated vCPU for ocscp-load-manager.
scp-load-manager.resources.requests.ephemeral-storage		NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-load-manager.resources.limits.memory	integer	NA	8Gi	M	Indicates the maximum limit of memory for ocscp-load-manager.
scp-load-manager.resources.limits.cpu	integer	NA	8	M	Indicates the maximum limit of CPU ocscp-load-manager.
scp-load-manager.resources.limits.ephemeral-storage	integer	NA	1Gi	O	Indicates the maximum limit of the ephemeral storage that can be allocated. Note: Commenting this parameter does not enable it.
scp-load-manager.log.level	string		WARN	O	Enables desired level of logging for the service.
scp-load-manager.extraContainers	string	DISABLED, ENABLED, USE_GLOBAL_VALUE	USE_GLOBAL_VALUE	M	Spawns debug container along with application container in the pod. This debug container is used for debugging purposes. For more information about the debug tool, see Oracle Communications Cloud Native Core, Service Communication Proxy Troubleshooting Guide.
scp-load-manager.minreplicas	integer	NA	2	M	Indicates the minimum replica count of the ocscp-load-manager microservice.
scp-load-manager.maxreplicas	integer	NA	3	M	Indicates the maximum replica count of the ocscp-load-manager microservice.
scp-load-manager.maxPdbUnavailable	integer	NA	1	M	Defines maximum unavailable value for Kubernetes pod disruption budget.
scp-load-manager.istioSidecarQuitUrl	string	NA	*sidecarQuitUrl	M	Defines the URL that is used for quitting service mesh sidecar. This URL is used to quit the istio sidecar after the completion of hook job. The reference variable &sidecarQuitUrl should not be changed, however, the value "http://127.0.0.1:15000/quitquitquit" can be changed. It is applicable only when serviceMeshEnabled is set to true.
scp-load-manager.istioSidecarReadyUrl	string	NA	*sidecarReadyUrl	C	Defines the URL that is used for checking service mesh sidecar status and start the application once status is ready. It is applicable when serviceMeshEnabled is set to true. Note: Do not modify this reference variable.
scp-load-manager.service.type	string	ClusterIP, LoadBalancer, NodePort	LoadBalancer	O	When this value is enabled, it overrides the default derivation of service type.
scp-load-manager.service.port.coherenceMgmtSvcPort	integer	Min-1024, Max-65535	9000	M	The service port to access the coherence cluster status using the rest based URI.
scp-load-manager.service.port.coherenceMsgPort1	integer	Min- 1024, Max-65535	8095	M	The coherence communication port start range.
scp-load-manager.service.port.coherenceMsgPort2	integer	Min- 1024, Max-65535	8096	M	The coherence communication port end range.
scp-load-manager.service.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to the "Service" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-load-manager.service.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to the "Service" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>
scp-load-manager.service.ipFamilyPolicy	*loadManagerIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpcLoadManager service. This value depends on the value of global.serviceIpFamilyPolicy.scpcLoadManager.
scp-load-manager.service.ipFamilies	*loadManagerIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpcLoadManager service. This value depends on the value of global.serviceIpFamilyPolicy.scpcLoadManager.
scp-load-manager.deployment.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to "Service" Resource Type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-load-manager.deployment.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to "Service" Resource Type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> Note: The following annotations is mandatory if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "true" If SCP is integrated with OSO 1.6 (with ASM), use the following annotations: traffic.sidecar.istio.io/excludeInboundPorts: "8001"
scp-load-manager.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Load Manager service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Load Manager service pods.
scp-load-manager.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scp-load-manager	O	Value of the node label.

Note:

Coherence communication between scp-worker to or from scp-load-manager and between scp-load-manager instances is excluded from ASM.

3.1.12 SCP-nrfProxy-oauth Parameters

The following table lists the SCP-nrfProxy-oauth parameters.

Table 3-13 SCP-nrfProxy-oauth Parameters

Parameter Name	DataType	Range	Default Value	Mandatory(M)/Optional(O)/Conditional(C)	Description
scp-nrfproxy-oauth.imageDetails.image	string	image: Name components may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. A name component may not start or end with a separator.	NA	M	Indicates the Image name of scp-nrfproxy-oauth micro service.
scp-nrfproxy-oauth.imageDetails.tag	string	Tag: valid ASCII that may contain lowercase and uppercase letters, digits, underscores, periods, and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters.	NA	M	Indicates the Image tag of scp-nrfproxy-oauth micro service.
scp-nrfproxy-oauth.imageDetails.pullPolicy	string	Always, IfNotPresent, Never	Always	O	Indicates if the image has to be pulled. pullPolicy: Image Pull Policy made available from 1.7.0
scp-nrfproxy-oauth.memory	integer	NA	8Gi	M	Indicates the requested memory (RAM) for ocscp-nrfproxy-oauth in Giga Bytes.
scp-nrfproxy-oauth.cpu	integer	NA	8	M	Indicates the maximum allocated vCPU for ocscp-nrfproxy-oauth.
scp-nrfproxy-oauth.ephemeral-storage	integer	NA	70Mi	O	Indicates the minimum limit of the ephemeral storage that can be allocated.
scp-nrfproxy-oauth.log.level	string	NA	*nrfProxyOauthLogLevelRef	C	Enables desired level of logging for the service.
scp-nrfproxy-oauth.extraContainers	string	DISABLED, ENABLED, USE_GLOBAL_VALUE	USE_GLOBAL_VALUE	O	Spawns debug container along with application container in the pod. This debug container is used for debugging purposes. For more information about the debug tool, see Oracle Communications Cloud Native Core, Service Communication Proxy Troubleshooting Guide.
scp-nrfproxy-oauth.minreplicas	integer	NA	2	C	Indicates the minimum replica count of the ocscp-nrfproxy-oauth microservice.
scp-nrfproxy-oauth.maxreplicas	integer	NA	16	C	Indicates the maximum replica count of the ocscp-nrfproxy-oauth microservice.
scp-nrfproxy-oauth.maxPdbUnavailable	integer	NA	1	C	Defines maximum unavailable value for Kubernetes pod disruption budget.
scp-nrfproxy-oauth.istioSidecarQuitUrl	string	NA	*sidecarQuitUrl	O	Defines the URL that is used for quitting service mesh sidecar. This URL is used to quit the istio sidecar after the completion of hook job. The reference variable &sidecarQuitUrl should not be changed, however, the value "http://127.0.0.1:15000/quitquitquit" can be changed. It is applicable only when serviceMeshEnabled is set to true.
scp-nrfproxy-oauth.istioSidecarReadyUrl	string	NA	*sidecarReadyUrl	O	Defines the URL that is used for checking service mesh sidecar status and start the application once status is ready. It is applicable only when serviceMeshEnabled is set to true. Note: Do not modify this reference variable.
scp-nrfproxy-oauth.commonJCServiceMeshCheck	string	NA	*svcMeshEnabled	M	Indicates the system supports service mesh.
scp-nrfproxy-oauth.service.type	string	ClusterIP, LoadBalancer, NodePort	LoadBalancer	M	Indicates that when this value is enabled, it overrides the default derivation of the service type.
scp-nrfproxy-oauth.service.port.coherenceMgmtSvcPort	integer	Min-1024, Max-65535	9000	M	Indicates the service port to access the coherence cluster status using the rest-based URI.
scp-nrfproxy-oauth.service.port.coherenceMsgPort1	integer	Min-1024, Max-65535	8095	M	Indicates the coherence communication port start range.
scp-nrfproxy-oauth.service.port.coherenceMsgPort2	integer	Min-1024, Max-65535	8096	M	Indicates the coherence communication port end range.
scp-nrfproxy-oauth.service.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to the "Service" resource type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-nrfproxy-oauth.service.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to the "Service" resource type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value>
scp-nrfproxy-oauth.service.ipFamilyPolicy	*nrfProxyOauthIpFamilyPolicy	SingleStack, PreferDualStack, or RequireDualStack	NA	C	ipFamilyPolicy to be allocated to scpNrfProxyOauth service. This value depends on the value of global.serviceIpFamilyPolicy.scpNrfProxyOauth.
scp-nrfproxy-oauth.service.ipFamilies	*nrfProxyOauthIpFamilies	[IPv4], [IPv6], [IPv4,IPv6], [IPv6,IPv4]	NA	C	ipFamilies to be allocated to scpNrfProxyOauth service. This value depends on the value of global.serviceIpFamilyPolicy.scpNrfProxyOauth.
scp-nrfproxy-oauth.deployment.customExtension.labels	string	Kubernetes label object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific labels applicable to "Service" Resource Type. Format is: <string_label_1_key>: <string_label_1_value> <string_label_2_key>: <string_label_2_value>
scp-nrfproxy-oauth.deployment.customExtension.annotations	string	Kubernetes annotations object syntax	customExtension: labels: {} annotations: {}	O	An optional field to configure service specific annotations applicable to "Service" Resource Type. Format is: <string_annotation_1_key>: <string_annotation_1_value> <string_annotation_2_key>: <string_annotation_2_value> Note: The following annotations is mandatory if you are deploying SCP in Aspen Service Mesh: sidecar.istio.io/inject: "true" If SCP is integrated with OSO 1.6 (with ASM), use the following annotations: traffic.sidecar.istio.io/excludeInboundPorts: "8001"
scp-nrfproxy-oauth.nodeSelector.nodeKey	string	nodeSelector: Use this configuration to apply nodeSelector to Nrfproxy Oauth service pods nodeKey: Key of the node label	ocscp	O	Enables node selector for Nrfproxy Oauth service pods.
scp-nrfproxy-oauth.nodeSelector.nodeValue	string	nodeValue: Value of the node label	scp-nrfproxy-oauth	O	Value of the node label.

3.2 cnDBTier Customization Parameters

By default, the ocscp_dbtier_24.3.0_custom_values_24.3.0.yaml provided with the SCP installation is for a three-site georedundant deployment of cnDBteir.

cnDBTier can be supported in the following modes:

• Two-site cnDBTier georeplication mode: A DB backup from one of the sites can be used for fault recovery of SCP.
• Three-site georeplication mode: A DB backup from one of the sites can be used for fault recovery of SCP.
• One-site cnDBTier deployment mode: The georeplication is unavailable. User must continue taking DB backup periodically, preferably on a daily basis, so that the same can be used when fault recovery scenarios arise.

  Note:

  The cnDBTier georeplication at SCP is used for keeping DB backup so that it can be used in case of fault recovery.

The following table lists the customized cnDBTier parameters for SCP.

Note:

• For information about the values of the following parameters, see the ocscp_dbtier_24.3.0_custom_values_24.3.0.yaml file.
• Any change in the cnDBTier custom_values file introduced by the cnDBTier patch must be updated in the custom_values file provided by SCP before deployment.

Table 3-14 cnDBTier Customization Parameters for SCP

Parameter Name	Parameter Values	Added or Modified in Release
MaxNoOfOrderedIndexes	The following default values are recommended: 1024 for one-site and two-site deployments. 2048 for a three-site deployment.	23.3.0
MaxNoOfAttributes	The following default values are recommended: 5000 for one-site and two-site deployments. 8000 for a three-site deployment.	23.3.0
global.apiReplicaCount	The default value in the ocscp_dbtier_24.3.0_custom_values_24.3.0.yaml file to be updated as follows: A two-site replication requires minimum 2 SQL nodes. A three-site replication requires minimum 4 SQL nodes. The default value of this parameter is set to 4 for three-site replication. In case of no replication, the minimum number of sql nodes required is 0.	23.2.0
global.ndbappReplicaMaxCount	Default value to be used as in the file	23.2.0
global.ndbconfigurations.ndb.NoOfFragmentLogParts	Default value to be used as in the file	23.2.0
global.ndbconfigurations.ndb.MaxNoOfExecutionThreads	Default value to be used as in the file	23.2.0
global.additionalndbconfigurations.ndb.CompressedLCP	Default value to be used as in the file	23.2.0
additionalndbconfigurations.mysqld.ndb_batch_size	Default value to be used as in the file	23.2.0
global.additionalndbconfigurations.mysqld.ndb_blob_write_batch_bytes	Default value to be used as in the file	23.2.0
additionalndbconfigurations.mysqld.replica_skip_errors	Default value to be used as in the file	23.2.0
global.mgm.ndbdisksize	Default value to be used as in the file	23.2.0
global.ndb.ndbdisksize	Default value to be used as in the file	23.2.0
global.ndb.ndbbackupdisksize	Default value to be used as in the file	23.2.0
global.ndb.datamemory	Default value to be used as in the file	23.2.0
global.api.ndbdisksize	Default value to be used as in the file	23.2.0
global.ndbapp.ndbdisksize	Default value to be used as in the file	23.2.0
global.replicationskiperrors.replicationerrornumbers	Default value to be used as in the file	23.2.0
mgm.resources.limits.cpu	Default value to be used as in the file	23.2.0
mgm.resources.limits.memory	Default value to be used as in the file	23.2.0
mgm.resources.requests.cpu	Default value to be used as in the file	23.2.0
mgm.resources.requests.memory	Default value to be used as in the file	23.2.0
ndb.sidecar.resources.limits.cpu	Default value to be used as in the file	23.2.0
ndb.sidecar.resources.limits.memory	Default value to be used as in the file	23.2.0
ndb.sidecar.resources.limits.ephemeral-storage	Default value to be used as in the file	23.2.0
ndb.sidecar.resources.requests.cpu	Default value to be used as in the file	23.2.0
ndb.sidecar.resources.requests.memory	Default value to be used as in the file	23.2.0
ndb.resources.limits.cpu	Default value to be used as in the file	23.2.0
ndb.resources.limits.memory	Default value to be used as in the file	23.2.0
ndb.resources.requests.cpu	Default value to be used as in the file	23.2.0
ndb.resources.requests.memory	Default value to be used as in the file	23.2.0
api.resources.limits.cpu	Default value to be used as in the file	23.2.0
api.resources.limits.memory	Default value to be used as in the file	23.2.0
api.resources.requests.cpu	Default value to be used as in the file	23.2.0
api.resources.requests.memory	Default value to be used as in the file	23.2.0
api.ndbapp.resources.limits.cpu	Default value to be used as in the file	23.2.0
api.ndbapp.resources.limits.memory	Default value to be used as in the file	23.2.0
api.ndbapp.resources.requests.cpu	Default value to be used as in the file	23.2.0
api.ndbapp.resources.requests.memory	Default value to be used as in the file	23.2.0
db-replication-svc.dbreplsvcdeployments.resources.limits.cpu	Default value to be used as in the file	23.2.0
db-replication-svc.dbreplsvcdeployments.resources.limits.memory	Default value to be used as in the file	23.2.0
db-replication-svc.dbreplsvcdeployments.resources.requests.cpu	Default value to be used as in the file	23.2.0
db-replication-svc.dbreplsvcdeployments.resources.requests.memory	Default value to be used as in the file	23.2.0
db-monitor-svc.resources.limits.cpu	Default value to be used as in the file	23.2.0
db-monitor-svc.resources.limits.memory	Default value to be used as in the file	23.2.0
db-monitor-svc.resources.requests.cpu	Default value to be used as in the file	23.2.0
db-monitor-svc.resources.requests.memory	Default value to be used as in the file	23.2.0
additionalndbconfigurations.ndb.ODirect	Default value to be used as in the file	23.2.0

For more information about these parameters, see Oracle Communications Cloud Native Core, cnDBTier Installation, Upgrade, and Fault Recovery Guide.