2 Deployment Environment
This section provides information about the cloud native platform requirements for deploying Oracle Communications Cloud Native Core, Network Slice Selection Function (NSSF).
Note:
The performance and capacity of the NSSF system may vary based on the call model, Feature or Interface configuration, and underlying CNE and hardware environment.2.1 Deployed Components
This section provides details about the deployed components.
2.1.1 Hardware Details
This section describes the hardware details.
Table 2-1 CNE Cluster Details
| Nodes | Server Model | Count |
|---|---|---|
| Master Nodes | ORACLE SERVER X8-2 | 3 |
| Worker Nodes | ORACLE SERVER X8-2 | 22 |
Note:
The CNE clusters for performance benchmarking were utilized in a shared model.2.1.2 Observability Services
This section describes the required observability services.
Table 2-2 Observability Services
| Component | Version |
|---|---|
| admission-webhook | v0.72.0 |
| alertmanager | v0.27.0 |
| bats | v1.4.1 |
| busybox | 1.31.1 |
| busybox | 1.31.0 |
| coredns | v1.10.1 |
| cpa | v1.8.8 |
| ceph | v1.12.2 |
| ceph | v17.2.6 |
| cephcsi | v3.9.0 |
| cert-manager-cainjector | v1.12.4 |
| cert-manager-controller | v1.12.4 |
| cert-manager-ctl | v1.12.4 |
| cert-manager-istio-csr | v0.5.0 |
| cert-manager-webhook | v1.12.4 |
| cni | v3.26.4 |
| controller | v1.9.4 |
| curl-ssl | latest |
| dns/k8s-dns-node-cache | 1.22.28 |
| etcd | v3.5.10 |
| fluentd-kubernetes-daemonset | v1.16.2-debian-opensearch-1.0 |
| grafana | 9.5.3 |
| ingress-nginx/kube-webhook-certgen | v20221220-controller-v1.5.1-58-g787ea74b6 |
| jaeger-agent | 1.52.0 |
| jaeger-collector | 1.52.0 |
| jaeger-query | 1.52.0 |
| kube-apiserver | v1.28.6 |
| kube-controller-manager | v1.28.6 |
| kube-proxy | v1.28.6 |
| kube-scheduler | v1.28.6 |
| kube-state-metrics | v2.10.1 |
| kubectl | 1.24 |
| k8s-sidecar | 1.26.1 |
| kyverno | v1.9.0 |
| kyvernopre | v1.9.0 |
| metallb-controller | v0.13.11 |
| metallb-speaker | v0.13.11 |
| metrics-server | v0.6.1 |
| multus-cni | v3.8 |
| nginx | 1.21.4 |
| nginx | 1.25.2-alpine |
| node-exporter | v1.7.0 |
| opensearch | v2.3.0 |
| opensearch-dashboards | v2.3.0 |
| occne_bastion_controller | 24.1.0 |
| pause | 3.9 |
| pilot | 1.18.2 |
| pod2daemon-flexvol | v3.26.4 |
| promxy | v0.0.75 |
| prometheus | v2.51.1 |
| prometheus-operator | v0.72.0 |
| prometheus-config-reloader | v0.72.0 |
| proxyv2 | 1.18.2 |
| snmp-notifier | v1.4.0 |
| velero | v1.12.0 |
| velero-plugin-for-aws | v1.7.1 |
| whereabouts | v0.6.2 |
Note:
The CNE clusters for performance benchmarking were utilized in a shared model. Hence not all components listed here are utlized by NSSF.2.1.3 System Software
This section describes the system software details.
Table 2-3 System Software
| System Software | Details |
|---|---|
| Operating System (+Kernel Version) |
v5.0.4-0.20230601165947-6ce0bf390ce3 Oracle Linux Server 9.3 (Plow) |
| Hypervisor | Bare metal Server |
| CNE | 24.1.x |
| OSO | 25.1.1xx |
| Kubernetes | 1.28.x |
| ASM | 1.14.6 |
| Podman | 4.6.1 |
2.2 Resource Profile
This section describes the resource profile for common applications, NSSF microservices, and cnDBTier.
2.2.1 CNE Common Applications
The CPU and RAM resources that each common service provided by CNE consumes are constrained, so that they do not consume excess resources that could be used by applications. Each service is given an initial CPU and RAM allocation when it is deployed and is allowed to grow to a specified upper limit of each resource while it continues to run. For services where little growth is expected, or where increasing the CPU/RAM underneath a running application might cause an unacceptable service disruption, the initial allocation and upper limit are set to the same value. The resource requests and limits are given below:
Here is the table displaying the Resource Profile for CNE:
Table 2-4 CNE Common Applications
| Deployment/STS | Pod Count | CPU Request | CPU Limit | Memory Request | Memory Limit |
|---|---|---|---|---|---|
| alertmanager-occne-kube-prom-stack-kube-alertmanager | 2 | 20m | 20m | 64Mi | 64Mi |
| occne-bastion-controller | 1 | 10m | 200m | 128Mi | 256Mi |
| occne-kube-prom-stack-grafana | 1 | 500m | 500m | 512Mi | 512Mi |
| occne-kube-prom-stack-kube-operator | 1 | 100m | 200m | 100Mi | 200Mi |
| occne-kube-prom-stack-kube-state-metrics | 1 | 20m | 60m | 32Mi | 1Gi |
| occne-metallb-controller | 1 | 100m | 100m | 100Mi | 100Mi |
| occne-metrics-server | 1 | 100m | 100m | 200Mi | 200Mi |
| occne-opensearch-dashboards | 1 | 100m | 100m | 512Mi | 512Mi |
| occne-promxy | 1 | 100m | 100m | 512Mi | 512Mi |
| occne-promxy-apigw-nginx | 2 | 1 | 2 | 1Gi | 1536Mi |
| occne-tracer-jaeger-collector | 1 | 500m | 1250m | 512Mi | 1Gi |
| occne-tracer-jaeger-query | 1 | 256m | 500m | 128Mi | 512Mi |
| opensearch-cluster-data | 5 | 200m | 200m | 10Gi | 10Gi |
| opensearch-cluster-master | 3 | 1 | 1 | 2Gi | 2Gi |
| prometheus-occne-kube-prom-stack-kube-prometheus | 2 | 12 | 12 | 55Gi | 55Gi |
Note:
The overall common services resource usage varies on each worker node. The common services listed above are distributed evenly across all worker nodes in the CNE Kubernetes cluster.2.2.2 Application Microservices
Resource needs to be adjusted or tuned as per the performance or the ongoing benchmark testing.
This section lists the resource requirements to install and run NSSF.
NSSF Services
The following table lists resource requirement for NSSF Services:
Table 2-5 NSSF Services
| Service Name | Replicas | Min CPU | Max CPU | Min Memory | Max Memory | Min Ephemeral Storage | Max Ephemeral Storage |
|---|---|---|---|---|---|---|---|
| <helm-release-name>-alternate-route | 1 | 1 | 2 | 2Gi | 4Gi | 78Mi | 1Gi |
| <helm-release-name>-appinfo | 1 | 200m | 200m | 1Gi | 1Gi | 78Mi | 1Gi |
| <helm-release-name>-egress-gateway | 2 | 4 | 4 | 4Gi | 4Gi | 78Mi | 1Gi |
| <helm-release-name>-ingress-gateway | 5 | 6 | 6 | 6Gi | 6Gi | 78Mi | 1Gi |
| <helm-release-name>-nsauditor | 1 | 2 | 2 | 1Gi | 1Gi | 78Mi | 1Gi |
| <helm-release-name>-nsavailability | 2 | 4 | 4 | 4Gi | 4Gi | 78Mi | 1Gi |
| <helm-release-name>-nsconfig | 1 | 2 | 2 | 2Gi | 2Gi | 78Mi | 1Gi |
| <helm-release-name>-nsselection | 9 | 4 | 4 | 4Gi | 4Gi | 78Mi | 1Gi |
| <helm-release-name>-nssubscription | 1 | 2 | 2 | 1Gi | 1Gi | 78Mi | 1Gi |
| <helm-release-name>-<helm-release-name>-nrf-client-nfdiscovery | 2 | 2 | 2 | 1Gi | 1Gi | 78Mi | 1Gi |
| <helm-release-name>-<helm-release-name>-nrf-client-nfmanagement | 2 | 1 | 1 | 1Gi | 1Gi | 78Mi | 1Gi |
| <helm-release-name>-config-server | 1 | 500m | 1 | 1Gi | 1Gi | 78Mi | 1Gi |
| <helm-release-name>-perf-info | 1 | 2 | 2 | 1Gi | 1Gi | 78Mi | 6Gi |
ASM Sidecar
NSSF leverages the Platform Service Mesh (for example, Aspen Service Mesh) for all internal and external TLS communication. If ASM Sidecar injection is enabled during NSSF deployment or upgrade, this container is injected to each NSSF pod (or selected pod, depending on the option chosen during deployment or upgrade). These containers stay till pod or deployment exist. For more information about installing ASM, see Configuring NSSF to support Aspen Service Mesh in Oracle Communications Cloud Native Core, Network Slice Selection Function Installation, Upgrade, and Fault Recovery Guide.
Table 2-6 ASM Sidecar
| Service Name | Replicas | Min CPU | Max CPU | Min Memory | Max Memory |
|---|---|---|---|---|---|
| <helm-release-name>-alternate-route | 1 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-appinfo | 1 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-egress-gateway | 2 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-ingress-gateway | 5 | 3 | 3 | 512Mi | 512Mi |
| <helm-release-name>-nsauditor | 1 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-nsavailability | 2 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-nsconfig | 1 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-nsselection | 6 | 4 | 4 | 2Gi | 2Gi |
| <helm-release-name>-nssubscription | 1 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-<helm-release-name>-nrf-client-nfdiscovery | 2 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-<helm-release-name>-nrf-client-nfmanagement | 2 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-config-server | 1 | 250m | 250m | 512Mi | 512Mi |
| <helm-release-name>-perf-info | 1 | 250m | 250m | 512Mi | 512Mi |
Note:
<helm-release-name> is the Helm release name. For example, if Helm release name is "ocnssf", then nsselection microservice name will be "ocnssf-nsselection".2.2.3 cnDBTier Resource Profile
The following table describes resources required by cnDBTier pods to perform NSSF benchmark tests.
cnDBTier Services
Table 2-7 cnDBTier Services
| Service | Component | Replicas | Min CPU | Max CPU | Min Memory | Max Memory | Request Memory | Limit Memory |
|---|---|---|---|---|---|---|---|---|
| ndbmysqld | mysqlndbcluster | 4 | 8 | 8 | 10Gi | 10Gi | 90Mi | 1Gi |
| ndbmysqld | db-infra-monitor-svc | 4 | 100m | 100m | 256Mi | 256Mi | 90Mi | 1Gi |
| ndbmtd | mysqlndbcluster | 4 | 10 | 10 | 18Gi | 18Gi | 90Mi | 1Gi |
| ndbmtd | db-backup-executor-svc | 4 | 1 | 1 | 1Gi | 1Gi | 90Mi | 1Gi |
| ndbmtd | db-infra-monitor-svc | 4 | 100m | 100m | 256Mi | 256Mi | 90Mi | 1Gi |
| ndbmgmd | mysqlndbcluster | 2 | 4 | 4 | 10Gi | 10Gi | 90Mi | 1Gi |
| ndbmgmd | db-infra-monitor-svc | 2 | 100m | 100m | 256Mi | 256Mi | 90Mi | 1Gi |
| ndbappmysqld | mysqlndbcluster | 4 | 8 | 8 | 10Gi | 10Gi | 90Mi | 1Gi |
| mysql-cluster-site1-site3-replication-svc | site1-site3-replication-svc | 1 | 1 | 1 | 2Gi | 2Gi | 90Mi | 1Gi |
| mysql-cluster-site1-site2-replication-svc | site1-site2-replication-svc | 1 | 2 | 2 | 12Gi | 12Gi | 90Mi | 1Gi |
| mysql-cluster-db-monitor-svc | db-monitor-svc | 1 | 4 | 4 | 4Gi | 4Gi | 90Mi | 1Gi |
| mysql-cluster-db-backup-manager-svc | db-backup-manager-svc | 1 | 100m | 100m | 128Mi | 128Mi | 90Mi | 1Gi |
cnDBTier with ASM
Table 2-8 cnDBTier with ASM
| cnDBTier Pods | Replica | Min CPU | Max CPU | Min Memory | Max Memory |
|---|---|---|---|---|---|
| ndbappmysqld | 4 | 3 | 3 | 4Gi | 4Gi |
| ndbmgmd | 2 | 3 | 3 | 4Gi | 4Gi |
| ndbmtd | 4 | 4 | 4 | 2Gi | 2Gi |
| ndbmysqld | 4 | 3 | 3 | 4Gi | 4Gi |
| mysql-cluster-db-backup-manager-svc | 1 | 2 | 2 | 1Gi | 1Gi |
| mysql-cluster-db-monitor-svc | 1 | 2 | 2 | 1Gi | 1Gi |
| mysql-cluster-site1-site2-replication-svc | 1 | 2 | 2 | 1Gi | 1Gi |
| mysql-cluster-site1-site3-replication-svc | 1 | 2 | 2 | 1Gi | 1Gi |