2 CNC Policy Architecture

Oracle Communications Cloud Native Core, Converged Policy (Policy) is developed as a cloud native application that is composed of a collection of microservices that run in a cloud native environment. It separates the processing or business logic into the logical grouping of microservices and components:
  • Connectivity: Components interfacing with external entities. This is where an API gateway is utilized to interface with external traffic to the PCF. These are stateless sets of components.
  • Business logic: Application layer running the PCRF or PCF business logic, policy engine, and various services that can be enabled based on deployment requirements. These are stateless sets of components.
  • Data Management: Data layer responsible for storing various types of persistent data. PCF is developed to be able to plug in different types of back-end data layers that could be internal or external.

The Policy solution provides a flexible and modular policy designing framework. It offers, rapid and secure deployment of new policies and supports the existing use cases. The Converged policy solution supports both 4G and 5G networks, thereby helping operators to manage their heterogeneous network in an intuitive and consistent manner while enabling seamless inter-working and migration between 4G and 5G networks.

The following diagram represents the Policy architecture:

Figure 2-1 Policy Architecture Diagram

Policy Architecture Diagram

Components of the Policy Architecture

  • Kubernetes cluster hosting Docker containers and Calico networking
  • Optional CNE services to support operation of PCF
  • Connectivity
    • Diameter Gateway/Connector – Enables the policy solution functions as a Diameter server and offers integration over Gx, Rx, Sy and other legacy Diameter services. The Diameter server also implements routing, load balancing and overload control services. The Diameter Gateway acts as a gateway for all Diameter traffic to Policy Solution. It also performs round-robin load balancing across its back-end peers (Diameter connector and PCRF-Core).
    • Ingress Gateway – Acts as a Gateway for all ingress HTTP traffic to Policy Solution.
    • Egress Gateway – Acts as a gateway for all egress HTTP traffic originating from Policy Solution to outside the network.
    • LDAP Gateway – Acts as a gateway for all egress LDAP traffic towards Directory Services.
    • Diameter Connector – Accepts Diameter messages from Diameter Gateway and converts the message to HTTP message format and sends to PCF components.
    • Soap Connector – Accepts the SOAP messages from ingress gateway, converts to JSON format and forwards the message to Policy Data Service for processing.
    • NRF Client Service – Integrates with NRF for service registration, discovery, and service status or load related information, along with application and performance information services. NRF discovery helps in on-demand discovery of network functions. NRF management helps in autonomous discovery of network functions.
  • Policy Business Logic
    • SM Service (includes PA Service) - Provides the SMF session and application or flow based policies. The Policy Authorization (PA) service, such as Rx like interface in SBA authorizes an AF request and creates policies as requested by the NF consumer service for the PDU session to which the AF session is bound. This service implements policy control for session management for service data flows. This service implements the N7 interface to trigger session management policies towards the SMF function.
    • AM Service - Implements access management service-related policies over the N15 interface towards the AMF.
    • PCRF Core Service – Implements the legacy handling of PCRF core business logic, interactions with other microservices, and triggers for policy enforcement over the Gx interface. PCRF is a node that determines policy rules in a multimedia network in real-time.
    • Binding Service - Stores binding information related to 4G/5G subscribers and helps Diameter Gateway in forwarding AF messages.
    • UE Policy Service - Provides UE policy, includes UE Route Selection Policy (URSP) through AMF transparently to the UE. Implements UE management service-related policies over the N15 interface towards the AMF.
    • UDR Connector – UDR Connector layer interfaces the application with the UDR.
    • CHF Connector – CHF Connector layer interfaces with the the CHF.
    • Policy Data Service– Policy DS interfaces 4G/5G Signaling components with Protocol specific connectors (UDR Connector/CHF Connector/LDAP Gateway) to have a unified data source layer.
    • Policy Runtime Engine – Policy Runtime Engine (PRE) service runs the Policy Decision Engine. The policies can be configured using the configuration management service.
    • PRE Test Engine – The PRE Test Engine runs the Policy Decision Engine for test messages. Test message can be triggered from the configuration management service.
    • Configuration Management – This service provides the OAM interfaces that includes GUI and REST interfaces, for Policy and Service provisioning. Configuration Service and CM GUI offers graphical interface for all policy-related configurations and design of policies.
    • Configuration Server – This service performs the database abstraction for storage and retrieval of policy configuration.
    • Query – The Query microservice processes session viewer queries triggered by the configuration management service.
    • Audit – The Audit microservice runs the Audit engine to detect and process stale session records.
    • App-Info – This microservice monitors application (microservice) health and status.
    • Perf-Info – This microservice monitors application (microservice) capacity and load status.
    • Bulwark - This microservice facilitates the concurrency support for other internal services, such as SM service, AM service, Policy DS, etc.
    • Notifier - This microservice notifies subscribers about their data usage at different threshold levels.
    • Usage Monitoring - This microservice implements the usage monitoring procedures like usage accumulation, grant calculation, etc. for session and PCC flows.
    • NWDAF Agent - This microservice inetegrates Policy with Network Data Analytics Function (NWDAF) service to get analytics information.
  • Data Tier
    • Dynamic state – Stores the session information relevant for policy context.
    • Configuration store – Stores the configuration related data.
  • Ingress and Egress Gateway Traffic Management

    For more information on Ingress and Egress Gateway Traffic Management, see Oracle Communications Cloud Native Core, Cloud Native Environment User Guide.