├── Makefile ├── README.md ├── charts └── .gitkeep ├── clusters ├── cni │ ├── calico │ │ ├── 01_tigera_operator.yaml │ │ └── 02_custom_resouces.yaml │ ├── multus │ │ └── 01_multus_daemonset.yaml │ └── tungstenfabric │ │ ├── 01_cni-tungsten-fabric.yaml │ │ ├── cni-tungsten-fabric.yaml │ │ └── set_labels.sh └── kubeadm │ ├── multi │ └── .gitkeep │ └── single │ ├── 01_init_defaults.yaml │ └── 02_join_defaults.yaml ├── images ├── f5gc-amf │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ ├── cert │ │ ├── amf.key │ │ └── amf.pem │ └── config │ │ └── amfcfg.conf ├── f5gc-ausf │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ ├── cert │ │ ├── ausf.key │ │ └── ausf.pem │ └── config │ │ └── ausfcfg.conf ├── f5gc-build-base │ ├── Dockerfile.alpine │ ├── Dockerfile.ubuntu18 │ ├── Makefile │ └── patches │ │ ├── nas │ │ └── 20201104_nasConvert.patch │ │ └── nrf │ │ └── 20201110_nrf_smf_selection_by_slice.patch ├── f5gc-gnbsim │ ├── Dockerfile.ubuntu18 │ └── config │ │ └── example.json ├── f5gc-nrf │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ └── config │ │ ├── free5GC.conf │ │ └── nrfcfg.conf ├── f5gc-nssf │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ ├── cert │ │ ├── nssf.key │ │ └── nssf.pem │ └── config │ │ └── nssfcfg.conf ├── f5gc-pcf │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ ├── cert │ │ ├── pcf.key │ │ └── pcf.pem │ └── config │ │ └── pcfcfg.conf ├── f5gc-smf │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ ├── cert │ │ ├── smf.key │ │ └── smf.pem │ └── config │ │ ├── smfcfg.conf │ │ └── uerouting.yaml ├── f5gc-udm │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ ├── cert │ │ ├── udm.key │ │ └── udm.pem │ └── config │ │ └── udmcfg.conf ├── f5gc-udr │ ├── Dockerfile.alpine │ ├── Dockerfile.distroless │ ├── cert │ │ ├── udr.key │ │ └── udr.pem │ └── config │ │ └── udrcfg.conf ├── f5gc-upf │ ├── Dockerfile.ubuntu18 │ └── config │ │ ├── upfcfg.example.yaml │ │ ├── upfcfg.test.example.yaml │ │ ├── upfcfg.ulcl.example.yaml │ │ └── upfcfg.yaml └── f5gc-webui │ ├── Dockerfile.alpine │ └── config │ └── webuicfg.conf └── manifests ├── 00_namespace.yaml ├── dbg-mongo-express ├── 00_dbg-me-deployment.yaml └── kustomization.yaml ├── dbg-rockmongo ├── 00_dbg-rm-deployment.yaml └── kustomization.yaml ├── f5gc-amf ├── 00_amf-sa.yaml ├── 01_amf-rbac.yaml ├── 02_amf-configmap.yaml ├── 03_amf-service.yaml ├── 04_amf-multus.yaml ├── 05_amf-deployment.yaml ├── cert │ ├── amf.key │ └── amf.pem └── kustomization.yaml ├── f5gc-ausf ├── 00_ausf-sa.yaml ├── 01_ausf-rbac.yaml ├── 02_ausf-configmap.yaml ├── 03_ausf-service.yaml ├── 04_ausf-deployment.yaml ├── cert │ ├── ausf.key │ └── ausf.pem └── kustomization.yaml ├── f5gc-gnbsim ├── 00_gnbsim-sa.yaml ├── 01_gnbsim-rbac.yaml ├── 02_gnbsim-configmap.yaml ├── 03_gnbsim-service.yaml ├── 04_gnbsim-multus.yaml ├── 05_gnbsim-deployment.yaml └── kustomization.yaml ├── f5gc-mongodb ├── 00_mongodb-service.yaml ├── 01_mongodb-configmap.yaml ├── 02_mongodb-f5gc-db.yaml ├── 03_mongodb-statefulset.yaml └── kustomization.yaml ├── f5gc-n6dummy-2 ├── 00_n6dummy-sa.yaml ├── 01_n6dummy-rbac.yaml ├── 02_n6dummy-multus.yaml ├── 03_n6dummy-deployment.yaml └── kustomization.yaml ├── f5gc-n6dummy ├── 00_n6dummy-sa.yaml ├── 01_n6dummy-rbac.yaml ├── 02_n6dummy-multus.yaml ├── 03_n6dummy-deployment.yaml └── kustomization.yaml ├── f5gc-nrf ├── 00_nrf-sa.yaml ├── 01_nrf-rbac.yaml ├── 02_nrf-configmap.yaml ├── 03_nrf-service.yaml ├── 04_nrf-deployment.yaml ├── cert │ ├── nrf.key │ └── nrf.pem └── kustomization.yaml ├── f5gc-nssf ├── 00_nssf-sa.yaml ├── 01_nssf-rbac.yaml ├── 02_nssf-configmap.yaml ├── 03_nssf-service.yaml ├── 04_nssf-deployment.yaml ├── cert │ ├── nssf.key │ └── nssf.pem └── kustomization.yaml ├── f5gc-pcf ├── 00_pcf-sa.yaml ├── 01_pcf-rbac.yaml ├── 02_pcf-configmap.yaml ├── 03_pcf-service.yaml ├── 04_pcf-deployment.yaml ├── cert │ ├── pcf.key │ └── pcf.pem └── kustomization.yaml ├── f5gc-smf-2 ├── 00_smf-sa.yaml ├── 01_smf-rbac.yaml ├── 02_smf-configmap.yaml ├── 03_smf-service.yaml ├── 04_smf-multus.yaml ├── 05_smf-deployment.yaml ├── cert │ ├── smf.key │ └── smf.pem └── kustomization.yaml ├── f5gc-smf ├── 00_smf-sa.yaml ├── 01_smf-rbac.yaml ├── 02_smf-configmap.yaml ├── 03_smf-service.yaml ├── 04_smf-multus.yaml ├── 05_smf-deployment.yaml ├── cert │ ├── smf.key │ └── smf.pem └── kustomization.yaml ├── f5gc-udm ├── 00_udm-sa.yaml ├── 01_udm-rbac.yaml ├── 02_udm-configmap.yaml ├── 03_udm-service.yaml ├── 04_udm-deployment.yaml ├── cert │ ├── udm.key │ └── udm.pem └── kustomization.yaml ├── f5gc-udr ├── 00_udr-sa.yaml ├── 01_udr-rbac.yaml ├── 02_udr-configmap.yaml ├── 03_udr-service.yaml ├── 04_udr-deployment.yaml ├── cert │ ├── udr.key │ └── udr.pem └── kustomization.yaml ├── f5gc-upf-2 ├── 00_upf-sa.yaml ├── 01_upf-rbac.yaml ├── 02_upf-configmap.yaml ├── 03_upf-service.yaml ├── 04_upf-multus.yaml ├── 05_upf-deployment.yaml └── kustomization.yaml ├── f5gc-upf ├── 00_upf-sa.yaml ├── 01_upf-rbac.yaml ├── 02_upf-configmap.yaml ├── 03_upf-service.yaml ├── 04_upf-multus.yaml ├── 05_upf-deployment.yaml └── kustomization.yaml └── f5gc-webui ├── 00_webui-sa.yaml ├── 01_webui-rbac.yaml ├── 02_webui-configmap.yaml ├── 03_webui-service.yaml ├── 04_webui-deployment.yaml └── kustomization.yaml /Makefile: -------------------------------------------------------------------------------- 1 | # Makefile 2 | F5GC_BASE_NAME ?= f5gc-build-base 3 | F5GC_GNBSIM_NAME ?= f5gc-gnbsim 4 | F5GC_AMF_NAME ?= f5gc-amf 5 | F5GC_SMF_NAME ?= f5gc-smf 6 | F5GC_UPF_NAME ?= f5gc-upf 7 | F5GC_NRF_NAME ?= f5gc-nrf 8 | F5GC_AUSF_NAME ?= f5gc-ausf 9 | F5GC_NSSF_NAME ?= f5gc-nssf 10 | F5GC_PCF_NAME ?= f5gc-pcf 11 | F5GC_UDM_NAME ?= f5gc-udm 12 | F5GC_UDR_NAME ?= f5gc-udr 13 | F5GC_WEBUI_NAME ?= f5gc-webui 14 | 15 | DOCKER_ENV ?= DOCKER_BUILDKIT=1 16 | DOCKER_TAG ?= v3.0.4 17 | DOCKER_REGISTRY ?= ghcr.io 18 | DOCKER_REPOSITORY ?= sumichaaan/free5gc-k8s 19 | DOCKER_BUILD_ARGS ?= --rm 20 | 21 | BASE_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_BASE_NAME}:${DOCKER_TAG} 22 | GNBSIM_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_GNBSIM_NAME}:${DOCKER_TAG} 23 | AMF_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_AMF_NAME}:${DOCKER_TAG} 24 | SMF_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_SMF_NAME}:${DOCKER_TAG} 25 | UPF_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_UPF_NAME}:${DOCKER_TAG} 26 | NRF_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_NRF_NAME}:${DOCKER_TAG} 27 | AUSF_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_AUSF_NAME}:${DOCKER_TAG} 28 | NSSF_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_NSSF_NAME}:${DOCKER_TAG} 29 | PCF_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_PCF_NAME}:${DOCKER_TAG} 30 | UDM_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_UDM_NAME}:${DOCKER_TAG} 31 | UDR_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_UDR_NAME}:${DOCKER_TAG} 32 | WEBUI_IMAGE_NAME ?= ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_WEBUI_NAME}:${DOCKER_TAG} 33 | 34 | 35 | 36 | build-all: build-base build-gnbsim build-amf build-smf build-upf build-nrf build-ausf build-nssf build-pcf build-udm build-udr build-webui 37 | 38 | 39 | .PHONY: build-base 40 | build-base: 41 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 42 | --tag ${BASE_IMAGE_NAME} \ 43 | --file ./images/${F5GC_BASE_NAME}/Dockerfile.alpine \ 44 | ./images/${F5GC_BASE_NAME} 45 | 46 | .PHONY: build-gnbsim 47 | build-gnbsim: 48 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 49 | --tag ${GNBSIM_IMAGE_NAME} \ 50 | --file ./images/${F5GC_GNBSIM_NAME}/Dockerfile.ubuntu18 \ 51 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 52 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 53 | --build-arg TAG=${DOCKER_TAG} \ 54 | --no-cache \ 55 | ./images/${F5GC_GNBSIM_NAME} 56 | 57 | .PHONY: build-amf 58 | build-amf: build-base 59 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 60 | --tag ${AMF_IMAGE_NAME} \ 61 | --file ./images/${F5GC_AMF_NAME}/Dockerfile.alpine \ 62 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 63 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 64 | --build-arg TAG=${DOCKER_TAG} \ 65 | ./images/${F5GC_AMF_NAME} 66 | 67 | .PHONY: build-smf 68 | build-smf: build-base 69 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 70 | --tag ${SMF_IMAGE_NAME} \ 71 | --file ./images/${F5GC_SMF_NAME}/Dockerfile.alpine \ 72 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 73 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 74 | --build-arg TAG=${DOCKER_TAG} \ 75 | ./images/${F5GC_SMF_NAME} 76 | 77 | .PHONY: build-upf 78 | build-upf: build-base 79 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 80 | --tag ${UPF_IMAGE_NAME} \ 81 | --file ./images/${F5GC_UPF_NAME}/Dockerfile.ubuntu18 \ 82 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 83 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 84 | --build-arg TAG=${DOCKER_TAG} \ 85 | ./images/${F5GC_UPF_NAME} 86 | 87 | .PHONY: build-nrf 88 | build-nrf: build-base 89 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 90 | --tag ${NRF_IMAGE_NAME} \ 91 | --file ./images/${F5GC_NRF_NAME}/Dockerfile.alpine \ 92 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 93 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 94 | --build-arg TAG=${DOCKER_TAG} \ 95 | ./images/${F5GC_NRF_NAME} 96 | 97 | .PHONY: build-ausf 98 | build-ausf: build-base 99 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 100 | --tag ${AUSF_IMAGE_NAME} \ 101 | --file ./images/${F5GC_AUSF_NAME}/Dockerfile.alpine \ 102 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 103 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 104 | --build-arg TAG=${DOCKER_TAG} \ 105 | ./images/${F5GC_AUSF_NAME} 106 | 107 | .PHONY: build-nssf 108 | build-nssf: build-base 109 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 110 | --tag ${NSSF_IMAGE_NAME} \ 111 | --file ./images/${F5GC_NSSF_NAME}/Dockerfile.alpine \ 112 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 113 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 114 | --build-arg TAG=${DOCKER_TAG} \ 115 | ./images/${F5GC_NSSF_NAME} 116 | 117 | .PHONY: build-pcf 118 | build-pcf: build-base 119 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 120 | --tag ${PCF_IMAGE_NAME} \ 121 | --file ./images/${F5GC_PCF_NAME}/Dockerfile.alpine \ 122 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 123 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 124 | --build-arg TAG=${DOCKER_TAG} \ 125 | ./images/${F5GC_PCF_NAME} 126 | 127 | .PHONY: build-udm 128 | build-udm: build-base 129 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 130 | --tag ${UDM_IMAGE_NAME} \ 131 | --file ./images/${F5GC_UDM_NAME}/Dockerfile.alpine \ 132 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 133 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 134 | --build-arg TAG=${DOCKER_TAG} \ 135 | ./images/${F5GC_UDM_NAME} 136 | 137 | .PHONY: build-udr 138 | build-udr: build-base 139 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 140 | --tag ${UDR_IMAGE_NAME} \ 141 | --file ./images/${F5GC_UDR_NAME}/Dockerfile.alpine \ 142 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 143 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 144 | --build-arg TAG=${DOCKER_TAG} \ 145 | ./images/${F5GC_UDR_NAME} 146 | 147 | .PHONY: build-nssf 148 | build-nssf: build-base 149 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 150 | --tag ${NSSF_IMAGE_NAME} \ 151 | --file ./images/${F5GC_NSSF_NAME}/Dockerfile.alpine \ 152 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 153 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 154 | --build-arg TAG=${DOCKER_TAG} \ 155 | ./images/${F5GC_NSSF_NAME} 156 | 157 | .PHONY: build-pcf 158 | build-pcf: build-base 159 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 160 | --tag ${PCF_IMAGE_NAME} \ 161 | --file ./images/${F5GC_PCF_NAME}/Dockerfile.alpine \ 162 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 163 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 164 | --build-arg TAG=${DOCKER_TAG} \ 165 | ./images/${F5GC_PCF_NAME} 166 | 167 | .PHONY: build-udm 168 | build-udm: build-base 169 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 170 | --tag ${UDM_IMAGE_NAME} \ 171 | --file ./images/${F5GC_UDM_NAME}/Dockerfile.alpine \ 172 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 173 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 174 | --build-arg TAG=${DOCKER_TAG} \ 175 | ./images/${F5GC_UDM_NAME} 176 | 177 | .PHONY: build-udr 178 | build-udr: build-base 179 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 180 | --tag ${UDR_IMAGE_NAME} \ 181 | --file ./images/${F5GC_UDR_NAME}/Dockerfile.alpine \ 182 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 183 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 184 | --build-arg TAG=${DOCKER_TAG} \ 185 | ./images/${F5GC_UDR_NAME} 186 | 187 | .PHONY: build-webui 188 | build-webui: build-base 189 | ${DOCKER_ENV} docker build ${DOCKER_BUILD_ARGS} \ 190 | --tag ${WEBUI_IMAGE_NAME} \ 191 | --file ./images/${F5GC_WEBUI_NAME}/Dockerfile.alpine \ 192 | --build-arg REGISTRY=${DOCKER_REGISTRY} \ 193 | --build-arg REPOSITORY=${DOCKER_REPOSITORY} \ 194 | --build-arg TAG=${DOCKER_TAG} \ 195 | ./images/${F5GC_WEBUI_NAME} 196 | 197 | clean: 198 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_BASE_NAME}:${DOCKER_TAG} 199 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_GNBSIM_NAME}:${DOCKER_TAG} 200 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_AMF_NAME}:${DOCKER_TAG} 201 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_SMF_NAME}:${DOCKER_TAG} 202 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_UPF_NAME}:${DOCKER_TAG} 203 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_NRF_NAME}:${DOCKER_TAG} 204 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_AUSF_NAME}:${DOCKER_TAG} 205 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_NSSF_NAME}:${DOCKER_TAG} 206 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_PCF_NAME}:${DOCKER_TAG} 207 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_UDM_NAME}:${DOCKER_TAG} 208 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_UDR_NAME}:${DOCKER_TAG} 209 | docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${F5GC_WEBUI_NAME}:${DOCKER_TAG} 210 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Free5gc Stage3 for Kubernetes 2 | The free5GC is an open-source project for 5th generation (5G) mobile core networks. The ultimate goal of this project is to implement the 3GPP Release 15 (R15) and Release 16 (R16) 5G core network (5GC). 3 | 4 | This repository aims to install dockerized free5gc stage3 and ride on kubernetes. 5 | 6 | NOTE: Can work at version `5.0.0-23-generic` to run UPF(GTP5G Module.) 7 | -------------------------------------------------------------------------------- /charts/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sumichaaan/free5gc-k8s/83826ba7190c35e5383ba802f4a14fd541e4c940/charts/.gitkeep -------------------------------------------------------------------------------- /clusters/cni/calico/02_custom_resouces.yaml: -------------------------------------------------------------------------------- 1 | # This section includes base Calico installation configuration. 2 | # For more information, see: https://docs.projectcalico.org/v3.16/reference/installation/api#operator.tigera.io/v1.Installation 3 | apiVersion: operator.tigera.io/v1 4 | kind: Installation 5 | metadata: 6 | name: default 7 | spec: 8 | # Configures Calico networking. 9 | calicoNetwork: 10 | # Note: The ipPools section cannot be modified post-install. 11 | containerIPForwarding: Enabled 12 | ipPools: 13 | - blockSize: 26 14 | cidr: 172.20.0.0/16 15 | # encapsulation: VXLANCrossSubnet 16 | encapsulation: None 17 | natOutgoing: Enabled 18 | nodeSelector: all() 19 | mtu: 1500 20 | -------------------------------------------------------------------------------- /clusters/cni/tungstenfabric/set_labels.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | masternodes=$(kubectl get node | grep -w master | awk '{print $1}') 4 | agentnodes=$(kubectl get node | grep -v -w -e master -e NAME | awk '{print $1}') 5 | for i in config configdb analytics webui control agent analyticsdb 6 | do 7 | for masternode in ${masternodes} 8 | do 9 | kubectl label node ${masternode} node-role.opencontrail.org/${i}= 10 | done 11 | done 12 | 13 | for i in ${agentnodes} 14 | do 15 | kubectl label node ${i} node-role.opencontrail.org/agent= 16 | done 17 | -------------------------------------------------------------------------------- /clusters/kubeadm/multi/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sumichaaan/free5gc-k8s/83826ba7190c35e5383ba802f4a14fd541e4c940/clusters/kubeadm/multi/.gitkeep -------------------------------------------------------------------------------- /clusters/kubeadm/single/01_init_defaults.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kubeadm.k8s.io/v1beta2 2 | kind: InitConfiguration 3 | bootstrapTokens: 4 | - groups: 5 | - system:bootstrappers:kubeadm:default-node-token 6 | token: nq9nmo.qmqa3fndev38vnvq 7 | description: "kubeadm bootstrap token" 8 | ttl: 24h0m0s 9 | usages: 10 | - signing 11 | - authentication 12 | localAPIEndpoint: 13 | advertiseAddress: {{ K8S_API_ADVERTISE_ADDRESS }} 14 | bindPort: 6443 15 | nodeRegistration: 16 | name: tf01 17 | criSocket: /var/run/dockershim.sock 18 | taints: 19 | - effect: NoSchedule 20 | key: node-role.kubernetes.io/master 21 | kubeletExtraArgs: 22 | cgroup-driver: "systemd" 23 | ignorePreflightErrors: 24 | - IsPrivilegedUser 25 | 26 | --- 27 | apiVersion: kubeadm.k8s.io/v1beta2 28 | kind: ClusterConfiguration 29 | etcd: 30 | local: 31 | dataDir: /var/lib/etcd 32 | dns: 33 | type: CoreDNS 34 | networking: 35 | dnsDomain: cluster.local 36 | podSubnet: {{ K8S_POD_SUBNET }} 37 | serviceSubnet: {{ K8S_SERVICE_SUBNET }} 38 | apiServer: 39 | extraArgs: 40 | authorization-mode: "Node,RBAC" 41 | feature-gates: SCTPSupport=true 42 | timeoutForControlPlane: 3m0s 43 | controllerManager: 44 | extraArgs: 45 | "node-cidr-mask-size": "20" 46 | scheduler: {} 47 | certificatesDir: /etc/kubernetes/pki 48 | imageRepository: k8s.gcr.io 49 | kubernetesVersion: v1.19.3 50 | useHyperKubeImage: false 51 | clusterName: ool5g 52 | 53 | --- 54 | apiVersion: kubeproxy.config.k8s.io/v1alpha1 55 | kind: KubeProxyConfiguration 56 | bindAddress: 0.0.0.0 57 | clientConnection: 58 | acceptContentTypes: "" 59 | burst: 0 60 | contentType: "" 61 | kubeconfig: /var/lib/kube-proxy/kubeconfig.conf 62 | qps: 0 63 | clusterCIDR: ${{ K8S_POD_SUBNET }} 64 | configSyncPeriod: 0s 65 | conntrack: 66 | maxPerCore: null 67 | min: null 68 | tcpCloseWaitTimeout: null 69 | tcpEstablishedTimeout: null 70 | enableProfiling: false 71 | healthzBindAddress: "" 72 | hostnameOverride: "" 73 | iptables: 74 | masqueradeAll: false 75 | masqueradeBit: null 76 | minSyncPeriod: 0s 77 | syncPeriod: 0s 78 | ipvs: 79 | excludeCIDRs: null 80 | minSyncPeriod: 0s 81 | scheduler: "" 82 | strictARP: false 83 | syncPeriod: 0s 84 | metricsBindAddress: "" 85 | mode: "" 86 | nodePortAddresses: null 87 | oomScoreAdj: null 88 | portRange: "" 89 | udpIdleTimeout: 0s 90 | winkernel: 91 | enableDSR: false 92 | networkName: "" 93 | sourceVip: "" 94 | 95 | --- 96 | apiVersion: kubelet.config.k8s.io/v1beta1 97 | kind: KubeletConfiguration 98 | authentication: 99 | anonymous: 100 | enabled: false 101 | webhook: 102 | cacheTTL: 0s 103 | enabled: true 104 | x509: 105 | clientCAFile: /etc/kubernetes/pki/ca.crt 106 | authorization: 107 | mode: Webhook 108 | webhook: 109 | cacheAuthorizedTTL: 0s 110 | cacheUnauthorizedTTL: 0s 111 | clusterDNS: 112 | - {{ K8S_CLUSTER_DNS_ADDRESS }} 113 | clusterDomain: cluster.local 114 | cpuManagerReconcilePeriod: 0s 115 | evictionPressureTransitionPeriod: 0s 116 | fileCheckFrequency: 0s 117 | healthzBindAddress: 127.0.0.1 118 | healthzPort: 10248 119 | httpCheckFrequency: 0s 120 | imageMinimumGCAge: 0s 121 | nodeStatusReportFrequency: 0s 122 | nodeStatusUpdateFrequency: 0s 123 | rotateCertificates: true 124 | runtimeRequestTimeout: 0s 125 | staticPodPath: /etc/kubernetes/manifests 126 | streamingConnectionIdleTimeout: 0s 127 | syncFrequency: 0s 128 | volumeStatsAggPeriod: 0s 129 | -------------------------------------------------------------------------------- /clusters/kubeadm/single/02_join_defaults.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kubeadm.k8s.io/v1beta2 2 | caCertPath: /etc/kubernetes/pki/ca.crt 3 | discovery: 4 | bootstrapToken: 5 | apiServerEndpoint: {{ K8S_API_ADVERTISE_ADDRESS }}:6443 6 | token: nq9nmo.qmqa3fndev38vnvq 7 | caCertHashes: 8 | - sha256:a5dcbe50f14bb15073dfde160dc7b0941bde6c184d460590948ec0ec31c67f41 9 | unsafeSkipCAVerification: true 10 | timeout: 5m0s 11 | tlsBootstrapToken: nq9nmo.qmqa3fndev38vnvq 12 | kind: JoinConfiguration 13 | nodeRegistration: 14 | criSocket: /var/run/dockershim.sock 15 | name: {{ WORKER_NODE_HOSTNAME }} 16 | taints: null 17 | -------------------------------------------------------------------------------- /images/f5gc-amf/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE amf 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./amf" ] 33 | CMD [ "-amfcfg", "../config/amfcfg.conf" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29518/tcp 37 | EXPOSE 38412/sctp 38 | -------------------------------------------------------------------------------- /images/f5gc-amf/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=amf 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/amf"] 23 | CMD ["-amfcfg", "config/amfcfg.conf"] 24 | -------------------------------------------------------------------------------- /images/f5gc-amf/cert/amf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEogIBAAKCAQEAqXpvTc1WpUqw6NI6+VcjBDf4tE2Zg/ebZx7Dr3th9P7GAI66 3 | kVyooVm89asvZIadg+0kRzuHR8cAohaBOrHGdQttdox2Tz14nNqOtIMTg42YhOxF 4 | uS9MLL6bR+TzLi6OElT+SZMFBsGGdNVUR3U0sf0VkblzgipbiKnJqDQoeH/4RHec 5 | lrwIBqsrbKgVSsNhEPQWCaErFHnZnfR48/UHVY+9lFlQsBcgX1IM9lR/EgudBZWY 6 | BIx0wTYy+Tq4kR7+GtJxlfmEWT3bACI2uY1D9u1zpvjf3cxwwk0K4oT7WLIq/onR 7 | eITyTbocHtMhGqvM6iryh81PlaFhmQeBLLE4WQIDAQABAoIBAC9RieYVIM4Brqcy 8 | m1impZY18nCVAfnAllkSU9yY/F6lC694KksPrd1u6r1E0HSmyS/edDSXQEwgGeMn 9 | mWlD3X8sc6GX0iiJpzVUKGfp+PbP//eM6GKt+/y6Myy9ldAdG3mu1VjBfbPHML1K 10 | Gr/gz5eqa+1F9CQxo2Di1vTpqysJS2UKiW0VCIYPM+gTUWj1mgiGt56yk/p6YAyS 11 | +6DZm19k+zr1M+d6iKPySfYOpC2UhyrbWWUNlMAERjm/cPkCRoHrrM9ZpHvSLxmL 12 | ABSG6OX4iDNQexDeIdrRWPHeArJ9cB/ucHhkAvFXLWrYZYCwfQijz/Yxa6ZzPZKW 13 | gJxWcaECgYEA2PK/QuD7FSxgUokDbqWnsFL8O2gHuOCi0lps268lRbrUM6KhFjg5 14 | KCjUzayvFqC3s0aMXXZ1/VoN8JgCiWIMbVmmBaAYEOe4ajlqOMhLD2kKqaZ3yI2X 15 | UJz1zGtV5lZuBQ6FOGNWTETlUBIFtg+goEH7Zf7VC8z/i1IVtyYcCCUCgYEAx/w1 16 | 5UHu3w4BZaUPYOJJ9RktJ/q+ptIDQl/xt1mAFzZ/u/m3WVJsDnOA1IGvHTnjHELK 17 | 078Y4CRoY4mEXfZPJsl7PArVDr8huwrLqwNDwJZ77YMjkpRhhYlUK12KLlMocC42 18 | V8p+YFenELAE9Lky4jYRCoGejyq4yAJVYq3sbyUCgYB842kE9/yyWKRuft9R79zT 19 | nUIEdMOVQwOYMmPeJzo+pOmJfAJdhyooGzE94T29ufFmK6OcHhiYKyJBMVCsg5wB 20 | ywzOyjVwbeR0ie7DF1JWYbK4rNLhydikmGbLMbL2cSTOlmhMaKsCJtsXN/i/sMlX 21 | 2AP/2C4OqAkny64ii7axXQKBgAbOCC9y3OPuIBILWcicKpQSdTzlBVO71ayOgzUP 22 | 8JHZouMMjjaV3WNofru8Ze8Cpz2w8CHgYMJPutWYOk7QMMVLGcxjOfi0fDtXFLMO 23 | +2E0PadJTQ6Ryfe3QovvNOJ6peebSvIVy9MPaHni42hIXPjhihbnbjPE6mCz45/l 24 | 9yOZAoGANrcL3qNMD6PDIvknr3Y7rhMStZsEdkFEGBTUSP4pZbwHnNIKX5iQluw7 25 | Aawx2ZidYh89X8LFkPsup5OGTrAUP/TPCgXA+aZlO0yjVMCFlA7D+MTiNOeSOe// 26 | 0dAVhuRAFS510v0NfSPlLnSfA69jEcpuewf94ITMRj6MIiYLpxc= 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /images/f5gc-amf/cert/amf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDUzCCAjugAwIBAgIJANC4esPC102UMA0GCSqGSIb3DQEBCwUAMEAxCzAJBgNV 3 | BAYTAlRXMRAwDgYDVQQIDAdIc2luY2h1MQ0wCwYDVQQHDARjaXR5MRAwDgYDVQQK 4 | DAdmcmVlNUdDMB4XDTE5MDcxODA3NTkwOFoXDTI5MDcxNTA3NTkwOFowQDELMAkG 5 | A1UEBhMCVFcxEDAOBgNVBAgMB0hzaW5jaHUxDTALBgNVBAcMBGNpdHkxEDAOBgNV 6 | BAoMB2ZyZWU1R0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpem9N 7 | zValSrDo0jr5VyMEN/i0TZmD95tnHsOve2H0/sYAjrqRXKihWbz1qy9khp2D7SRH 8 | O4dHxwCiFoE6scZ1C212jHZPPXic2o60gxODjZiE7EW5L0wsvptH5PMuLo4SVP5J 9 | kwUGwYZ01VRHdTSx/RWRuXOCKluIqcmoNCh4f/hEd5yWvAgGqytsqBVKw2EQ9BYJ 10 | oSsUedmd9Hjz9QdVj72UWVCwFyBfUgz2VH8SC50FlZgEjHTBNjL5OriRHv4a0nGV 11 | +YRZPdsAIja5jUP27XOm+N/dzHDCTQrihPtYsir+idF4hPJNuhwe0yEaq8zqKvKH 12 | zU+VoWGZB4EssThZAgMBAAGjUDBOMB0GA1UdDgQWBBTRNsNPYUMfmh6xMHsYpdhz 13 | GAlUszAfBgNVHSMEGDAWgBTRNsNPYUMfmh6xMHsYpdhzGAlUszAMBgNVHRMEBTAD 14 | AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQANX8eve1eV6G8m6kcBeD664yI9v9ELVXPV 15 | XJ06Vlrcx3xYzpyO2aIDlbA++zfS1Fdlczmn1bSh2jKyRi0JPq8Bc2bvpKUPU+jL 16 | vYIcbLaUkT+YeknDOOMDLpwpZRyuTWw1dZg/LnlGkuSgjgpvyrNhXdx216TwgjGX 17 | ao7hqQDzumH/CIX1/Bw19xjvy8y21fqgIjpgL4yB/1erC4i/I2Z+mZEb3DH459gz 18 | sTmrUHUjO0mSVHmnLYKaYJbRYQGPUQTg5fIYasOAFG3K3C485MGRgMiSkrAC7A2M 19 | ZHioUNtm3XF9tfE1srtLsPGfypiM/hiGWIlgYJHUh8NYjQIXF9Pb 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /images/f5gc-amf/config/amfcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: AMF initial local configuration 4 | 5 | configuration: 6 | amfName: AMF 7 | ngapIpList: 8 | - 172.16.10.11 9 | sbi: 10 | scheme: http 11 | registerIPv4: f5gc-amf 12 | bindingIPv4: 0.0.0.0 13 | port: 29518 14 | serviceNameList: 15 | - namf-comm 16 | - namf-evts 17 | - namf-mt 18 | - namf-loc 19 | - namf-oam 20 | servedGuamiList: 21 | - plmnId: 22 | mcc: 208 23 | mnc: 93 24 | amfId: cafe00 25 | supportTaiList: 26 | - plmnId: 27 | mcc: 208 28 | mnc: 93 29 | tac: 1 30 | plmnSupportList: 31 | - plmnId: 32 | mcc: 208 33 | mnc: 93 34 | snssaiList: 35 | - sst: 1 36 | sd: 010203 37 | - sst: 1 38 | sd: 112233 39 | supportDnnList: 40 | - internet 41 | nrfUri: http://f5gc-nrf:29510 42 | security: 43 | integrityOrder: 44 | - NIA2 45 | # - NIA0 46 | cipheringOrder: 47 | - NEA0 48 | # - NEA2 49 | networkName: 50 | full: free5GC 51 | short: free 52 | t3502: 720 53 | t3512: 3600 54 | non3gppDeregistrationTimer: 1000 55 | -------------------------------------------------------------------------------- /images/f5gc-ausf/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE ausf 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./ausf" ] 33 | CMD [ "-ausfcfg", "../config/ausfcfg.conf" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29509 37 | -------------------------------------------------------------------------------- /images/f5gc-ausf/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=ausf 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/ausf"] 23 | CMD ["-ausfcfg", "config/ausfcfg.conf"] 24 | -------------------------------------------------------------------------------- /images/f5gc-ausf/cert/ausf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEA5tfKck1ZCBa/t6MKLfU9aVpHUHTrTNLU2Ub6HfpflcChaFGc 3 | WkW8HcIqCjNY9YzjEBEohlp5Xf2usway3/0PCe2kI4KA44QkFq0J/+hb3zga+GX2 4 | vUiGIRZUW09ZUHw7XjJICd8HflC3jUnb2F0On7OyKdAqeVfMxfZfvW6Zs95Gt0b3 5 | l4W71KfVr2WH/Jp/w14NtSKsX7HWFVOXw9inGdYqjdlmT4fIK7dHw1KFjR+c5nlR 6 | sMV8bos7ntJdhEmwNBwBmRpaky1fCdcTKSV0NYgDBEjB773B/dLBVI61SEYpYNQh 7 | qH5sr7BqxtVOPfUcCTmOkQvnLGaiYHbaIKC8lQIDAQABAoIBAD5fmEgCNkhFPVA1 8 | MY7xcMKCrjpDHUEIxpJe5z4qZKFmBzbUtlZ9+TJhQFK5RRQ0GTZCLJ0A3UJURVwC 9 | N1rmWaXpHCysGn9fOREXeFg5RHmwAzmS83R5oCRYkDqL2ioxJylwlJ52MOQkkzQN 10 | /OUdX9IvD7jUkmVvH9ltlLjupYE/zoISTAWiUaVvDOrl5eVpCpAkbz7iJGLrP7dG 11 | lF+qnFo13ex/DnsVSkFUxwsizpZ7IggfAw7l74GbkfiM7T95kwIFdP8KFuOUa3un 12 | bfV1UCGE1pKmWhBlOnB9ZFpXBjzbPTIB0MQErUQMX/qD9VRuyGdN/LjVXtUPhlZT 13 | qt3RrBECgYEA/moEBHdd44HGPOMnL3ZZVu6M5nDpodYfXGwhwonZdb1dSSHyRItl 14 | PWi/NmOJ2LG4tFrsPNJdxJy3mT+X+awgpHNaT7GrZlEDRSS/1KDGWRMgyr7P0Eyx 15 | or6OnVI6hTMSAsJdnsOOa7KeUOcacm05EuXRaWpdnbzELsa1t3dbhWcCgYEA6Egp 16 | PohxEHoxiZ52Mfa+TCWAB+8jp96Gd4rq//xtAYbE+pmSbh/o3oPWAJsHn7YxwgsL 17 | YzJbBOja7TLGa8LICMB19K/f+l0t/TYuEAboTnGctVvHwHG7Ll96bZGiEojzs7Lj 18 | 4T3L9YdA4finfSWfdQNk2T3IBlJXDcxhwu+jVKMCgYBM7e/DDfkk9zPja2iI8Id5 19 | Qu72K4Rp/F5FSyk2Mwq/kIApwgsI8QGu/QJ8xsKC9NJ+LtQqXA4giqb1vwYMaCEC 20 | uSLA4F+Ms8iCWudquybe/mq3A9XBDb/VDzv+lEO/zT6P+QfoHwfsxvkaS5dyrFZK 21 | wZV+A7zFGrRT1KBUFtJk1wKBgQCbcf83+/M+Raf1IviSQz/ikY32wVCpPL/cLDlM 22 | Ck+gn+IemrtluzEKCEwkp5sYhMMTynRadA55YKNx7XLgFr/rK3FEyJYpZEYsmB+H 23 | VjgMlvd6Xut0nCfZxseVn8pIgSIl9eeOit59d4AyOUdM9uqZUiYhQ7kikeP0NfyO 24 | ifRR5QKBgD83DHQWgA3C4f9Q3oif9grvCP1r+suqonTmpB4hpW01IlC0YluCEl12 25 | 6U9hr6047BB2tl2uGODI8IBY2wkoCKVjCebuEeVuIa76CxhG0IERi3gmBl4krbDi 26 | n5z1Islfc+UqSK3IZbHQB7a/iGSUX0mhAahLHX+rzIXl4oUykSCz 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /images/f5gc-ausf/cert/ausf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDYDCCAkigAwIBAgIJAKhXRBF0PdYcMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV 3 | BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX 4 | aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzIzMDY1MzIwWhcNMjkwNzIwMDY1MzIwWjBF 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 7 | CgKCAQEA5tfKck1ZCBa/t6MKLfU9aVpHUHTrTNLU2Ub6HfpflcChaFGcWkW8HcIq 8 | CjNY9YzjEBEohlp5Xf2usway3/0PCe2kI4KA44QkFq0J/+hb3zga+GX2vUiGIRZU 9 | W09ZUHw7XjJICd8HflC3jUnb2F0On7OyKdAqeVfMxfZfvW6Zs95Gt0b3l4W71KfV 10 | r2WH/Jp/w14NtSKsX7HWFVOXw9inGdYqjdlmT4fIK7dHw1KFjR+c5nlRsMV8bos7 11 | ntJdhEmwNBwBmRpaky1fCdcTKSV0NYgDBEjB773B/dLBVI61SEYpYNQhqH5sr7Bq 12 | xtVOPfUcCTmOkQvnLGaiYHbaIKC8lQIDAQABo1MwUTAdBgNVHQ4EFgQUYD0n5aiC 13 | y2cCIvOf2+d4/jX7TokwHwYDVR0jBBgwFoAUYD0n5aiCy2cCIvOf2+d4/jX7Tokw 14 | DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtWk3cRE4UHm+5zHG 15 | aOarrZSsq9kaRBy2j1wPq94CXaNKdKdU5v99Fi7XCkdVow0/7h+RW4bRRxUOc+HJ 16 | SKT9TeMTzkY1C4nUDXBiN8hNWQ+EPFliy938OEYRIgeV7u6mMHgV2r76h7ItTE/9 17 | no+1vT4LzVNSM3nsEx9W5TgOiXqt/d0+PyTx48befwPN1mKsmOi7ipaD8JlakAnz 18 | Nn9aNJMdq/VJaLhP+4F/1UCJANQVzZlSn4LFKJlfvRIBX8wpXYoz3JYAa6wYVF90 19 | JVoBhhrhQpbxgQSDskXT5pT5/YVSnPlRuSBMamGsXWcXeMPCCsCJiLC765v0t5vT 20 | heItBA== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /images/f5gc-ausf/config/ausfcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: AUSF initial local configuration 4 | 5 | configuration: 6 | sbi: 7 | scheme: http 8 | registerIPv4: f5gc-ausf 9 | bindingIPv4: 0.0.0.0 10 | port: 29509 11 | serviceNameList: 12 | - nausf-auth 13 | nrfUri: http://f5gc-nrf:29510 14 | plmnSupportList: 15 | - mcc: 208 16 | mnc: 93 17 | - mcc: 123 18 | mnc: 45 19 | groupId: ausfGroup001 20 | -------------------------------------------------------------------------------- /images/f5gc-build-base/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM golang:1.14.4-stretch AS builder 2 | 3 | LABEL maintainer="Free5GC " 4 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 5 | 6 | RUN apt-get update 7 | RUN apt-get -y install gcc cmake autoconf libtool pkg-config libmnl-dev libyaml-dev 8 | RUN apt-get clean 9 | 10 | # Get Free5GC v3.0.4 11 | ENV FREE5GC_VERSION=v3.0.4 12 | RUN cd $GOPATH/src \ 13 | && git clone --recursive -j 33 -b ${FREE5GC_VERSION} https://github.com/free5gc/free5gc.git \ 14 | && cd free5gc \ 15 | && go mod download 16 | 17 | COPY Makefile $GOPATH/src/free5gc/Makefile 18 | 19 | # Patch Free5GC v3.0.4 (TODO: Separate it as Script files) 20 | # 20201104_nasConvert: Temporary Fix to correspond for Mapped NSSAI which is have not been implemented in current free5gc 21 | # Ref: . 22 | # 20201110_nrf_smf_selection_by_slice: SMF Selection by S-NSSAI in AMF have not been implemented in current free5gc 23 | # Ref: https://github.com/free5gc/free5gc/issues/103 24 | 25 | COPY patches/ $GOPATH/src/free5gc/patches/ 26 | RUN cd $GOPATH/src/free5gc && \ 27 | cp patches/nas/20201104_nasConvert.patch lib/nas && \ 28 | cp patches/nrf/20201110_nrf_smf_selection_by_slice.patch src/nrf && \ 29 | cd $GOPATH/src/free5gc/lib/nas && \ 30 | git apply --ignore-whitespace 20201104_nasConvert.patch && \ 31 | cd $GOPATH/src/free5gc/src/nrf && \ 32 | git apply --ignore-whitespace 20201110_nrf_smf_selection_by_slice.patch 33 | 34 | # Build NFs (AMF, AUSF, N3IWF, NRF, NSSF, PCF, SMF, UDM, UDR, UPF) 35 | RUN cd $GOPATH/src/free5gc \ 36 | && make all 37 | 38 | # Build WebUI 39 | RUN cd $GOPATH/src/free5gc/webconsole \ 40 | && CGO_ENABLED=0 go build -a -installsuffix nocgo -o webui -x server.go 41 | 42 | # Alpine is used for debug purpose. You can use scratch for a smaller footprint. 43 | FROM alpine 44 | 45 | WORKDIR /free5gc 46 | RUN mkdir -p config/ support/TLS/ public 47 | 48 | # Copy executables 49 | COPY --from=builder /go/src/free5gc/bin/* ./ 50 | COPY --from=builder /go/src/free5gc/src/upf/build/bin/* ./ 51 | COPY --from=builder /go/src/free5gc/webconsole/webui ./ 52 | 53 | # Copy static files (webui frontend) 54 | COPY --from=builder /go/src/free5gc/webconsole/public ./public 55 | 56 | # Copy linked libs 57 | COPY --from=builder /go/src/free5gc/src/upf/build/updk/src/third_party/libgtp5gnl/lib/libgtp5gnl.so.0 ./ 58 | COPY --from=builder /go/src/free5gc/src/upf/build/utlt_logger/liblogger.so ./ 59 | 60 | # Copy configuration files (not used for now) 61 | COPY --from=builder /go/src/free5gc/config/* ./config/ 62 | COPY --from=builder /go/src/free5gc/src/upf/build/config/* ./config/ 63 | 64 | # Copy default certificates (not used for now) 65 | COPY --from=builder /go/src/free5gc/support/TLS/* ./support/TLS/ 66 | -------------------------------------------------------------------------------- /images/f5gc-build-base/Dockerfile.ubuntu18: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | 3 | LABEL maintainer="Yoshifumi Sumida " 4 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 5 | 6 | ARG GIT_TAG=latest 7 | LABEL name="free5gc" \ 8 | version="${GIT_TAG}.ubuntu18" \ 9 | io.k8s.description="Image containing all build dependencies for free5gc." 10 | 11 | RUN apt-get update && \ 12 | apt-get install -y \ 13 | autoconf=2.69-11 \ 14 | cmake=3.10.2-1ubuntu2.18.04.1 \ 15 | gcc=4:7.4.0-1ubuntu2.3 \ 16 | git=1:2.17.1-1ubuntu0.6 \ 17 | libmnl-dev=1.0.4-2 \ 18 | libtool=2.4.6-2 \ 19 | libyaml-dev=0.1.7-2ubuntu3 \ 20 | make=4.1-9.1ubuntu1 \ 21 | pkg-config=0.29.1-0ubuntu2 \ 22 | upx-ucl=3.94-4 \ 23 | wget=1.19.4-1ubuntu2.2 && \ 24 | apt-get clean && \ 25 | rm -rf /var/lib/apt/lists/* 26 | 27 | # Installing Golang 28 | ARG GO_VERSION=1.14.4 29 | 30 | WORKDIR /go 31 | RUN wget https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz && \ 32 | tar -C /usr/local -zxvf go${GO_VERSION}.linux-amd64.tar.gz && \ 33 | mkdir -p {bin,pkg,src} 34 | 35 | ENV GOPATH=/go 36 | ENV GOROOT=/usr/local/go 37 | ENV PATH=${PATH}:${GOPATH}/bin:${GOROOT}/bin 38 | ENV GO111MODULE=off 39 | 40 | # Clean Up Binaries already exist and Installing Free5gc 41 | ARG FREE5GC_VERSION=master 42 | ARG FREE5GC_COMMITID=8c7f82f5288d3973a18a4f5edf22274c4920dc97 43 | ARG FREE5GC_GIT=https://github.com/free5gc/free5gc 44 | 45 | WORKDIR /go/src 46 | COPY patches patches/ 47 | RUN set -o pipefail && \ 48 | ; 49 | echo '[*] Build the Network Functions for Contorl Plane' && \ 50 | ; 51 | git clone --recursive -b ${FREE5GC_VERSION} -j 4 --depth 1 ${FREE5GC_GIT} && \ 52 | cd ./free5gc && \ 53 | git checkout ${FREE5GC_COMMITID} && \ 54 | cd ./src && \ 55 | go mod download && \ 56 | for d in * ; do if [ -f "$d/$d.go" ] ; then CGO_ENABLED=0 go build -a -installsuffix nocgo -o ../bin/"$d" -x "$d/$d.go" ; fi ; done ; && \ 57 | ; 58 | echo '[*] Build the Network Function for User Plane' && \ 59 | ; 60 | go get -u -v "github.com/sirupsen/logrus" && \ 61 | cd ${GOPATH}/src/free5gc/src/upf && \ 62 | mkdir -p build && \ 63 | cd ./build && \ 64 | cmake .. && \ 65 | make -j `nproc` && \ 66 | ; 67 | echo '[*] Build the Web Console for Free5GC Operation' && \ 68 | ; 69 | cd ${GOPATH}/src/free5gc/webconsole && \ 70 | CGO_ENABLED=0 go build -a -installsuffix nocgo -o webui -x server.go && \ 71 | -------------------------------------------------------------------------------- /images/f5gc-build-base/Makefile: -------------------------------------------------------------------------------- 1 | GO_BIN_PATH = bin 2 | GO_SRC_PATH = src 3 | C_BUILD_PATH = build 4 | 5 | NF = $(GO_NF) $(C_NF) 6 | GO_NF = amf ausf nrf nssf pcf smf udm udr n3iwf 7 | C_NF = upf 8 | 9 | NF_GO_FILES = $(shell find $(GO_SRC_PATH)/$(%) -name "*.go" ! -name "*_test.go") 10 | 11 | VERSION = $(shell git describe --tags) 12 | BUILD_TIME = $(shell date -u +"%Y-%m-%dT%H:%M:%SZ") 13 | COMMIT_HASH = $(shell git submodule status | grep $(GO_SRC_PATH)/$(@F) | awk '{print $$(1)}' | cut -c1-8) 14 | COMMIT_TIME = $(shell cd $(GO_SRC_PATH)/$(@F) && git log --pretty="%ai" -1 | awk '{time=$$(1)"T"$$(2)"Z"; print time}') 15 | LDFLAGS = -X free5gc/src/$(@F)/version.VERSION=$(VERSION) \ 16 | -X free5gc/src/$(@F)/version.BUILD_TIME=$(BUILD_TIME) \ 17 | -X free5gc/src/$(@F)/version.COMMIT_HASH=$(COMMIT_HASH) \ 18 | -X free5gc/src/$(@F)/version.COMMIT_TIME=$(COMMIT_TIME) 19 | 20 | 21 | .PHONY: $(NF) clean 22 | 23 | all: $(NF) 24 | 25 | $(GO_NF): % : $(GO_BIN_PATH)/% 26 | 27 | $(GO_BIN_PATH)/%: %.go $(NF_GO_FILES) 28 | # $(@F): The file-within-directory part of the file name of the target. 29 | @echo "Start building $(@F)...." 30 | CGO_ENABLED=0 go build -a -installsuffix nocgo -ldflags "$(LDFLAGS)" -o $@ $< 31 | 32 | vpath %.go $(addprefix $(GO_SRC_PATH)/, $(GO_NF)) 33 | 34 | $(C_NF): % : 35 | @echo "Start building $@...." 36 | cd $(GO_SRC_PATH)/$@ && \ 37 | rm -rf $(C_BUILD_PATH) && \ 38 | mkdir -p $(C_BUILD_PATH) && \ 39 | cd ./$(C_BUILD_PATH) && \ 40 | cmake .. && \ 41 | make -j$(nproc) 42 | 43 | clean: 44 | rm -rf $(addprefix $(GO_BIN_PATH)/, $(GO_NF)) 45 | rm -rf $(addprefix $(GO_SRC_PATH)/, $(addsuffix /$(C_BUILD_PATH), $(C_NF))) 46 | -------------------------------------------------------------------------------- /images/f5gc-build-base/patches/nas/20201104_nasConvert.patch: -------------------------------------------------------------------------------- 1 | diff --git a/nasConvert/Nssai.go b/nasConvert/Nssai.go 2 | index fd4665d..838eec9 100644 3 | --- a/nasConvert/Nssai.go 4 | +++ b/nasConvert/Nssai.go 5 | @@ -35,6 +35,16 @@ func requestedSnssaiToModels(buf []byte) (snssai models.Snssai, length int) { 6 | snssai.Sst = int32(buf[1]) 7 | snssai.Sd = hex.EncodeToString(buf[2:5]) 8 | length = 5 9 | + case 0x08: // sst + sd + mapped hplmn sst + mapped hplmn sd 10 | + snssai.Sst = int32(buf[1]) 11 | + snssai.Sd = hex.EncodeToString(buf[2:5]) 12 | + // Not Implemented 13 | + // TS 29.531 / 6.1.6.2.8 Type: MappingOfSnssai 14 | + // var mappingOfSnssai models.MappingOfSnssai 15 | + // mappingOfSnssai.ServingSnssai = snssai 16 | + // mappingOfSnssai.HomeSnssai.Sst = int(buf[5]) 17 | + // mappingOfSnssai.HomeSnssai.Sd = hexEncodeToString(buf[6:9]) 18 | + length = 9 19 | default: 20 | fmt.Printf("Not Supported length: %d\n", lengthOfSnssaiContents) 21 | } 22 | -------------------------------------------------------------------------------- /images/f5gc-build-base/patches/nrf/20201110_nrf_smf_selection_by_slice.patch: -------------------------------------------------------------------------------- 1 | diff --git a/producer/nf_discovery.go b/producer/nf_discovery.go 2 | index 4faf116..142a980 100644 3 | --- a/producer/nf_discovery.go 4 | +++ b/producer/nf_discovery.go 5 | @@ -314,12 +314,24 @@ func buildFilter(queryParameters url.Values) bson.M { 6 | logger.DiscoveryLog.Warnln("Unmarshal Error in snssaiBsonM", err) 7 | } 8 | 9 | - snssaisBsonArray = append(snssaisBsonArray, bson.M{"sNssais": bson.M{"$elemMatch": snssaiBsonM}}) 10 | + // snssaisBsonArray = append(snssaisBsonArray, bson.M{"sNssais": bson.M{"$elemMatch": snssaiBsonM}}) 11 | + 12 | + if targetNfType == "SMF" { 13 | + snssaisBsonArray = append(snssaisBsonArray, bson.M{"smfInfo.sNssaiSmfInfoList": bson.M{"$elemMatch": bson.M{"sNssai": snssaiBsonM}}}) 14 | + } else { 15 | + snssaisBsonArray = append(snssaisBsonArray, bson.M{"sNssais": bson.M{"$elemMatch": snssaiBsonM}}) 16 | + } 17 | } 18 | } 19 | 20 | // if not assign, serve all NF 21 | - snssaisBsonArray = append(snssaisBsonArray, bson.M{"sNssais": bson.M{"$exists": false}}) 22 | + // snssaisBsonArray = append(snssaisBsonArray, bson.M{"sNssais": bson.M{"$exists": false}}) 23 | + 24 | + if targetNfType == "SMF" { 25 | + snssaisBsonArray = append(snssaisBsonArray, bson.M{"smfInfo.sNssaiSmfInfoList": bson.M{"sNssai": bson.M{"$exists": false}}}) 26 | + } else { 27 | + snssaisBsonArray = append(snssaisBsonArray, bson.M{"sNssais": bson.M{"$exists": false}}) 28 | + } 29 | 30 | snssaisFilter := bson.M{ 31 | "$or": snssaisBsonArray, 32 | -------------------------------------------------------------------------------- /images/f5gc-gnbsim/Dockerfile.ubuntu18: -------------------------------------------------------------------------------- 1 | FROM golang:1.14.4-stretch AS builder 2 | 3 | LABEL maintainer="Yoshifumi Sumida " 4 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 5 | 6 | RUN apt-get update && \ 7 | apt-get install -y \ 8 | gcc \ 9 | cmake \ 10 | autoconf \ 11 | libtool \ 12 | pkg-config \ 13 | libmnl-dev \ 14 | libyaml-dev && \ 15 | apt-get clean && \ 16 | rm -rf /var/lib/apt/lists/* 17 | 18 | # Get and Build GNBSIM 19 | RUN cd $GOPATH/src && \ 20 | git clone https://github.com/hhorai/gnbsim && \ 21 | cd gnbsim && \ 22 | make -j`nproc` 23 | 24 | FROM ubuntu:18.04 25 | 26 | WORKDIR /gnbsim 27 | 28 | # Copy executables 29 | COPY --from=builder /go/src/gnbsim/example/example example 30 | COPY --from=builder /go/src/gnbsim/example/example.json example.json 31 | 32 | ENTRYPOINT ["./example"] 33 | -------------------------------------------------------------------------------- /images/f5gc-gnbsim/config/example.json: -------------------------------------------------------------------------------- 1 | { 2 | "GlobalGNBID": { 3 | "mcc": 208, 4 | "mnc": 93, 5 | "gnbid": 1 6 | }, 7 | "SupportedTAList" : [ 8 | { 9 | "TAC": "0x000001", 10 | "BroadcastPLMNList": [ 11 | { 12 | "MCC": 208, 13 | "MNC": 93, 14 | "SliceSupportList": [ 15 | { 16 | "SST": 1, 17 | "SD": "010203" 18 | }, 19 | { 20 | "SST": 1, 21 | "SD": "112233" 22 | } 23 | ] 24 | } 25 | ] 26 | } 27 | ], 28 | "PagingDRX" : "v32", 29 | "RANUENGAPID" : 0, 30 | "UE": { 31 | "imeisv": "0000000100000101", 32 | "msin": "0000000001", 33 | "mcc": 208, 34 | "mnc": 93, 35 | "RoutingIndicator": 1234, 36 | "ProtectionScheme": "null", 37 | "AuthParam": { 38 | "K": "8baf473f2f8fd09487cccbd7097c6862", 39 | "OPc": "8e27b6af0e692e750f32667a3b14605d" 40 | }, 41 | "snssai": { 42 | "sst": 1, 43 | "sd": "010203" 44 | }, 45 | "dnn": "internet", 46 | "url": "http://localhost" 47 | }, 48 | "ULInfoNR": { 49 | "NRCGI": { 50 | "PLMN": { 51 | "mcc": 208, 52 | "mnc": 93 53 | }, 54 | "NRCellID": 1 55 | }, 56 | "TAI": { 57 | "PLMN": { 58 | "mcc": 208, 59 | "mnc": 93 60 | }, 61 | "TAC": "0x000001" 62 | } 63 | }, 64 | "GTPuAddr": "192.168.10.10", 65 | "GTPuIFname": "net1", 66 | "GTPuTEID": 2 67 | } 68 | -------------------------------------------------------------------------------- /images/f5gc-nrf/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE nrf 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./nrf" ] 33 | CMD [ "-nrfcfg", "../config/nrfcfg.conf" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29510 37 | -------------------------------------------------------------------------------- /images/f5gc-nrf/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=nrf 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/nrf"] 23 | CMD ["-nrfcfg", "config/nrfcfg.conf"] 24 | -------------------------------------------------------------------------------- /images/f5gc-nrf/config/free5GC.conf: -------------------------------------------------------------------------------- 1 | db_uri: mongodb://localhost:27017/free5gc 2 | 3 | #all logging levels 4 | #panic 5 | #fatal 6 | #error 7 | #warn 8 | #debug 9 | #debug 10 | #trace 11 | logger: 12 | # network function 13 | AMF: 14 | debugLevel: debug 15 | ReportCaller: true 16 | SMF: 17 | debugLevel: debug 18 | ReportCaller: true 19 | UDR: 20 | debugLevel: debug 21 | ReportCaller: true 22 | UDM: 23 | debugLevel: debug 24 | ReportCaller: true 25 | NRF: 26 | debugLevel: debug 27 | ReportCaller: true 28 | PCF: 29 | debugLevel: debug 30 | ReportCaller: true 31 | AUSF: 32 | debugLevel: debug 33 | ReportCaller: true 34 | N3IWF: 35 | debugLevel: debug 36 | ReportCaller: true 37 | # library 38 | NAS: 39 | debugLevel: debug 40 | ReportCaller: true 41 | FSM: 42 | debugLevel: debug 43 | ReportCaller: true 44 | NGAP: 45 | debugLevel: debug 46 | ReportCaller: true 47 | NamfComm: 48 | debugLevel: debug 49 | ReportCaller: true 50 | NamfEventExposure: 51 | debugLevel: debug 52 | ReportCaller: true 53 | NsmfPDUSession: 54 | debugLevel: debug 55 | ReportCaller: true 56 | NudrDataRepository: 57 | debugLevel: debug 58 | ReportCaller: true 59 | OpenApi: 60 | debugLevel: debug 61 | ReportCaller: true 62 | Aper: 63 | debugLevel: debug 64 | ReportCaller: true 65 | CommonConsumerTest: 66 | debugLevel: debug 67 | ReportCaller: true 68 | # webui 69 | WEBUI: 70 | debugLevel: debug 71 | ReportCaller: true 72 | -------------------------------------------------------------------------------- /images/f5gc-nrf/config/nrfcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: NRF initial local configuration 4 | 5 | configuration: 6 | MongoDBName: "free5gc" 7 | MongoDBUrl: "mongodb://f5gc-mongodb:27017" 8 | DefaultServiceIP: "f5gc-nrf" 9 | sbi: 10 | scheme: http 11 | ipv4Addr: 0.0.0.0 12 | port: 29510 13 | DefaultPlmnId: 14 | mcc: "208" 15 | mnc: "93" 16 | serviceNameList: 17 | - nnrf-nfm 18 | - nnrf-disc 19 | -------------------------------------------------------------------------------- /images/f5gc-nssf/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE nssf 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./nssf" ] 33 | CMD [ "-nssfcfg", "../config/nssfcfg.conf" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29531 37 | -------------------------------------------------------------------------------- /images/f5gc-nssf/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=nssf 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/nssf"] 23 | CMD ["-nssfcfg", "config/nssfcfg.conf"] 24 | -------------------------------------------------------------------------------- /images/f5gc-nssf/cert/nssf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAwsrvEP7x76q1/dMEovHMHDowdcpHUfffSsLHiHE/fNpu+8FJ 3 | 3l0M4sBtBkoZ4ymlJOtUGGAbRKSy9CB01WfEd/zSeoxbk+oxZVLlopXJMaowTmiw 4 | fmqrhHTf4+gOzWLl3Qws19FiQrEpOPPUIRLejXjVt1iSjpUBqklfk6qme2ajv7SW 5 | AWZ2J5JcOAvnPHCdiW0LhR02veU3c/Hjcvz1tvbUYPHdUdfT4Z78qLHNG7R033E5 6 | 9GoVcmQTGvBOGkjTO+7tuzoB6uV/iNsIZ62xh2NUKpoi/2NHO5uzN9XvNnGBPWPM 7 | 6vEuIG7RTgLZXkjr1ntRDPjTxR9uxbOTtoKlhQIDAQABAoIBABKPzeobsSg6Zy8x 8 | vX5ddiq2bMm8pcEs0o1INEVPLVKTagH5cDWNPl4ZIgp4YzEfVcpH1nKgLdkDrL3Q 9 | nfF7+t/IKrJcz5kvttdF5/XvOgXOht3h4feZ6JAtpuwLv+VYaDkBIQDLxgY+5YO0 10 | 0GD6cFSg0BSxjv2hO1Bjv4TNvSGDAr+b1qIPJc+hJfxTYksPqijATOAov1oWfntZ 11 | o5bwu2sZYYBaMN3mWNT5RI+0LPmEvBpS4zasFjmGzIuhGiW9+Qy7n6zE1rjyOjt7 12 | aXqQmi1MpchLEEZ8YKZ5yCqse+LPnOVo41K02n9cRbpyx2PlOEzaZAhf4OhHAux0 13 | 7PMvk8ECgYEA52jiR4GnrP5k57WL5PWW/d71uCnkB7bsAA5plhA/L8M3cBtH1D10 14 | XzxhJsgD4gzvOBbHdzlQlv1qaSEonXiBfDRYI6vE2jdF12/P1FnRn6itAsPyv8+B 15 | eTugbtK1QyOUUFbWidluKYZyc8NBshdQs2MAGrxEIPyp9RsEWoElmXECgYEA133y 16 | EO6ZSF7hOWtyajdbRl3U7W3ueVAcZ+XAwHg/1CR/DKP10nk41YoPKen+2eTtwPuz 17 | FcJiTSiQTz24NC8oa1/HJOJisCzsY0hnr0eIfv8vh8KGZ+twNURMfRHDOgUHbPRA 18 | k07Ua9qElLBS+K6IjFHBw/R5x7lV/Aut+h2wY1UCgYEA2yAcNS33Av8ZubfVsodD 19 | 5T39W9h/DzcNnrgHD4xu6OFoW4XZrIZM7emU7U41LxakZ25ajvD8+R0aaFZ3yTVV 20 | F7HRTGXYz/HK9sfv+traft8QhS/ba/ooVg46SvbHob3NMY4pNPtpL3UaZ7gbO3KM 21 | fnFepfJkaQAYR/q/Upw8aGECgYAU8R9yN83bs6TNsLx4yBJtvzavMEzJq1hnXHOk 22 | AMurMTTLpK+CGdfFINqiZyQmRtI4O/3GcpKdDwEfQk9BewfBj5hJ5FpU5ri+WU4C 23 | QcBpHyGeXvAy7zWDZ7TLPsurOsvi8cXIyxNnu9/Al3YoxsVsZZGgGoUvPLq3eOca 24 | dIIs1QKBgQC0eTeBuEDkTc0lFSeIW+t5l5Bq02sNKnciMpdXuIabkqm0d86BhxkK 25 | FQuSr0KA2oAj0x5aB8V7c04uAbUOevRzh7f0ol0G4Eb6DyWJUKHlYZsPKVZASa3D 26 | EZhtUy9ZHfLiMm7/qxGMZNjWJB56Pi52I6iJbeQGxF5DFXMvgAmrcw== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /images/f5gc-nssf/cert/nssf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDXTCCAkWgAwIBAgIJAKvguoLGe9PUMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV 3 | BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX 4 | aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzI0MDUwMTQ2WhcNMjkwNzIxMDUwMTQ2WjBF 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 7 | CgKCAQEAwsrvEP7x76q1/dMEovHMHDowdcpHUfffSsLHiHE/fNpu+8FJ3l0M4sBt 8 | BkoZ4ymlJOtUGGAbRKSy9CB01WfEd/zSeoxbk+oxZVLlopXJMaowTmiwfmqrhHTf 9 | 4+gOzWLl3Qws19FiQrEpOPPUIRLejXjVt1iSjpUBqklfk6qme2ajv7SWAWZ2J5Jc 10 | OAvnPHCdiW0LhR02veU3c/Hjcvz1tvbUYPHdUdfT4Z78qLHNG7R033E59GoVcmQT 11 | GvBOGkjTO+7tuzoB6uV/iNsIZ62xh2NUKpoi/2NHO5uzN9XvNnGBPWPM6vEuIG7R 12 | TgLZXkjr1ntRDPjTxR9uxbOTtoKlhQIDAQABo1AwTjAdBgNVHQ4EFgQU3YRaENrE 13 | WQ3PIe0ZrpLhRhqhYIowHwYDVR0jBBgwFoAU3YRaENrEWQ3PIe0ZrpLhRhqhYIow 14 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAnP/DtbZ++F5/92myjfkW 15 | 0onqZ053xJXJTUzwKqUhsxLjRUo1tpZRLksVC3oh9e41pg0s2hHM7aZARGyBEsxo 16 | NiZr0xUYS3RAnedd7zAUwigTTdWesBlcvePNO73dYzui1sPVx1RVZgH8uUONqKot 17 | W07pBiQBcI0MMpmwYm3kC7Uvuaf99VZrhhR+jPFyQrawNROD4/tIvFYj26TVtmrn 18 | GFvz6GqWgOGSZAmMx2ZZh+KvU4pnxJVoeWP/TXluiaWpAnzOmGvQqP32gaDBozLc 19 | smIg0D5rSovfshZQgLUbnLSqBKwwYGdFdA7/0IKs5YeAKnjSBBC5vLrOaNGLlNwM 20 | 8g== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /images/f5gc-nssf/config/nssfcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: NSSF initial local configuration 4 | 5 | configuration: 6 | nssfName: NSSF 7 | sbi: 8 | scheme: http 9 | registerIPv4: f5gc-nssf # Can also be a kubernetes service IP or domain name. 10 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 11 | port: 29531 12 | serviceNameList: 13 | - nnssf-nsselection 14 | - nnssf-nssaiavailability 15 | nrfUri: http://f5gc-nrf:29510 16 | supportedPlmnList: 17 | - mcc: 208 18 | mnc: 93 19 | supportedNssaiInPlmnList: 20 | - plmnId: 21 | mcc: 208 22 | mnc: 93 23 | supportedSnssaiList: 24 | - sst: 1 25 | sd: 010203 26 | - sst: 1 27 | sd: 112233 28 | - sst: 1 29 | sd: 3 30 | - sst: 2 31 | sd: 1 32 | - sst: 2 33 | sd: 2 34 | nsiList: 35 | - snssai: 36 | sst: 1 37 | nsiInformationList: 38 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 39 | nsiId: 10 40 | - snssai: 41 | sst: 1 42 | sd: 1 43 | nsiInformationList: 44 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 45 | nsiId: 11 46 | - snssai: 47 | sst: 1 48 | sd: 2 49 | nsiInformationList: 50 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 51 | nsiId: 12 52 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 53 | nsiId: 12 54 | - snssai: 55 | sst: 1 56 | sd: 3 57 | nsiInformationList: 58 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 59 | nsiId: 13 60 | - snssai: 61 | sst: 2 62 | nsiInformationList: 63 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 64 | nsiId: 20 65 | - snssai: 66 | sst: 2 67 | sd: 1 68 | nsiInformationList: 69 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 70 | nsiId: 21 71 | - snssai: 72 | sst: 1 73 | sd: 010203 74 | nsiInformationList: 75 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 76 | nsiId: 22 77 | - snssai: 78 | sst: 1 79 | sd: 112233 80 | nsiInformationList: 81 | - nrfId: http://f5gc-nrf:29510/nnrf-nfm/v1/nf-instances 82 | nsiId: 23 83 | amfSetList: 84 | - amfSetId: 1 85 | amfList: 86 | - ffa2e8d7-3275-49c7-8631-6af1df1d9d26 87 | - 0e8831c3-6286-4689-ab27-1e2161e15cb1 88 | - a1fba9ba-2e39-4e22-9c74-f749da571d0d 89 | nrfAmfSet: http://172.16.0.57:8081/nnrf-nfm/v1/nf-instances 90 | supportedNssaiAvailabilityData: 91 | - tai: 92 | plmnId: 93 | mcc: 466 94 | mnc: 92 95 | tac: 33456 96 | supportedSnssaiList: 97 | - sst: 1 98 | sd: 1 99 | - sst: 1 100 | sd: 2 101 | - sst: 2 102 | sd: 1 103 | - tai: 104 | plmnId: 105 | mcc: 466 106 | mnc: 92 107 | tac: 33457 108 | supportedSnssaiList: 109 | - sst: 1 110 | - sst: 1 111 | sd: 1 112 | - sst: 1 113 | sd: 2 114 | - amfSetId: 2 115 | nrfAmfSet: http://localhost:8084/nnrf-nfm/v1/nf-instances 116 | supportedNssaiAvailabilityData: 117 | - tai: 118 | plmnId: 119 | mcc: 466 120 | mnc: 92 121 | tac: 33456 122 | supportedSnssaiList: 123 | - sst: 1 124 | - sst: 1 125 | sd: 1 126 | - sst: 1 127 | sd: 3 128 | - sst: 2 129 | sd: 1 130 | - tai: 131 | plmnId: 132 | mcc: 466 133 | mnc: 92 134 | tac: 33458 135 | supportedSnssaiList: 136 | - sst: 1 137 | - sst: 1 138 | sd: 1 139 | - sst: 2 140 | amfList: 141 | - nfId: 469de254-2fe5-4ca0-8381-af3f500af77c 142 | supportedNssaiAvailabilityData: 143 | - tai: 144 | plmnId: 145 | mcc: 466 146 | mnc: 92 147 | tac: 33456 148 | supportedSnssaiList: 149 | - sst: 1 150 | - sst: 1 151 | sd: 2 152 | - sst: 2 153 | - tai: 154 | plmnId: 155 | mcc: 466 156 | mnc: 92 157 | tac: 33457 158 | supportedSnssaiList: 159 | - sst: 1 160 | sd: 1 161 | - sst: 1 162 | sd: 2 163 | - nfId: fbe604a8-27b2-417e-bd7c-8a7be2691f8d 164 | supportedNssaiAvailabilityData: 165 | - tai: 166 | plmnId: 167 | mcc: 466 168 | mnc: 92 169 | tac: 33458 170 | supportedSnssaiList: 171 | - sst: 1 172 | - sst: 1 173 | sd: 1 174 | - sst: 1 175 | sd: 3 176 | - sst: 2 177 | - tai: 178 | plmnId: 179 | mcc: 466 180 | mnc: 92 181 | tac: 33459 182 | supportedSnssaiList: 183 | - sst: 1 184 | - sst: 1 185 | sd: 1 186 | - sst: 2 187 | - sst: 2 188 | sd: 1 189 | - nfId: b9e6e2cb-5ce8-4cb6-9173-a266dd9a2f0c 190 | supportedNssaiAvailabilityData: 191 | - tai: 192 | plmnId: 193 | mcc: 466 194 | mnc: 92 195 | tac: 33456 196 | supportedSnssaiList: 197 | - sst: 1 198 | - sst: 1 199 | sd: 1 200 | - sst: 1 201 | sd: 2 202 | - sst: 2 203 | - tai: 204 | plmnId: 205 | mcc: 466 206 | mnc: 92 207 | tac: 33458 208 | supportedSnssaiList: 209 | - sst: 1 210 | - sst: 1 211 | sd: 1 212 | - sst: 2 213 | - sst: 2 214 | sd: 1 215 | taList: 216 | - tai: 217 | plmnId: 218 | mcc: 466 219 | mnc: 92 220 | tac: 33456 221 | accessType: 3GPP_ACCESS 222 | supportedSnssaiList: 223 | - sst: 1 224 | - sst: 1 225 | sd: 1 226 | - sst: 1 227 | sd: 2 228 | - sst: 2 229 | - tai: 230 | plmnId: 231 | mcc: 466 232 | mnc: 92 233 | tac: 33457 234 | accessType: 3GPP_ACCESS 235 | supportedSnssaiList: 236 | - sst: 1 237 | - sst: 1 238 | sd: 1 239 | - sst: 1 240 | sd: 2 241 | - sst: 2 242 | - tai: 243 | plmnId: 244 | mcc: 466 245 | mnc: 92 246 | tac: 33458 247 | accessType: 3GPP_ACCESS 248 | supportedSnssaiList: 249 | - sst: 1 250 | - sst: 1 251 | sd: 1 252 | - sst: 1 253 | sd: 3 254 | - sst: 2 255 | restrictedSnssaiList: 256 | - homePlmnId: 257 | mcc: 310 258 | mnc: 560 259 | sNssaiList: 260 | - sst: 1 261 | sd: 3 262 | - tai: 263 | plmnId: 264 | mcc: 466 265 | mnc: 92 266 | tac: 33459 267 | accessType: 3GPP_ACCESS 268 | supportedSnssaiList: 269 | - sst: 1 270 | - sst: 1 271 | sd: 1 272 | - sst: 2 273 | - sst: 2 274 | sd: 1 275 | restrictedSnssaiList: 276 | - homePlmnId: 277 | mcc: 310 278 | mnc: 560 279 | sNssaiList: 280 | - sst: 2 281 | sd: 1 282 | mappingListFromPlmn: 283 | - operatorName: NTT Docomo 284 | homePlmnId: 285 | mcc: 440 286 | mnc: 10 287 | mappingOfSnssai: 288 | - servingSnssai: 289 | sst: 1 290 | sd: 1 291 | homeSnssai: 292 | sst: 1 293 | sd: 1 294 | - servingSnssai: 295 | sst: 1 296 | sd: 2 297 | homeSnssai: 298 | sst: 1 299 | sd: 3 300 | - servingSnssai: 301 | sst: 1 302 | sd: 3 303 | homeSnssai: 304 | sst: 1 305 | sd: 4 306 | - servingSnssai: 307 | sst: 2 308 | sd: 1 309 | homeSnssai: 310 | sst: 2 311 | sd: 2 312 | - operatorName: AT&T Mobility 313 | homePlmnId: 314 | mcc: 310 315 | mnc: 560 316 | mappingOfSnssai: 317 | - servingSnssai: 318 | sst: 1 319 | sd: 1 320 | homeSnssai: 321 | sst: 1 322 | sd: 2 323 | - servingSnssai: 324 | sst: 1 325 | sd: 2 326 | homeSnssai: 327 | sst: 1 328 | sd: 3 329 | -------------------------------------------------------------------------------- /images/f5gc-pcf/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE pcf 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./pcf" ] 33 | CMD [ "-pcfcfg", "../config/pcfcfg.conf" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29507 37 | -------------------------------------------------------------------------------- /images/f5gc-pcf/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=pcf 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/pcf"] 23 | CMD ["-pcfcfg", "config/pcfcfg.conf"] 24 | 25 | -------------------------------------------------------------------------------- /images/f5gc-pcf/cert/pcf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAvrAD943EXFG1sWQYv4HzMWAsZdvypE+taRGaFB4IoqPpPKLj 3 | gJN6wsHE16ehisixMXLwTNmuaiT6BAWDLKSuLTAJENB/3wX89Ga3KGEo9BKOVy0j 4 | lU3PZDfGS6Crc1I2xyT5cwtZe85h941XtPCkuSyIO2ZDz2uT5cOj/Hm1gLeZqEXC 5 | +6fly7K87DUrosOXAVxRtMhyYENeTGQPZV9Wcwqqi3f+01kVhESmT3hTw4u5f/nn 6 | +Isx99uZwsHBlkmiUC9prgef9jdN1+GwfUKptTDPPzKNMn/aG7glKs9VnI3pcgha 7 | WoUENMkhSOwIvfePPf1PF35yEK5fdm2HfxCNTQIDAQABAoIBAQCieRboNsK4ZmaJ 8 | XuA3TGIKEAfEQkPb/IeknnrJ6U0yRrbUE3YEd6SBjNhLZ2kc9yMDHwvgbxlNF3Rv 9 | OMMrpqVBm0weJ4jMXi3JkDs/DIn4bFcbsDpBXKr4mQ08IwnymHpT9A0XGPSFqLOQ 10 | Wb4BTYkMvgTVl6zvbpn1i1yOIqWjpVMmmofA7ENLtBJxq+vMIhks3Pd8xjw2bUeL 11 | Sc6PDc8mf5Svsjy+vIX4wzda+ND95QyFyTV9O+Liia3JU+VvaoTUTtLr8OwWmUw9 12 | V7d3XyCddw2FasmB9OfUHDsvags2DoChp3S+zh0V3YDQlCJv9v111L7rMJFUA8Uo 13 | KfVohnOBAoGBAOiIVxtcqE5xxrWjJlHc1ljBY6egqRNNgRBWstcW7WctxGQAAYCy 14 | DIpYcgRfNKgThcerLJa0hy+THBFNjh9c35vLfL/mOXEHE4tw2MsZGr8I/p9e7c7i 15 | m7aR43mUXMoYocbD9htZ/xs0zR+nzurT6UEVHT7c5qb/ifU4UYy92AZvAoGBANHu 16 | k6HGE6uiI+53Rwzc5Uv4t80F5xGg31yEgNXmcq0pCiYNju90gvMWXJujdqtKQXWF 17 | xnGobchzzRoMclsOpmADgeyOIf0FHue1W2U/q2anZJpmZFz9ApvLiTGfX1ntubYw 18 | 5RriSe08c50Sa6naGF3MXiJrqwcMWdjNqgA+rCYDAoGAPfbW/3uZfg3jndN0CqyG 19 | kfA21hyB8ZrdobT4w0hgyvXvN5aoz9qibNtUxsV4CrHpHGQI5cAFpi/Vcubv0Hu3 20 | OpTnEVwQQoZYNvhDTRvLfMywzVdGl7LbO7N0oplegJw/v+/ITVGWIXHYl27oPLtr 21 | lORDftTuweGmqanwUUjloBECgYBjIzx6qBS/98jqI0/dRi/Oib0ayA/P5l20ziod 22 | WT+MgJX3VG3MrQPuEgBXy4EN8PoqqqsFH5oAkJcqFvimAawWKXHgqVppp1Jp794i 23 | WUfzKVe8BmCc/SqPMjYuxel8iWQrIrn+0SBCNUsPwRQw2PqqyQknThstL+r6FF2U 24 | 0gPvywKBgQDOHgczHI+G8pgivzC2W6OUvImm7DEFKZw2ZRNFSqq0/ksWfUnYIUaf 25 | KyNhKOCmCqYSZr6ivX47dO9G2x8OM5u95paY8ysOB+mlx/yrXKI8B4ZMax3xaVMq 26 | QDwiWcsGN6VUvyWITyDDsoUgWK7sPsVcoJgvVKduz/VRkPZk2YNGyA== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /images/f5gc-pcf/cert/pcf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDSDCCAjACCQDQLErVY/eE8DANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJU 3 | VzEPMA0GA1UECAwGVGFpd2FuMQ8wDQYDVQQHDAZUYWlwZWkxDTALBgNVBAoMBE5U 4 | Q1UxDDAKBgNVBAsMA0lPVDEYMBYGA1UEAwwPd3d3Lm50Y3UuZWR1LnR3MB4XDTE5 5 | MDcyMzAzMjcwM1oXDTI5MDcyMDAzMjcwM1owZjELMAkGA1UEBhMCVFcxDzANBgNV 6 | BAgMBlRhaXdhbjEPMA0GA1UEBwwGVGFpcGVpMQ0wCwYDVQQKDAROVENVMQwwCgYD 7 | VQQLDANJT1QxGDAWBgNVBAMMD3d3dy5udGN1LmVkdS50dzCCASIwDQYJKoZIhvcN 8 | AQEBBQADggEPADCCAQoCggEBAL6wA/eNxFxRtbFkGL+B8zFgLGXb8qRPrWkRmhQe 9 | CKKj6Tyi44CTesLBxNenoYrIsTFy8EzZrmok+gQFgyykri0wCRDQf98F/PRmtyhh 10 | KPQSjlctI5VNz2Q3xkugq3NSNsck+XMLWXvOYfeNV7TwpLksiDtmQ89rk+XDo/x5 11 | tYC3mahFwvun5cuyvOw1K6LDlwFcUbTIcmBDXkxkD2VfVnMKqot3/tNZFYREpk94 12 | U8OLuX/55/iLMffbmcLBwZZJolAvaa4Hn/Y3TdfhsH1CqbUwzz8yjTJ/2hu4JSrP 13 | VZyN6XIIWlqFBDTJIUjsCL33jz39Txd+chCuX3Zth38QjU0CAwEAATANBgkqhkiG 14 | 9w0BAQsFAAOCAQEABtO5Re3ekkXGgBGDBBxBzfIV9H19s4xi3sIhav8d20uaT0lK 15 | rYlYIFH4U7yi2eIs60OWDa5kATrOtTeE3Q9hQ4zZMq8xlerz8w/muRS/1AcjI6y0 16 | MXQIiv+RVNeWrWSwaOXPDjOXIP1QjG8WEddJg4DMu4copGSmLlv+ETYRuE6OklgU 17 | YUgu+Fo+73UAL8LMQFwXNpfvtkvwWLEZhPvkbMgnTY/1da+BIX0nJqkKxy2E5xYf 18 | gRMPsd6DdcQ1yHc/b90G0X3VRSaUgW97SPoEn+LFuQMJ0aIN7o5O+GW74yUfyxMo 19 | VVF59Dz6FUAk+PupYWvjsh2tL92R/tdykSlDVw== 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /images/f5gc-pcf/config/pcfcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: PCF initial local configuration 4 | 5 | configuration: 6 | pcfName: PCF 7 | sbi: 8 | scheme: http 9 | registerIPv4: f5gc-pcf 10 | bindingIPv4: 0.0.0.0 11 | port: 29507 12 | timeFormat: 2019-01-02 15:04:05 13 | defaultBdtRefId: BdtPolicyId- 14 | nrfUri: http://f5gc-nrf:29510 15 | serviceList: 16 | - serviceName: npcf-am-policy-control 17 | - serviceName: npcf-smpolicycontrol 18 | suppFeat: 3fff 19 | - serviceName: npcf-bdtpolicycontrol 20 | - serviceName: npcf-policyauthorization 21 | suppFeat: 3 22 | - serviceName: npcf-eventexposure 23 | - serviceName: npcf-ue-policy-control 24 | -------------------------------------------------------------------------------- /images/f5gc-smf/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE smf 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./smf" ] 33 | CMD [ "-smfcfg", "../config/smfcfg.conf", "--uerouting", "../config/uerouting.yaml" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29502/tcp 37 | EXPOSE 8805/udp 38 | 39 | -------------------------------------------------------------------------------- /images/f5gc-smf/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=amf 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/smf"] 23 | CMD ["-smfcfg", "config/smfcfg.conf", "--uerouting", "config/uerouting.yaml"] 24 | -------------------------------------------------------------------------------- /images/f5gc-smf/cert/smf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEA3SU3yVrp5Ig9aRFh3OWtvydxJC/ZzA8zijrSRldrCMEhCPsX 3 | C6htxPiolyYfX95ooG3lUhU8KHunQ6RkBqYtxKHrk/uSeN6iDOxv2d4cp7MtTlHn 4 | uc9SmzOOiU9t6MH2UiXC0t7hGBQshE6lSXLESA+ZGWbbraba2j5coyIaR3KJtyuc 5 | 3d0X8AT7JFUnM/hPLBdGJ5g1ek7/2mN0jXWy4iCXIeD5sPD+aI0jI5waq5XMfl2K 6 | bOU9X69z2fLnwCcwxWXkp3hZDtxZ3bgWDZe+l7Mx25QUwP7GI+MHWY7CMREUY4CA 7 | MuWcLnuCxhujbE3CDA72cZ4B5/NWrHdo4rQL4QIDAQABAoIBAQC+RtiyOrRGu2bD 8 | cX5Xt5OAhupVrYpjhqzdAfGNLohc1veap5jTog8YzK8apmWWcmJpr0UCFF1Xo9Vu 9 | YRLjmbaFmqB9CpejwkOChSlUN0VGkeeonNaaTKWR/pFk2eACxmkvk2gHUlgxBKKt 10 | EJItGT+DlVAwyAy6ZHeoEsJYZu5fi7ciiJHLAuKI4W/a0SZLFelcw3iOhiVyQrME 11 | 1C0BgZW0oUCcsTy5sa27Fs/OSQvCFyyDuTLMK5lPgkkUzhnhnA3zbBb9hjKTdCyG 12 | sg3I9DCRwWG1C/CL1/W2r7s6AhIv24Yn1G7KG3KmQCO3gmoms/BzOR+4LrkN3nva 13 | WWzVJlDxAoGBAPLqBExjxyg/x0sdZF8dDFQU8oA3x8pLvxkqzJWaVKf8d3YL5GI4 14 | AWyMtiz0kWSXHfk1tEPosG3mvFwiouh1K1kE9pHo4WrqfUt9RCiEZEzl9R9x2Opl 15 | BOz2c0Ol8VpjrRBBf3PV6kXmGEE9IA1f0oTva8lBIrOb5gQcMRbT/SuVAoGBAOkO 16 | /hA8Gp+ekmO7qiGcUQhB7/tbkwoaf+o2A8GlasPRz/wubPTogsvqe6DqQQo56v6/ 17 | zY0mpFADtWyyqa4AvkGwG/W4JF7BdQ+k3KI/D2Gh5gHbzn01cZASvXAYnM0AWi/t 18 | dOrK9H8cg+E7YJKyoclHwl2n5/QXXTiqC+CvRqwdAoGABDErr9HM/xHSs6YnNEkB 19 | DHZsFPBhf0k9XAbUDwThzyBZQ21DHLrQs3neLvptg+njt4hIux9J5CumNoTWgOJ8 20 | xAWE59G4CitPzDy2L2jRfk49o7RIRQtHQXujU5iKiL/NnckzlOEtMNWet4mBgxmT 21 | PX4QQyHfom/fUVTXOAiiht0CgYBQmY/B+5dVhpioBzniX9YiXfNp4ZSrlNiSHlYU 22 | PWn8CO6+Dyw9UsARV6mjz//oUnlz2s9ytl9zEKVIz00hUT57JzW0OBfT8WHTpDdt 23 | oRNnt379O5Bg+v+oTOLZBpoLx8ho9N1Pahs+bpUpasiOU1rian/Mtgng/8eMljp/ 24 | XP66/QKBgAsaiGqp1jTpoa6QtGDj8NH0Gse61A4ILuC7ttiREJZDoJyJelcF5IJ5 25 | yLJkuy+R5kzX0V7rCwYc5AxE3YeTteTmrmss+uFJo85BqN4dLFLFZsmEraXpwLbL 26 | /GOsQDF3PeOjJPHrafvi8JYckZsjUcwN7Yn3HbsQcvgi59EHLlTd 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /images/f5gc-smf/cert/smf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDazCCAlOgAwIBAgIUejW3Iw+Jqc6UimDjNL5A2iiTLLIwDQYJKoZIhvcNAQEL 3 | BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM 4 | GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xOTA3MTEwNzI1MThaFw0yOTA3 5 | MDgwNzI1MThaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw 6 | HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB 7 | AQUAA4IBDwAwggEKAoIBAQDdJTfJWunkiD1pEWHc5a2/J3EkL9nMDzOKOtJGV2sI 8 | wSEI+xcLqG3E+KiXJh9f3migbeVSFTwoe6dDpGQGpi3EoeuT+5J43qIM7G/Z3hyn 9 | sy1OUee5z1KbM46JT23owfZSJcLS3uEYFCyETqVJcsRID5kZZtutptraPlyjIhpH 10 | com3K5zd3RfwBPskVScz+E8sF0YnmDV6Tv/aY3SNdbLiIJch4Pmw8P5ojSMjnBqr 11 | lcx+XYps5T1fr3PZ8ufAJzDFZeSneFkO3FnduBYNl76XszHblBTA/sYj4wdZjsIx 12 | ERRjgIAy5Zwue4LGG6NsTcIMDvZxngHn81asd2jitAvhAgMBAAGjUzBRMB0GA1Ud 13 | DgQWBBQXefTGBKHZzWVpSISL/O3UKOjuuDAfBgNVHSMEGDAWgBQXefTGBKHZzWVp 14 | SISL/O3UKOjuuDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAH 15 | fponBxtMoweVP24tpY/gIYIQDMmr6zGslWJjBTS4azBL5/rdk1pZk6onRfQD7zAZ 16 | BBz+RBSnNQx9N23ZiNe+93w9L7gF74EOxRL9sCa2i1IDbUverxTmv0RmV4XuGtbI 17 | raj02DlULI+RGsKUfqSBNcZUAYyjEKIZja531eq+dRyP7qgyvcwK44f1BsnLSySH 18 | j958x1zYQFqvb4qaqC05bNU+CVuwaS0e+wbP1hCXncog3YKAkHYJqZZTjn15b8Op 19 | v1rppEFdjK7pCoRb6vP39Efo5uRCjGwdTZYgphX4begnN/muD69o8sEsw60Fuzgt 20 | OW7CHtwR2ZAUPJYUK04F 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /images/f5gc-smf/config/smfcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: AMF initial local configuration 4 | 5 | configuration: 6 | smfName: SMF 7 | sbi: 8 | scheme: http 9 | registerIPv4: f5gc-smf 10 | bindingIPv4: 0.0.0.0 11 | port: 29502 12 | tls: 13 | key: gofree5gc/support/TLS/smf.key 14 | pem: gofree5gc/support/TLS/smf.pem 15 | serviceNameList: 16 | - nsmf-pdusession 17 | - nsmf-event-exposure 18 | snssai_info: 19 | - sNssai: 20 | sst: 1 21 | sd: 010203 22 | dnnSmfInfoList: 23 | - dnn: internet 24 | - sNssai: 25 | sst: 1 26 | sd: 112233 27 | dnnSmfInfoList: 28 | - dnn: internet 29 | pfcp: 30 | addr: 0.0.0.0 31 | userplane_information: 32 | up_nodes: 33 | gNB01: 34 | type: AN 35 | an_ip: 192.168.10.10 36 | UPF: 37 | type: UPF 38 | node_id: f5gc-upf 39 | links: 40 | - A: gNB01 41 | B: UPF 42 | dnn: 43 | internet: 44 | dns: 45 | ipv4: 8.8.8.8 46 | ipv6: 2001:4860:4860::8888 47 | internet2: 48 | dns: 49 | ipv4: 8.8.4.4 50 | ipv6: 2001:4860:4860::8844 51 | ue_subnet: 60.60.0.0/16 52 | nrfUri: http://f5gc-nrf:29510 53 | -------------------------------------------------------------------------------- /images/f5gc-smf/config/uerouting.yaml: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: Routing information for UE 4 | 5 | ueRoutingInfo: 6 | - SUPI: imsi-2089300007487 7 | AN: 10.200.200.101 8 | PathList: 9 | - DestinationIP: 60.60.0.101 10 | DestinationPort: 8888 11 | UPF: !!seq 12 | - BranchingUPF 13 | - AnchorUPF1 14 | 15 | - DestinationIP: 60.60.0.103 16 | DestinationPort: 9999 17 | UPF: !!seq 18 | - BranchingUPF 19 | - AnchorUPF2 20 | 21 | - SUPI: imsi-2089300007486 22 | AN: 10.200.200.102 23 | PathList: 24 | - DestinationIP: 10.0.0.10 25 | DestinationPort: 8888 26 | UPF: !!seq 27 | - BranchingUPF 28 | - AnchorUPF1 29 | 30 | - DestinationIP: 10.0.0.11 31 | DestinationPort: 9999 32 | UPF: !!seq 33 | - BranchingUPF 34 | - AnchorUPF2 35 | -------------------------------------------------------------------------------- /images/f5gc-udm/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE udm 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./udm" ] 33 | CMD [ "-udmcfg", "../config/udmcfg.conf" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29503 37 | -------------------------------------------------------------------------------- /images/f5gc-udm/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=udm 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/udm"] 23 | CMD ["-udmcfg", "config/udmcfg.conf"] 24 | -------------------------------------------------------------------------------- /images/f5gc-udm/cert/udm.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEAo544dewlx0hksbXlgVVw0kZ2xdUehMDlgwQaQQOO8tntQ3lG 3 | H+3UeI2K8QUjrc9DlqkEkzLz7yLQDIFtXV063DWlH521xOTCbsU3iYjb+pZ0uRLV 4 | oRsrIflt8LQW3rELnOStI9crni5qd3gV6FT1Tr7puv2UDy8rIE32fbnVr1HvWWw5 5 | uSAmE3MRaS6DlO08/DQ/oto63ZFqxjc/x0lbJN3qGB5epgbVxTc1Q+VekPx7qMhj 6 | VkTZWueo6DZkiGg0qAI1cN6OI8yjM4yH34DQF2eQjJbTELH5rrrs/2LWJSXnvrXe 7 | tfxkuzvivUCF6xecU5SMMV117Q+4VheA9s/7xwIDAQABAoIBAFgZYZ1dQhpDyLRH 8 | lQRG1TDj8CAl2QDyPKKHGvvWxqnM3gxuyGt4y+b9j8qnUcbMyz/cUjJQRTiGLjAN 9 | oK2c/YyE9hxH9w/FfUvXtUfBAXG0gbUFhzHwRxFMFP5+ebH+8pnQJ8ocmcfahkk9 10 | x84JsOxtr7yXvZlPdJE4aXjZD04Om7++sOsds3MjfnGkBZ/17ke4nGsSYB78oxhN 11 | M1ILWBQS1YgfSWe+mcV4rxh0vp3R9aQIo7OCfC0RtprCeSNLr9dgiMJbNaAa5hf9 12 | F80i0+4l9R0OpMvkttHX5olID1+3p45pY0EHKAf+M2KaqiOHZQtnJ9DS0HkRw0LZ 13 | f3pYxQECgYEAzxWmJKt46H4Gj+PcC6UXfqRLfHKZ2NvJ1VU3RlM/Y22Yi+PFWKjp 14 | eVwdZMNh9k87vDoP/gipRX2mSRZW9efZJQNMEV/v1KoQCAvsQsSlhsMV6QbBaLZG 15 | gaMMFfpK1oX19mpXB8dWIe66vGpr5ahirvfdo07gACd5/WygDE7uNhcCgYEAykQp 16 | jWiMfvwoEbRuGWyWjeZW4tmNqiMACdPGuVQDKXUlYMtwv9RQmK5g/g1056D8rLOB 17 | nGhvENIR0MjtZAXMRGBmSAcnT3n3D+dbNS/J7PxhLz+ysi8r5ibaexTGGpxK4INQ 18 | uX112cIv0NRh+BVPl0T93YJ6bsd731NZYDLvpdECgYEAsUMj0/Hf7ouqTFNNEb7A 19 | 7MvwPdfPb707+NwYE5/A+/hdgyl2zVzRdevu0UkaOwA57vZ4qAh79RsIUznHOHm8 20 | +5zl6V2I6y6jyG+ETucLld66i50Xw+17Tw7lko6MrzM+hy8hzmvIhAVZXV1vfMf1 21 | qTZNR7SFtDwWhWMNYVvTNwMCgYA4HjdFI5evd7iKSPwvE6Cl2B2NLP0QEkvlbht5 22 | ueRysSzgsTEkF/0Qj3kbo5Im3dSc+eThB1yhVxdYTRcIJE+rPO/D1jBC7bztbawx 23 | koO8u70fBdZHd6z/WxJNCdN4+JoRtn1EKZn0A9uOXg6cbRU7DAo/Vf8wEyq8KHzo 24 | otk4sQKBgDsU0OoLpdFAdNSloipTw+Tvzlznm2OMOhD/AmUt/6xkiPFh8uFytZPW 25 | a/IxP7FmQDo34OFO6fDomRs83/uUQ/ToC3fyYKs1/DAOF3Cr3COOPzvWHAzfJI9V 26 | 9t/QhoSSnms4XHVEQDdoD/srefNuReaED7tXnLJ+BXhZbNiGryVJ 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /images/f5gc-udm/cert/udm.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIID7TCCAtWgAwIBAgIUfjRzF91Mkg/m/bXUK3kIJ1QH/FkwDQYJKoZIhvcNAQEL 3 | BQAwgYUxCzAJBgNVBAYTAlRXMRcwFQYDVQQIDA5Ic2luY2h1IENvdW50eTEVMBMG 4 | A1UEBwwMSHNpbmNodSBjaXR5MQ0wCwYDVQQKDAROQ1RVMREwDwYDVQQLDAhXSVJF 5 | IExBQjEkMCIGCSqGSIb3DQEJARYVZnJlZTVnYy5vcmdAZ21haWwuY29tMB4XDTE5 6 | MDcyOTA3NDg1OVoXDTI5MDcyNjA3NDg1OVowgYUxCzAJBgNVBAYTAlRXMRcwFQYD 7 | VQQIDA5Ic2luY2h1IENvdW50eTEVMBMGA1UEBwwMSHNpbmNodSBjaXR5MQ0wCwYD 8 | VQQKDAROQ1RVMREwDwYDVQQLDAhXSVJFIExBQjEkMCIGCSqGSIb3DQEJARYVZnJl 9 | ZTVnYy5vcmdAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC 10 | AQEAo544dewlx0hksbXlgVVw0kZ2xdUehMDlgwQaQQOO8tntQ3lGH+3UeI2K8QUj 11 | rc9DlqkEkzLz7yLQDIFtXV063DWlH521xOTCbsU3iYjb+pZ0uRLVoRsrIflt8LQW 12 | 3rELnOStI9crni5qd3gV6FT1Tr7puv2UDy8rIE32fbnVr1HvWWw5uSAmE3MRaS6D 13 | lO08/DQ/oto63ZFqxjc/x0lbJN3qGB5epgbVxTc1Q+VekPx7qMhjVkTZWueo6DZk 14 | iGg0qAI1cN6OI8yjM4yH34DQF2eQjJbTELH5rrrs/2LWJSXnvrXetfxkuzvivUCF 15 | 6xecU5SMMV117Q+4VheA9s/7xwIDAQABo1MwUTAdBgNVHQ4EFgQUKIlDmYIRzDmi 16 | 0LELxqiOtUccCbowHwYDVR0jBBgwFoAUKIlDmYIRzDmi0LELxqiOtUccCbowDwYD 17 | VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEARL2nK9jNzjXCgDU5m/nh 18 | UmseSK4VtrxHCcyP5Mvt6uAyIdgb5bPoOUXn36/4cTvJHnpttzarnxyxsZKcKRvK 19 | PrQs+yPGDCH46g6XCq/zHK4k5BemQapwUjXvcPW4+7E6EqzjWhY7/Dz7///Z3UpV 20 | RFoEFb1YYlM7Fl4tY1XLDNFsKGTcHL0gNMSbNKuYbVl4LufFshxOhPhh/p0YMtAu 21 | q5p3WIWawOLWMpzR9CHb7GW7m5v+nis2SUTyNR+2EWCN6htybLt7mNF4Be+xdgcy 22 | aDZ/Bcc/LyCsBoHujco6XxHb3AFURPOqF8GPppFl0kSDW/oSftiGZT70mFcZvAIu 23 | BA== 24 | -----END CERTIFICATE----- 25 | -------------------------------------------------------------------------------- /images/f5gc-udm/config/udmcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: UDM initial local configuration 4 | 5 | configuration: 6 | serviceNameList: 7 | - nudm-sdm 8 | - nudm-uecm 9 | - nudm-ueau 10 | - nudm-ee 11 | - nudm-pp 12 | sbi: 13 | scheme: http 14 | registerIPv4: f5gc-udm # Can also be a kubernetes service IP or domain name. 15 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 16 | port: 29503 17 | tls: 18 | log: free5gc/udmsslkey.log 19 | pem: free5gc/support/TLS/udm.pem 20 | key: free5gc/support/TLS/udm.key 21 | 22 | udrclient: 23 | scheme: http 24 | ipv4Addr: 127.0.0.1 25 | port: 29504 26 | 27 | nrfclient: 28 | scheme: http 29 | ipv4Addr: 127.0.0.1 30 | port: 29510 31 | nrfUri: http://f5gc-nrf:29510 32 | 33 | # test data set from TS33501-f60 Annex C.4 34 | # udmProfileAHNPublicKey: 5a8d38864820197c3394b92613b20b91633cbd897119273bf8e4a6f4eec0a650 35 | # udmProfileAHNPrivateKey: c53c22208b61860b06c62e5406a7b330c2b577aa5558981510d128247d38bd1d 36 | # udmProfileBHNPublicKey: 0472DA71976234CE833A6907425867B82E074D44EF907DFB4B3E21C1C2256EBCD15A7DED52FCBB097A4ED250E036C7B9C8C7004C4EEDC4F068CD7BF8D3F900E3B4 37 | # udmProfileBHNPrivateKey: F1AB1074477EBCC7F554EA1C5FC368B1616730155E0041AC447D6301975FECDA 38 | keys: 39 | udmProfileAHNPublicKey: 5a8d38864820197c3394b92613b20b91633cbd897119273bf8e4a6f4eec0a650 40 | udmProfileAHNPrivateKey: c53c22208b61860b06c62e5406a7b330c2b577aa5558981510d128247d38bd1d 41 | udmProfileBHNPublicKey: 0472DA71976234CE833A6907425867B82E074D44EF907DFB4B3E21C1C2256EBCD15A7DED52FCBB097A4ED250E036C7B9C8C7004C4EEDC4F068CD7BF8D3F900E3B4 42 | udmProfileBHNPrivateKey: F1AB1074477EBCC7F554EA1C5FC368B1616730155E0041AC447D6301975FECDA 43 | -------------------------------------------------------------------------------- /images/f5gc-udr/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE udr 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ log/ support/TLS/ ${F5GC_MODULE}/ 17 | 18 | # Copy executable and default certs 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE} 20 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.pem ./support/TLS/ 21 | COPY --from=builder /free5gc/support/TLS/${F5GC_MODULE}.key ./support/TLS/ 22 | 23 | # Move to the binary path 24 | WORKDIR /free5gc/${F5GC_MODULE} 25 | 26 | # Config files volume 27 | VOLUME [ "/free5gc/config" ] 28 | 29 | # Certificates (if not using default) volume 30 | VOLUME [ "/free5gc/support/TLS" ] 31 | 32 | ENTRYPOINT [ "./udr" ] 33 | CMD [ "-udrcfg", "../config/udrcfg.conf" ] 34 | 35 | # Exposed ports 36 | EXPOSE 29504 37 | -------------------------------------------------------------------------------- /images/f5gc-udr/Dockerfile.distroless: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | LABEL maintainer="Yoshifumi Sumida " 3 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 4 | 5 | FROM gcr.io/distroless/base:debug 6 | 7 | ENV APP_NAME=udr 8 | ENV APP_ROOT=/free5gc 9 | ENV FREE5GC_BUILD_ROOT=/go/src/free5gc 10 | ENV PATH=${APP_ROOT}:${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} 11 | 12 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/bin/${APP_NAME} ${APP_ROOT}/bin/${APP_NAME} 13 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/config/${APP_NAME}cfg.conf ${APP_ROOT}/config/ 14 | COPY --from=builder ${FREE5GC_BUILD_ROOT}/support/TLS/${APP_NAME}.* ${APP_ROOT}/support/TLS/ 15 | 16 | WORKDIR ${APP_ROOT} 17 | 18 | VOLUME ["/free5gc/config"] 19 | 20 | VOLUME ["/free5gc/support/TLS"] 21 | 22 | ENTRYPOINT ["bin/udr"] 23 | CMD ["-udrcfg", "config/udrcfg.conf"] 24 | -------------------------------------------------------------------------------- /images/f5gc-udr/cert/udr.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAyL2vLO4vrQu2gGMsnjJ+ECkB0ThuA4CmhEktmhZx7uQCrDoX 3 | JG+qNgA5Xx5g/iM8otHB14X4CQB0ghjDSlw6z/M+eCL6fQaqjFkhrXj+LPeqNnWU 4 | ICDRxzYkyxnZ795yrs2HaQMnI053HRuuX4qssD31MTrlsoCXYQJrXP9yEZ9CaKMN 5 | QvDe1ZEhHx8odb0dvSTpXrdt8gv52Ro7c3Pt+igkuCOCRnOWiEUxcGIpNVad5nMF 6 | BMg6d8ILmoZCbof6DAneoDAsUYkh5BvKwUkQuRLWrRnU0zgw6QQfgQiYiz0DzQt8 7 | JqLOq+f8XsMQM/dFnsDEha1iSNf14mcZQd7N/wIDAQABAoIBAAtBr8AKPzwp6vr6 8 | FLduR2lqk0KDMpAZt7y1ScxZM9xchtXXkBKn/Fh43L67ul6l5TGQJ5mJVqZSkzX0 9 | Y4cY8udUUY11EKzQIeIq4VuT7FTjMnVJVJwUmw7bt2Z4NaNgyveIaO53kctGDCHi 10 | un17DkH3x3cSQW0oDtUOyKx3WpMoTKhAInnlI9lcS4rTNP2yJIUgZFd133EhnFuX 11 | SabzGkACR27Qyf66kReRRMKpqKn0sbpTQ/CyFZCiCTeKFzEsWMKlSyQ20Hg3NTil 12 | XG+cRSdajsM7lxXAQJka/qs4u/Nigst1qdn36rXt/vQq/smN062jkJr0x/UySjKc 13 | 4LJ8T1kCgYEA5xw8k+wvPc4I83G0LxBIEqrbYv+4C4Zl+YWIPEnLAzrIpjuX5LzH 14 | ENt7mELCufZ8T9dOxbLyg9MhNQTICKDCcteuu4KPegrEMBYxBzyxrx18Uj3UfhYq 15 | ZDX+NFsZql+3wqrN5QzFfimYkz8+zzos3Ox1gtXJjEukuWNb4HUjoVMCgYEA3lwo 16 | bROhiJ0U5etc6m0cSBMhFuzzD7vkl2eWXk00FV8iyiFqMRxoehog2/yfaWvCJ6za 17 | HFpmuiVRXeTa8cHSfVA3WMnCpI0l80cD1ej93gvmVuRGXJDvivwxwBVTgdczLr7f 18 | qsVQRo7wZxdwiw46VhCYs4tuU2DdvHfdFd/07yUCgYEAmB9L+IokZmgyGBwl4Dy1 19 | VCRGmBl+iYeDpASzMgvYp12QKWtcheGEnqH57rUy+7k1BlDQtu0dGIxmdUGacaNv 20 | mqxBhYdg7ZIcpRJWX08iHgQoivHL5tqsOJ4Zn1i/wheTG33WXQhVDsBOf83HiBvg 21 | 3+J9TwttyP0ZhjXSiiJQu6UCgYEAsCtNsBW0jjr9uqd9pxGpLYVSWwqCDD4t/rKI 22 | VNBP6nrEYmaU7rH2KH8Y95GvbuN8INj2uS36Y5J7Y6uUt6N7M+Ng5kx7lMlrftIN 23 | vOVqdQjyhnc3M9F0p6XleKysy5sHJwr8xByt3CkVWGget10fZN6jTOS0FQUSyGYi 24 | 2Fjmgq0CgYBiaeY8rABQ1Cpthe7BeqA6NyY+t8Vw4wuuD80G49yZuiHz5pNECBDa 25 | Do9P1RNU008byaKCphIJFpOeAGeyAlg3sRzj9RMkY3fTuOU2cq6ICxx33Y3TCiBe 26 | CqD+1jxyqTFWNIP1y+LiBGFjo4XzYXP8KHbVwtdth7BDSnTxuvFatQ== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /images/f5gc-udr/cert/udr.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDYDCCAkigAwIBAgIJAIYfrQTLTPZiMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV 3 | BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX 4 | aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzIyMTM1MDU5WhcNMjkwNzE5MTM1MDU5WjBF 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 7 | CgKCAQEAyL2vLO4vrQu2gGMsnjJ+ECkB0ThuA4CmhEktmhZx7uQCrDoXJG+qNgA5 8 | Xx5g/iM8otHB14X4CQB0ghjDSlw6z/M+eCL6fQaqjFkhrXj+LPeqNnWUICDRxzYk 9 | yxnZ795yrs2HaQMnI053HRuuX4qssD31MTrlsoCXYQJrXP9yEZ9CaKMNQvDe1ZEh 10 | Hx8odb0dvSTpXrdt8gv52Ro7c3Pt+igkuCOCRnOWiEUxcGIpNVad5nMFBMg6d8IL 11 | moZCbof6DAneoDAsUYkh5BvKwUkQuRLWrRnU0zgw6QQfgQiYiz0DzQt8JqLOq+f8 12 | XsMQM/dFnsDEha1iSNf14mcZQd7N/wIDAQABo1MwUTAdBgNVHQ4EFgQUE/jHBVVy 13 | PlHey2lIv8CS9sIXHS4wHwYDVR0jBBgwFoAUE/jHBVVyPlHey2lIv8CS9sIXHS4w 14 | DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAZusdlEbXhDdmwZDN 15 | gBlO7oVV6kuWUR3v2udzFZN4EzP2qnf2JRkiMOnIn9l+NOcQVarGzI5+aZs4GbLr 16 | fGi6QOlu5zQ9rWR4kn2rSeIHhRMsYHtl/w+Dm3V/cV1u0ANcIfo1sVl1FTSEMwIl 17 | Xr/OZOtUgWwuRw4hwl2OaMDrK3Z2jTCtHONInRVKuyySqYgR6ZMJFKiKSfYYxSl9 18 | +i1bYCG5tVR1jZe5xvrF8gAABU+b24MJHGJfcXvSn8Z5JxgqRDX/cfKi1g27wewJ 19 | p5PRv659sSaHrk5yUTCar8s9zdNnaAkqtBmru0JxBkzEMN2mCoubwxyq1QVAI7u2 20 | yEIc7A== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /images/f5gc-udr/config/udrcfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: UDR initial local configuration 4 | 5 | configuration: 6 | sbi: 7 | scheme: http 8 | registerIPv4: f5gc-udr # Can also be a kubernetes service IP or domain name. 9 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 10 | port: 29504 11 | mongodb: 12 | name: free5gc 13 | url: mongodb://f5gc-mongodb:27017 14 | nrfUri: http://f5gc-nrf:29510 15 | -------------------------------------------------------------------------------- /images/f5gc-upf/Dockerfile.ubuntu18: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM ubuntu:18.04 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE free5gc-upfd 9 | ENV DEBIAN_FRONTEND noninteractive 10 | ARG DEBUG_TOOLS 11 | 12 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 13 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apt-get update && apt-get install -y vim strace net-tools iputils-ping curl netcat ; fi 14 | 15 | # Install UPF dependencies 16 | RUN apt-get update \ 17 | && apt-get install -y libmnl0 libyaml-0-2 iproute2 \ 18 | && apt-get clean 19 | 20 | # Set working dir 21 | WORKDIR /free5gc 22 | RUN mkdir -p ${F5GC_MODULE}/config/ 23 | 24 | # Copy executable and default configuration 25 | COPY --from=builder /free5gc/${F5GC_MODULE} ./${F5GC_MODULE}/ 26 | 27 | # Copy linked libs 28 | COPY --from=builder /free5gc/libgtp5gnl.so.0 /usr/local/lib 29 | COPY --from=builder /free5gc/liblogger.so /usr/local/lib 30 | 31 | # Move to the executable location 32 | WORKDIR /free5gc/${F5GC_MODULE} 33 | 34 | # Update links 35 | RUN ldconfig 36 | 37 | ENTRYPOINT ["./free5gc-upfd" ] 38 | CMD [ "-f", "../config/upfcfg.yaml" ] 39 | 40 | # Exposed ports 41 | EXPOSE 8805/udp 42 | -------------------------------------------------------------------------------- /images/f5gc-upf/config/upfcfg.example.yaml: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: UPF configuration 4 | 5 | configuration: 6 | # debugLevel: panic|fatal|error|warn|info|debug|trace 7 | debugLevel: info 8 | 9 | pfcp: 10 | - addr: 127.0.0.8 11 | 12 | gtpu: 13 | - addr: 127.0.0.8 14 | # [optional] gtpu.name 15 | # - name: upf.5gc.nctu.me 16 | # [optional] gtpu.ifname 17 | # - ifname: gtpif 18 | 19 | apn_list: 20 | - apn: internet 21 | cidr: 60.60.0.0/24 22 | # [optional] apn_list[*].natifname 23 | # natifname: eth0 24 | -------------------------------------------------------------------------------- /images/f5gc-upf/config/upfcfg.test.example.yaml: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: UPF configuration 4 | 5 | configuration: 6 | # debugLevel: panic|fatal|error|warn|info|debug|trace 7 | debugLevel: info 8 | 9 | pfcp: 10 | - addr: 10.200.200.101 11 | 12 | gtpu: 13 | - addr: 10.200.200.102 14 | # [optional] gtpu.name 15 | # - name: upf.5gc.nctu.me 16 | # [optional] gtpu.ifname 17 | # - ifname: gtpif 18 | 19 | apn_list: 20 | - apn: internet 21 | cidr: 60.60.0.0/24 22 | # [optional] apn_list[*].natifname 23 | # natifname: eth0 24 | -------------------------------------------------------------------------------- /images/f5gc-upf/config/upfcfg.ulcl.example.yaml: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: UPF configuration 4 | 5 | configuration: 6 | # debugLevel: panic|fatal|error|warn|info|debug|trace 7 | debugLevel: info 8 | 9 | pfcp: 10 | - addr: 10.200.200.101 11 | 12 | gtpu: 13 | - addr: 10.200.200.101 14 | # [optional] gtpu.name 15 | # - name: upf.5gc.nctu.me 16 | # [optional] gtpu.ifname 17 | # - ifname: gtpif 18 | 19 | apn_list: 20 | - apn: internet 21 | cidr: 60.60.0.0/24 22 | # [optional] apn_list[*].natifname 23 | # natifname: eth0 24 | -------------------------------------------------------------------------------- /images/f5gc-upf/config/upfcfg.yaml: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: UPF configuration 4 | 5 | configuration: 6 | # debugLevel: panic|fatal|error|warn|info|debug|trace 7 | debugLevel: info 8 | 9 | pfcp: 10 | - addr: f5gc-upf 11 | 12 | gtpu: 13 | - addr: 192.168.10.11 14 | # [optional] gtpu.name 15 | # - name: upf.5gc.nctu.me 16 | # [optional] gtpu.ifname 17 | # - ifname: gtpif 18 | 19 | apn_list: 20 | - apn: internet 21 | cidr: 60.60.0.0/24 22 | # [optional] apn_list[*].natifname 23 | # natifname: eth0 24 | -------------------------------------------------------------------------------- /images/f5gc-webui/Dockerfile.alpine: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/sumichaaan/free5gc-k8s/f5gc-build-base:v3.0.4 AS builder 2 | FROM alpine:3.8 3 | 4 | LABEL description="Free5GC open source 5G Core Network" \ 5 | version="Stage 3" 6 | LABEL org.opencontainers.image.source https://github.com/sumichaaan/free5gc-k8s 7 | 8 | ENV F5GC_MODULE webui 9 | ARG DEBUG_TOOLS 10 | 11 | # Install debug tools ~ 100MB (if DEBUG_TOOLS is set to true) 12 | RUN if [ "$DEBUG_TOOLS" = "true" ] ; then apk add -U vim strace net-tools curl netcat-openbsd ; fi 13 | 14 | # Set working dir 15 | WORKDIR /free5gc 16 | RUN mkdir -p config/ webconsole/public 17 | 18 | # Copy executable, frontend static files and default configuration 19 | COPY --from=builder /free5gc/${F5GC_MODULE} ./webconsole 20 | COPY --from=builder /free5gc/public ./webconsole/public 21 | 22 | # Move to the executable location 23 | WORKDIR /free5gc/webconsole 24 | 25 | # Config files volume 26 | VOLUME [ "/free5gc/config" ] 27 | 28 | ENTRYPOINT [ "./webui" ] 29 | 30 | # WebUI uses the port 5000 31 | EXPOSE 5000 32 | -------------------------------------------------------------------------------- /images/f5gc-webui/config/webuicfg.conf: -------------------------------------------------------------------------------- 1 | info: 2 | version: 1.0.0 3 | description: WebUI initial local configuration 4 | 5 | configuration: 6 | mongodb: 7 | name: free5gc 8 | url: mongodb://f5gc-mongodb:27017 9 | -------------------------------------------------------------------------------- /manifests/00_namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: f5gc 5 | labels: 6 | name: free5gc 7 | -------------------------------------------------------------------------------- /manifests/dbg-mongo-express/00_dbg-me-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | labels: 5 | app: dbg-mongo-express 6 | name: dbg-mongo-express 7 | spec: 8 | selector: 9 | matchLabels: 10 | app: dbg-mongo-express 11 | template: 12 | metadata: 13 | labels: 14 | app: dbg-mongo-express 15 | spec: 16 | containers: 17 | - env: 18 | - name: ME_CONFIG_MONGODB_SERVER 19 | value: "f5gc-mongodb.f5gc.svc.cluster.local" 20 | - name: ME_CONFIG_MONGODB_ENABLE_ADMIN 21 | value: "true" 22 | - name: ME_CONFIG_BASICAUTH_USERNAME 23 | value: "admin" 24 | - name: ME_CONFIG_BASICAUTH_PASSWORD 25 | value: "free5gc" 26 | image: mongo-express:latest 27 | imagePullPolicy: Always 28 | name: dbg-mongo-express 29 | ports: 30 | - containerPort: 8081 31 | protocol: TCP 32 | restartPolicy: Always 33 | --- 34 | apiVersion: v1 35 | kind: Service 36 | metadata: 37 | labels: 38 | app: dbg-mongo-express 39 | name: dbg-mongo-express 40 | namespace: f5gc 41 | spec: 42 | ports: 43 | - name: http 44 | port: 8081 45 | protocol: TCP 46 | selector: 47 | app: dbg-mongo-express 48 | type: NodePort 49 | -------------------------------------------------------------------------------- /manifests/dbg-mongo-express/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_dbg-me-deployment.yaml 3 | 4 | namespace: f5gc 5 | -------------------------------------------------------------------------------- /manifests/dbg-rockmongo/00_dbg-rm-deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dbg-rockmongo 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: dbg-rockmongo 10 | replicas: 1 11 | template: 12 | metadata: 13 | labels: 14 | app: dbg-rockmongo 15 | spec: 16 | containers: 17 | - name: dbg-rockmongo 18 | image: tadaweb/rockmongo 19 | ports: 20 | - containerPort: 8050 21 | name: http 22 | env: 23 | - name: MONGO_HOSTS 24 | value: 'f5gc-mongodb:27017' 25 | - name: ROCKMONGO_PORT 26 | value: '8050' 27 | - name: MONGO_HIDE_SYSTEM_COLLECTIONS 28 | value: 'false' 29 | - name: MONGO_AUTH 30 | value: 'false' 31 | - name: ROCKMONGO_USER 32 | value: 'testadmin' 33 | - name: ROCKMONGO_PASSWORD 34 | value: 'testadmin' 35 | 36 | --- 37 | apiVersion: v1 38 | kind: Service 39 | metadata: 40 | labels: 41 | app: dbg-rockmongo 42 | name: dbg-rockmongo 43 | spec: 44 | type: NodePort 45 | ports: 46 | - name: dbg-rockmongo 47 | port: 8050 48 | protocol: TCP 49 | targetPort: 8050 50 | selector: 51 | app: dbg-rockmongo 52 | -------------------------------------------------------------------------------- /manifests/dbg-rockmongo/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_dbg-rm-deployment.yaml 3 | 4 | namespace: f5gc 5 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/00_amf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-amf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/01_amf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-amf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-amf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/02_amf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-amf-config 5 | data: 6 | amfcfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: AMF initial local configuration 10 | 11 | configuration: 12 | amfName: AMF 13 | ngapIpList: 14 | - 0.0.0.0 # assigned to a second network interface 15 | sbi: 16 | scheme: http 17 | registerIPv4: f5gc-amf # Can also be a kubernetes service IP or domain name. 18 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 19 | port: 29518 20 | serviceNameList: 21 | - namf-comm 22 | - namf-evts 23 | - namf-mt 24 | - namf-loc 25 | - namf-oam 26 | servedGuamiList: 27 | - plmnId: 28 | mcc: 208 29 | mnc: 93 30 | amfId: cafe00 31 | supportTaiList: 32 | - plmnId: 33 | mcc: 208 34 | mnc: 93 35 | tac: 1 36 | plmnSupportList: 37 | - plmnId: 38 | mcc: 208 39 | mnc: 93 40 | snssaiList: 41 | - sst: 1 42 | sd: 010203 43 | - sst: 1 44 | sd: 112233 45 | supportDnnList: 46 | - internet 47 | nrfUri: http://f5gc-nrf:29510 48 | security: 49 | integrityOrder: 50 | - NIA2 51 | - NIA0 52 | cipheringOrder: 53 | - NEA2 54 | - NEA0 55 | networkName: 56 | full: free5GC 57 | short: free 58 | t3502: 720 59 | t3512: 3600 60 | non3gppDeregistrationTimer: 1000 61 | free5GC.conf: | 62 | db_uri: mongodb://f5gc-mongodb:27017/free5GC 63 | #all logging levels 64 | #panic 65 | #fatal 66 | #error 67 | #warn 68 | #info 69 | #debug 70 | #trace 71 | logger: 72 | # network function 73 | AMF: 74 | debugLevel: trace 75 | ReportCaller: true 76 | SMF: 77 | debugLevel: info 78 | ReportCaller: true 79 | UDR: 80 | debugLevel: info 81 | ReportCaller: true 82 | UDM: 83 | debugLevel: info 84 | ReportCaller: true 85 | NRF: 86 | debugLevel: info 87 | ReportCaller: true 88 | PCF: 89 | debugLevel: info 90 | ReportCaller: true 91 | AUSF: 92 | debugLevel: info 93 | ReportCaller: true 94 | N3IWF: 95 | debugLevel: info 96 | ReportCaller: true 97 | # library 98 | NAS: 99 | debugLevel: info 100 | ReportCaller: true 101 | FSM: 102 | debugLevel: info 103 | ReportCaller: true 104 | NGAP: 105 | debugLevel: trace 106 | ReportCaller: true 107 | NamfComm: 108 | debugLevel: debug 109 | ReportCaller: true 110 | NamfEventExposure: 111 | debugLevel: info 112 | ReportCaller: true 113 | NsmfPDUSession: 114 | debugLevel: info 115 | ReportCaller: true 116 | NudrDataRepository: 117 | debugLevel: info 118 | ReportCaller: true 119 | OpenApi: 120 | debugLevel: debug 121 | ReportCaller: true 122 | Aper: 123 | debugLevel: info 124 | ReportCaller: true 125 | CommonConsumerTest: 126 | debugLevel: info 127 | ReportCaller: true 128 | # webui 129 | WEBUI: 130 | debugLevel: info 131 | ReportCaller: true 132 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/03_amf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-amf 6 | name: f5gc-amf 7 | spec: 8 | # type: ClusterIP 9 | clusterIP: None 10 | ports: 11 | - name: f5gc-amf 12 | port: 29518 13 | protocol: TCP 14 | targetPort: 29518 15 | - name: if-n1n2 16 | port: 38412 17 | protocol: SCTP 18 | targetPort: 38412 19 | selector: 20 | app: f5gc-amf 21 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/04_amf-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-amf-n1n2 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "172.16.10.20/24", 17 | "gateway": "172.16.10.1" 18 | } 19 | ] 20 | } 21 | }' 22 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/05_amf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-amf 5 | labels: 6 | app: f5gc-amf 7 | sliceidx: 6d3d79da-f781-4cd9-813a-dbdad01e01c0 8 | annotations: 9 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 10 | free5gc.org/nsi-ids: '[ 11 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 12 | ]' 13 | free5gc.org/supported-snssais: '[ 14 | { "st": 1, 15 | "ssd": "010203", 16 | }, 17 | { "st": 1, 18 | "ssd": "112233", 19 | }, 20 | ]' 21 | spec: 22 | replicas: 1 23 | selector: 24 | matchLabels: 25 | app: f5gc-amf 26 | strategy: 27 | type: Recreate 28 | template: 29 | metadata: 30 | labels: 31 | app: f5gc-amf 32 | annotations: 33 | k8s.v1.cni.cncf.io/networks: f5gc-amf-n1n2 34 | spec: 35 | securityContext: 36 | runAsUser: 0 37 | runAsGroup: 0 38 | containers: 39 | - name: f5gc-amf 40 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-amf:v3.0.4 41 | imagePullPolicy: IfNotPresent 42 | # imagePullPolicy: Always 43 | securityContext: 44 | privileged: false 45 | volumeMounts: 46 | - name: f5gc-amf-config 47 | mountPath: /free5gc/config 48 | - name: f5gc-amf-cert 49 | mountPath: /free5gc/support/TLS 50 | ports: 51 | - containerPort: 29518 52 | name: f5gc-amf 53 | protocol: TCP 54 | - containerPort: 38412 55 | name: if-n1n2 56 | protocol: SCTP 57 | - name: tcpdump 58 | image: corfr/tcpdump 59 | imagePullPolicy: IfNotPresent 60 | command: 61 | - /bin/sleep 62 | - infinity 63 | dnsPolicy: ClusterFirst 64 | restartPolicy: Always 65 | schedulerName: default-scheduler 66 | serviceAccountName: f5gc-amf-sa 67 | terminationGracePeriodSeconds: 30 68 | volumes: 69 | - name: f5gc-amf-cert 70 | secret: 71 | secretName: f5gc-amf-tls-secret 72 | - name: f5gc-amf-config 73 | configMap: 74 | name: f5gc-amf-config 75 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/cert/amf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEogIBAAKCAQEAqXpvTc1WpUqw6NI6+VcjBDf4tE2Zg/ebZx7Dr3th9P7GAI66 3 | kVyooVm89asvZIadg+0kRzuHR8cAohaBOrHGdQttdox2Tz14nNqOtIMTg42YhOxF 4 | uS9MLL6bR+TzLi6OElT+SZMFBsGGdNVUR3U0sf0VkblzgipbiKnJqDQoeH/4RHec 5 | lrwIBqsrbKgVSsNhEPQWCaErFHnZnfR48/UHVY+9lFlQsBcgX1IM9lR/EgudBZWY 6 | BIx0wTYy+Tq4kR7+GtJxlfmEWT3bACI2uY1D9u1zpvjf3cxwwk0K4oT7WLIq/onR 7 | eITyTbocHtMhGqvM6iryh81PlaFhmQeBLLE4WQIDAQABAoIBAC9RieYVIM4Brqcy 8 | m1impZY18nCVAfnAllkSU9yY/F6lC694KksPrd1u6r1E0HSmyS/edDSXQEwgGeMn 9 | mWlD3X8sc6GX0iiJpzVUKGfp+PbP//eM6GKt+/y6Myy9ldAdG3mu1VjBfbPHML1K 10 | Gr/gz5eqa+1F9CQxo2Di1vTpqysJS2UKiW0VCIYPM+gTUWj1mgiGt56yk/p6YAyS 11 | +6DZm19k+zr1M+d6iKPySfYOpC2UhyrbWWUNlMAERjm/cPkCRoHrrM9ZpHvSLxmL 12 | ABSG6OX4iDNQexDeIdrRWPHeArJ9cB/ucHhkAvFXLWrYZYCwfQijz/Yxa6ZzPZKW 13 | gJxWcaECgYEA2PK/QuD7FSxgUokDbqWnsFL8O2gHuOCi0lps268lRbrUM6KhFjg5 14 | KCjUzayvFqC3s0aMXXZ1/VoN8JgCiWIMbVmmBaAYEOe4ajlqOMhLD2kKqaZ3yI2X 15 | UJz1zGtV5lZuBQ6FOGNWTETlUBIFtg+goEH7Zf7VC8z/i1IVtyYcCCUCgYEAx/w1 16 | 5UHu3w4BZaUPYOJJ9RktJ/q+ptIDQl/xt1mAFzZ/u/m3WVJsDnOA1IGvHTnjHELK 17 | 078Y4CRoY4mEXfZPJsl7PArVDr8huwrLqwNDwJZ77YMjkpRhhYlUK12KLlMocC42 18 | V8p+YFenELAE9Lky4jYRCoGejyq4yAJVYq3sbyUCgYB842kE9/yyWKRuft9R79zT 19 | nUIEdMOVQwOYMmPeJzo+pOmJfAJdhyooGzE94T29ufFmK6OcHhiYKyJBMVCsg5wB 20 | ywzOyjVwbeR0ie7DF1JWYbK4rNLhydikmGbLMbL2cSTOlmhMaKsCJtsXN/i/sMlX 21 | 2AP/2C4OqAkny64ii7axXQKBgAbOCC9y3OPuIBILWcicKpQSdTzlBVO71ayOgzUP 22 | 8JHZouMMjjaV3WNofru8Ze8Cpz2w8CHgYMJPutWYOk7QMMVLGcxjOfi0fDtXFLMO 23 | +2E0PadJTQ6Ryfe3QovvNOJ6peebSvIVy9MPaHni42hIXPjhihbnbjPE6mCz45/l 24 | 9yOZAoGANrcL3qNMD6PDIvknr3Y7rhMStZsEdkFEGBTUSP4pZbwHnNIKX5iQluw7 25 | Aawx2ZidYh89X8LFkPsup5OGTrAUP/TPCgXA+aZlO0yjVMCFlA7D+MTiNOeSOe// 26 | 0dAVhuRAFS510v0NfSPlLnSfA69jEcpuewf94ITMRj6MIiYLpxc= 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/cert/amf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDUzCCAjugAwIBAgIJANC4esPC102UMA0GCSqGSIb3DQEBCwUAMEAxCzAJBgNV 3 | BAYTAlRXMRAwDgYDVQQIDAdIc2luY2h1MQ0wCwYDVQQHDARjaXR5MRAwDgYDVQQK 4 | DAdmcmVlNUdDMB4XDTE5MDcxODA3NTkwOFoXDTI5MDcxNTA3NTkwOFowQDELMAkG 5 | A1UEBhMCVFcxEDAOBgNVBAgMB0hzaW5jaHUxDTALBgNVBAcMBGNpdHkxEDAOBgNV 6 | BAoMB2ZyZWU1R0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpem9N 7 | zValSrDo0jr5VyMEN/i0TZmD95tnHsOve2H0/sYAjrqRXKihWbz1qy9khp2D7SRH 8 | O4dHxwCiFoE6scZ1C212jHZPPXic2o60gxODjZiE7EW5L0wsvptH5PMuLo4SVP5J 9 | kwUGwYZ01VRHdTSx/RWRuXOCKluIqcmoNCh4f/hEd5yWvAgGqytsqBVKw2EQ9BYJ 10 | oSsUedmd9Hjz9QdVj72UWVCwFyBfUgz2VH8SC50FlZgEjHTBNjL5OriRHv4a0nGV 11 | +YRZPdsAIja5jUP27XOm+N/dzHDCTQrihPtYsir+idF4hPJNuhwe0yEaq8zqKvKH 12 | zU+VoWGZB4EssThZAgMBAAGjUDBOMB0GA1UdDgQWBBTRNsNPYUMfmh6xMHsYpdhz 13 | GAlUszAfBgNVHSMEGDAWgBTRNsNPYUMfmh6xMHsYpdhzGAlUszAMBgNVHRMEBTAD 14 | AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQANX8eve1eV6G8m6kcBeD664yI9v9ELVXPV 15 | XJ06Vlrcx3xYzpyO2aIDlbA++zfS1Fdlczmn1bSh2jKyRi0JPq8Bc2bvpKUPU+jL 16 | vYIcbLaUkT+YeknDOOMDLpwpZRyuTWw1dZg/LnlGkuSgjgpvyrNhXdx216TwgjGX 17 | ao7hqQDzumH/CIX1/Bw19xjvy8y21fqgIjpgL4yB/1erC4i/I2Z+mZEb3DH459gz 18 | sTmrUHUjO0mSVHmnLYKaYJbRYQGPUQTg5fIYasOAFG3K3C485MGRgMiSkrAC7A2M 19 | ZHioUNtm3XF9tfE1srtLsPGfypiM/hiGWIlgYJHUh8NYjQIXF9Pb 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /manifests/f5gc-amf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_amf-sa.yaml 3 | - 01_amf-rbac.yaml 4 | - 02_amf-configmap.yaml 5 | - 03_amf-service.yaml 6 | - 04_amf-multus.yaml 7 | - 05_amf-deployment.yaml 8 | 9 | namespace: f5gc 10 | 11 | secretGenerator: 12 | - name: f5gc-amf-tls-secret 13 | namespace: f5gc 14 | files: 15 | - cert/amf.pem 16 | - cert/amf.key 17 | type: "Opaque" 18 | generatorOptions: 19 | disableNameSuffixHash: true 20 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/00_ausf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-ausf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/01_ausf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-ausf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-ausf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/02_ausf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-ausf-config 5 | data: 6 | ausfcfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: AUSF initial local configuration 10 | 11 | configuration: 12 | sbi: 13 | scheme: http 14 | registerIPv4: f5gc-ausf # Can also be a kubernetes service IP or domain name. 15 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 16 | port: 29509 17 | serviceNameList: 18 | - nausf-auth 19 | nrfUri: http://f5gc-nrf:29510 20 | plmnSupportList: 21 | - mcc: 208 22 | mnc: 93 23 | - mcc: 123 24 | mnc: 45 25 | groupId: ausfGroup001 26 | 27 | free5GC.conf: | 28 | db_uri: mongodb://f5gc-mongodb:27017/free5GC 29 | #all logging levels 30 | #panic 31 | #fatal 32 | #error 33 | #warn 34 | #info 35 | #debug 36 | #trace 37 | logger: 38 | # network function 39 | AMF: 40 | debugLevel: info 41 | ReportCaller: true 42 | SMF: 43 | debugLevel: info 44 | ReportCaller: true 45 | UDR: 46 | debugLevel: info 47 | ReportCaller: true 48 | UDM: 49 | debugLevel: info 50 | ReportCaller: true 51 | NRF: 52 | debugLevel: info 53 | ReportCaller: true 54 | PCF: 55 | debugLevel: info 56 | ReportCaller: true 57 | AUSF: 58 | debugLevel: info 59 | ReportCaller: true 60 | N3IWF: 61 | debugLevel: info 62 | ReportCaller: true 63 | # library 64 | NAS: 65 | debugLevel: info 66 | ReportCaller: true 67 | FSM: 68 | debugLevel: info 69 | ReportCaller: true 70 | NGAP: 71 | debugLevel: info 72 | ReportCaller: true 73 | NamfComm: 74 | debugLevel: info 75 | ReportCaller: true 76 | NamfEventExposure: 77 | debugLevel: info 78 | ReportCaller: true 79 | NsmfPDUSession: 80 | debugLevel: info 81 | ReportCaller: true 82 | NudrDataRepository: 83 | debugLevel: info 84 | ReportCaller: true 85 | OpenApi: 86 | debugLevel: debug 87 | ReportCaller: true 88 | Aper: 89 | debugLevel: info 90 | ReportCaller: true 91 | CommonConsumerTest: 92 | debugLevel: info 93 | ReportCaller: true 94 | # webui 95 | WEBUI: 96 | debugLevel: info 97 | ReportCaller: true 98 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/03_ausf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-ausf 6 | name: f5gc-ausf 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-ausf 11 | port: 29509 12 | protocol: TCP 13 | targetPort: 29509 14 | selector: 15 | app: f5gc-ausf 16 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/04_ausf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-ausf 5 | labels: 6 | app: f5gc-ausf 7 | annotations: 8 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 9 | free5gc.org/nsi-ids: '[ 10 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 11 | ]' 12 | spec: 13 | replicas: 1 14 | selector: 15 | matchLabels: 16 | app: f5gc-ausf 17 | strategy: 18 | type: Recreate 19 | template: 20 | metadata: 21 | labels: 22 | app: f5gc-ausf 23 | spec: 24 | securityContext: 25 | runAsUser: 0 26 | runAsGroup: 0 27 | containers: 28 | - name: f5gc-ausf 29 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-ausf:v3.0.4 30 | imagePullPolicy: IfNotPresent 31 | # imagePullPolicy: Always 32 | securityContext: 33 | privileged: true 34 | volumeMounts: 35 | - name: f5gc-ausf-config 36 | mountPath: /free5gc/config 37 | - name: f5gc-ausf-cert 38 | mountPath: /free5gc/support/TLS 39 | ports: 40 | - containerPort: 29509 41 | name: f5gc-ausf 42 | protocol: TCP 43 | - name: tcpdump 44 | image: corfr/tcpdump 45 | command: 46 | - /bin/sleep 47 | - infinity 48 | dnsPolicy: ClusterFirst 49 | restartPolicy: Always 50 | schedulerName: default-scheduler 51 | serviceAccountName: f5gc-ausf-sa 52 | terminationGracePeriodSeconds: 30 53 | volumes: 54 | - name: f5gc-ausf-cert 55 | secret: 56 | secretName: f5gc-ausf-tls-secret 57 | - name: f5gc-ausf-config 58 | configMap: 59 | name: f5gc-ausf-config 60 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/cert/ausf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEA5tfKck1ZCBa/t6MKLfU9aVpHUHTrTNLU2Ub6HfpflcChaFGc 3 | WkW8HcIqCjNY9YzjEBEohlp5Xf2usway3/0PCe2kI4KA44QkFq0J/+hb3zga+GX2 4 | vUiGIRZUW09ZUHw7XjJICd8HflC3jUnb2F0On7OyKdAqeVfMxfZfvW6Zs95Gt0b3 5 | l4W71KfVr2WH/Jp/w14NtSKsX7HWFVOXw9inGdYqjdlmT4fIK7dHw1KFjR+c5nlR 6 | sMV8bos7ntJdhEmwNBwBmRpaky1fCdcTKSV0NYgDBEjB773B/dLBVI61SEYpYNQh 7 | qH5sr7BqxtVOPfUcCTmOkQvnLGaiYHbaIKC8lQIDAQABAoIBAD5fmEgCNkhFPVA1 8 | MY7xcMKCrjpDHUEIxpJe5z4qZKFmBzbUtlZ9+TJhQFK5RRQ0GTZCLJ0A3UJURVwC 9 | N1rmWaXpHCysGn9fOREXeFg5RHmwAzmS83R5oCRYkDqL2ioxJylwlJ52MOQkkzQN 10 | /OUdX9IvD7jUkmVvH9ltlLjupYE/zoISTAWiUaVvDOrl5eVpCpAkbz7iJGLrP7dG 11 | lF+qnFo13ex/DnsVSkFUxwsizpZ7IggfAw7l74GbkfiM7T95kwIFdP8KFuOUa3un 12 | bfV1UCGE1pKmWhBlOnB9ZFpXBjzbPTIB0MQErUQMX/qD9VRuyGdN/LjVXtUPhlZT 13 | qt3RrBECgYEA/moEBHdd44HGPOMnL3ZZVu6M5nDpodYfXGwhwonZdb1dSSHyRItl 14 | PWi/NmOJ2LG4tFrsPNJdxJy3mT+X+awgpHNaT7GrZlEDRSS/1KDGWRMgyr7P0Eyx 15 | or6OnVI6hTMSAsJdnsOOa7KeUOcacm05EuXRaWpdnbzELsa1t3dbhWcCgYEA6Egp 16 | PohxEHoxiZ52Mfa+TCWAB+8jp96Gd4rq//xtAYbE+pmSbh/o3oPWAJsHn7YxwgsL 17 | YzJbBOja7TLGa8LICMB19K/f+l0t/TYuEAboTnGctVvHwHG7Ll96bZGiEojzs7Lj 18 | 4T3L9YdA4finfSWfdQNk2T3IBlJXDcxhwu+jVKMCgYBM7e/DDfkk9zPja2iI8Id5 19 | Qu72K4Rp/F5FSyk2Mwq/kIApwgsI8QGu/QJ8xsKC9NJ+LtQqXA4giqb1vwYMaCEC 20 | uSLA4F+Ms8iCWudquybe/mq3A9XBDb/VDzv+lEO/zT6P+QfoHwfsxvkaS5dyrFZK 21 | wZV+A7zFGrRT1KBUFtJk1wKBgQCbcf83+/M+Raf1IviSQz/ikY32wVCpPL/cLDlM 22 | Ck+gn+IemrtluzEKCEwkp5sYhMMTynRadA55YKNx7XLgFr/rK3FEyJYpZEYsmB+H 23 | VjgMlvd6Xut0nCfZxseVn8pIgSIl9eeOit59d4AyOUdM9uqZUiYhQ7kikeP0NfyO 24 | ifRR5QKBgD83DHQWgA3C4f9Q3oif9grvCP1r+suqonTmpB4hpW01IlC0YluCEl12 25 | 6U9hr6047BB2tl2uGODI8IBY2wkoCKVjCebuEeVuIa76CxhG0IERi3gmBl4krbDi 26 | n5z1Islfc+UqSK3IZbHQB7a/iGSUX0mhAahLHX+rzIXl4oUykSCz 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/cert/ausf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDYDCCAkigAwIBAgIJAKhXRBF0PdYcMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV 3 | BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX 4 | aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzIzMDY1MzIwWhcNMjkwNzIwMDY1MzIwWjBF 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 7 | CgKCAQEA5tfKck1ZCBa/t6MKLfU9aVpHUHTrTNLU2Ub6HfpflcChaFGcWkW8HcIq 8 | CjNY9YzjEBEohlp5Xf2usway3/0PCe2kI4KA44QkFq0J/+hb3zga+GX2vUiGIRZU 9 | W09ZUHw7XjJICd8HflC3jUnb2F0On7OyKdAqeVfMxfZfvW6Zs95Gt0b3l4W71KfV 10 | r2WH/Jp/w14NtSKsX7HWFVOXw9inGdYqjdlmT4fIK7dHw1KFjR+c5nlRsMV8bos7 11 | ntJdhEmwNBwBmRpaky1fCdcTKSV0NYgDBEjB773B/dLBVI61SEYpYNQhqH5sr7Bq 12 | xtVOPfUcCTmOkQvnLGaiYHbaIKC8lQIDAQABo1MwUTAdBgNVHQ4EFgQUYD0n5aiC 13 | y2cCIvOf2+d4/jX7TokwHwYDVR0jBBgwFoAUYD0n5aiCy2cCIvOf2+d4/jX7Tokw 14 | DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtWk3cRE4UHm+5zHG 15 | aOarrZSsq9kaRBy2j1wPq94CXaNKdKdU5v99Fi7XCkdVow0/7h+RW4bRRxUOc+HJ 16 | SKT9TeMTzkY1C4nUDXBiN8hNWQ+EPFliy938OEYRIgeV7u6mMHgV2r76h7ItTE/9 17 | no+1vT4LzVNSM3nsEx9W5TgOiXqt/d0+PyTx48befwPN1mKsmOi7ipaD8JlakAnz 18 | Nn9aNJMdq/VJaLhP+4F/1UCJANQVzZlSn4LFKJlfvRIBX8wpXYoz3JYAa6wYVF90 19 | JVoBhhrhQpbxgQSDskXT5pT5/YVSnPlRuSBMamGsXWcXeMPCCsCJiLC765v0t5vT 20 | heItBA== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /manifests/f5gc-ausf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_ausf-sa.yaml 3 | - 01_ausf-rbac.yaml 4 | - 02_ausf-configmap.yaml 5 | - 03_ausf-service.yaml 6 | - 04_ausf-deployment.yaml 7 | 8 | namespace: f5gc 9 | 10 | secretGenerator: 11 | - name: f5gc-ausf-tls-secret 12 | namespace: f5gc 13 | files: 14 | - cert/ausf.pem 15 | - cert/ausf.key 16 | type: "Opaque" 17 | generatorOptions: 18 | disableNameSuffixHash: true 19 | -------------------------------------------------------------------------------- /manifests/f5gc-gnbsim/00_gnbsim-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-gnbsim-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-gnbsim/01_gnbsim-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-gnbsim-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-gnbsim-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-gnbsim/02_gnbsim-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-gnbsim-config 5 | data: 6 | example.json: | 7 | { 8 | "GlobalGNBID": { 9 | "mcc": 208, 10 | "mnc": 93, 11 | "gnbid": 1 12 | }, 13 | "SupportedTAList" : [ 14 | { 15 | "TAC": "0x000001", 16 | "BroadcastPLMNList": [ 17 | { 18 | "MCC": 208, 19 | "MNC": 93, 20 | "SliceSupportList": [ 21 | { 22 | "SST": 1, 23 | "SD": "010203" 24 | } 25 | ] 26 | } 27 | ] 28 | } 29 | ], 30 | "PagingDRX" : "v32", 31 | "RANUENGAPID" : 0, 32 | "UE": { 33 | "imeisv": "0000000100000101", 34 | "msin": "0000000003", 35 | "mcc": 208, 36 | "mnc": 93, 37 | "RoutingIndicator": 1234, 38 | "ProtectionScheme": "null", 39 | "AuthParam": { 40 | "K": "8baf473f2f8fd09487cccbd7097c6862", 41 | "OPc": "8e27b6af0e692e750f32667a3b14605d" 42 | }, 43 | "snssai": { 44 | "sst": 1, 45 | "sd": "010203" 46 | }, 47 | "dnn": "internet", 48 | "url": "http://localhost/" 49 | }, 50 | "ULInfoNR": { 51 | "NRCGI": { 52 | "PLMN": { 53 | "mcc": 208, 54 | "mnc": 93 55 | }, 56 | "NRCellID": 1 57 | }, 58 | "TAI": { 59 | "PLMN": { 60 | "mcc": 208, 61 | "mnc": 93 62 | }, 63 | "TAC": "0x000001" 64 | } 65 | }, 66 | "GTPuAddr": "192.168.10.10", 67 | "GTPuIFname": "net2" 68 | } 69 | -------------------------------------------------------------------------------- /manifests/f5gc-gnbsim/03_gnbsim-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-gnbsim 6 | name: f5gc-gnbsim 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-gnbsim-n1n2 11 | port: 38412 12 | protocol: SCTP 13 | targetPort: 38412 14 | - name: f5gc-gnbsim-n3 15 | port: 2152 16 | protocol: UDP 17 | targetPort: 2152 18 | selector: 19 | app: f5gc-gnbsim 20 | -------------------------------------------------------------------------------- /manifests/f5gc-gnbsim/04_gnbsim-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-gnbsim-n1n2 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "172.16.10.10/24", 17 | "gateway": "172.16.10.1" 18 | } 19 | ] 20 | } 21 | }' 22 | 23 | --- 24 | apiVersion: "k8s.cni.cncf.io/v1" 25 | kind: NetworkAttachmentDefinition 26 | metadata: 27 | name: f5gc-gnbsim-n3 28 | spec: 29 | config: '{ 30 | "cniVersion": "0.3.1", 31 | "type": "macvlan", 32 | "master": "eno2", 33 | "mode": "bridge", 34 | "ipam": { 35 | "type": "static", 36 | "addresses": [ 37 | { 38 | "address": "192.168.10.10/24", 39 | "gateway": "192.168.10.1" 40 | } 41 | ] 42 | } 43 | }' 44 | -------------------------------------------------------------------------------- /manifests/f5gc-gnbsim/05_gnbsim-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-gnbsim 5 | labels: 6 | app: f5gc-gnbsim 7 | # sliceidx: 6d3d79da-f781-4cd9-813a-dbdad01e01c0 8 | annotations: 9 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 10 | free5gc.org/nsi-ids: '[ 11 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 12 | ]' 13 | free5gc.org/supported-snssais: '[ 14 | { "st": 1, 15 | "ssd": "010203", 16 | }, 17 | { "st": 1, 18 | "ssd": "112233", 19 | }, 20 | ]' 21 | spec: 22 | replicas: 1 23 | selector: 24 | matchLabels: 25 | app: f5gc-gnbsim 26 | strategy: 27 | type: Recreate 28 | template: 29 | metadata: 30 | labels: 31 | app: f5gc-gnbsim 32 | annotations: 33 | k8s.v1.cni.cncf.io/networks: f5gc-gnbsim-n1n2, f5gc-gnbsim-n3 34 | spec: 35 | securityContext: 36 | runAsUser: 0 37 | runAsGroup: 0 38 | containers: 39 | - name: f5gc-gnbsim 40 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-gnbsim:v3.0.4 41 | imagePullPolicy: IfNotPresent 42 | # imagePullPolicy: Always 43 | command: ["sh"] 44 | tty: true 45 | securityContext: 46 | privileged: true 47 | capabilities: 48 | add: ["NET_ADMIN", "SYS_TIME"] 49 | volumeMounts: 50 | - name: f5gc-gnbsim-config 51 | mountPath: /gnbsim/example-sample.json 52 | subPath: example-sample.json 53 | - mountPath: /dev/net/tun 54 | name: tun-devdir 55 | ports: 56 | - containerPort: 38412 57 | name: if-n1n2 58 | protocol: SCTP 59 | - containerPort: 2152 60 | name: if-n3 61 | protocol: UDP 62 | - name: f5gc-gnbsim-probe 63 | image: nginx:latest 64 | ports: 65 | - containerPort: 80 66 | name: http-probe 67 | protocol: TCP 68 | - name: tcpdump 69 | image: corfr/tcpdump 70 | command: 71 | - /bin/sleep 72 | - infinity 73 | dnsPolicy: ClusterFirst 74 | restartPolicy: Always 75 | schedulerName: default-scheduler 76 | serviceAccountName: f5gc-gnbsim-sa 77 | terminationGracePeriodSeconds: 30 78 | volumes: 79 | - name: f5gc-gnbsim-config 80 | configMap: 81 | name: f5gc-gnbsim-config 82 | - name: tun-devdir 83 | hostPath: 84 | path: /dev/net/tun 85 | 86 | -------------------------------------------------------------------------------- /manifests/f5gc-gnbsim/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_gnbsim-sa.yaml 3 | - 01_gnbsim-rbac.yaml 4 | - 02_gnbsim-configmap.yaml 5 | - 03_gnbsim-service.yaml 6 | - 04_gnbsim-multus.yaml 7 | - 05_gnbsim-deployment.yaml 8 | 9 | namespace: f5gc 10 | -------------------------------------------------------------------------------- /manifests/f5gc-mongodb/00_mongodb-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | labels: 6 | app: f5gc-mongodb 7 | name: f5gc-mongodb 8 | spec: 9 | type: ClusterIP 10 | ports: 11 | - name: f5gc-mongodb 12 | port: 27017 13 | targetPort: 27017 14 | protocol: TCP 15 | selector: 16 | app: f5gc-mongodb 17 | -------------------------------------------------------------------------------- /manifests/f5gc-mongodb/01_mongodb-configmap.yaml: -------------------------------------------------------------------------------- 1 | kind: ConfigMap 2 | apiVersion: v1 3 | metadata: 4 | name: f5gc-mongodb-config 5 | data: 6 | mongo_initdb_database: "free5gc" 7 | -------------------------------------------------------------------------------- /manifests/f5gc-mongodb/02_mongodb-f5gc-db.yaml: -------------------------------------------------------------------------------- 1 | kind: ConfigMap 2 | apiVersion: v1 3 | metadata: 4 | name: f5gc-mongodb-data 5 | data: 6 | # Test 7 | -------------------------------------------------------------------------------- /manifests/f5gc-mongodb/03_mongodb-statefulset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: f5gc-mongodb 5 | spec: 6 | serviceName: f5gc-mongodb 7 | selector: 8 | matchLabels: 9 | app: f5gc-mongodb 10 | replicas: 1 11 | template: 12 | metadata: 13 | labels: 14 | app: f5gc-mongodb 15 | spec: 16 | securityContext: 17 | runAsUser: 0 18 | runAsGroup: 0 19 | containers: 20 | - name: mongodb 21 | image: mongo:4.2.7 22 | ports: 23 | - containerPort: 27017 24 | name: mongodb 25 | env: 26 | - name: MONGO_INITDB_DATABASE 27 | valueFrom: 28 | configMapKeyRef: 29 | name: f5gc-mongodb-config 30 | key: mongo_initdb_database 31 | -------------------------------------------------------------------------------- /manifests/f5gc-mongodb/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_mongodb-service.yaml 3 | - 01_mongodb-configmap.yaml 4 | - 02_mongodb-f5gc-db.yaml 5 | - 03_mongodb-statefulset.yaml 6 | 7 | namespace: f5gc 8 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy-2/00_n6dummy-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-n6dummy-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy-2/01_n6dummy-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-n6dummy-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-n6dummy-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy-2/02_n6dummy-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-n6dummy-2-n6 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "172.16.31.101/24", 17 | "gateway": "172.16.31.1" 18 | } 19 | ] 20 | } 21 | }' 22 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy-2/03_n6dummy-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-n6dummy-2 5 | labels: 6 | app: f5gc-n6dummy-2 7 | spec: 8 | replicas: 1 9 | selector: 10 | matchLabels: 11 | app: f5gc-n6dummy-2 12 | strategy: 13 | type: Recreate 14 | template: 15 | metadata: 16 | labels: 17 | app: f5gc-n6dummy-2 18 | annotations: 19 | k8s.v1.cni.cncf.io/networks: f5gc-n6dummy-2-n6 20 | spec: 21 | securityContext: 22 | runAsUser: 0 23 | runAsGroup: 0 24 | containers: 25 | - name: f5gc-n6dummy 26 | image: docker.io/centos/tools:latest 27 | imagePullPolicy: IfNotPresent 28 | # imagePullPolicy: Always 29 | command: 30 | - /sbin/init 31 | securityContext: 32 | privileged: true 33 | dnsPolicy: ClusterFirst 34 | restartPolicy: Always 35 | schedulerName: default-scheduler 36 | serviceAccountName: f5gc-n6dummy-sa 37 | terminationGracePeriodSeconds: 30 38 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy-2/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_n6dummy-sa.yaml 3 | - 01_n6dummy-rbac.yaml 4 | - 02_n6dummy-multus.yaml 5 | - 03_n6dummy-deployment.yaml 6 | 7 | namespace: f5gc 8 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy/00_n6dummy-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-n6dummy-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy/01_n6dummy-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-n6dummy-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-n6dummy-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy/02_n6dummy-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-n6dummy-n6 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "172.16.31.100/24", 17 | "gateway": "172.16.31.1" 18 | } 19 | ] 20 | } 21 | }' 22 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy/03_n6dummy-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-n6dummy 5 | labels: 6 | app: f5gc-n6dummy 7 | spec: 8 | replicas: 1 9 | selector: 10 | matchLabels: 11 | app: f5gc-n6dummy 12 | strategy: 13 | type: Recreate 14 | template: 15 | metadata: 16 | labels: 17 | app: f5gc-n6dummy 18 | annotations: 19 | k8s.v1.cni.cncf.io/networks: f5gc-n6dummy-n6 20 | spec: 21 | securityContext: 22 | runAsUser: 0 23 | runAsGroup: 0 24 | containers: 25 | - name: f5gc-n6dummy 26 | image: docker.io/centos/tools:latest 27 | imagePullPolicy: IfNotPresent 28 | # imagePullPolicy: Always 29 | command: 30 | - /sbin/init 31 | securityContext: 32 | privileged: true 33 | dnsPolicy: ClusterFirst 34 | restartPolicy: Always 35 | schedulerName: default-scheduler 36 | serviceAccountName: f5gc-n6dummy-sa 37 | terminationGracePeriodSeconds: 30 38 | -------------------------------------------------------------------------------- /manifests/f5gc-n6dummy/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_n6dummy-sa.yaml 3 | - 01_n6dummy-rbac.yaml 4 | - 02_n6dummy-multus.yaml 5 | - 03_n6dummy-deployment.yaml 6 | 7 | namespace: f5gc 8 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/00_nrf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-nrf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/01_nrf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-nrf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-nrf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/02_nrf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-nrf-config 5 | data: 6 | 7 | nrfcfg.conf: | 8 | info: 9 | version: 1.0.0 10 | description: NRF initial local configuration 11 | 12 | configuration: 13 | MongoDBName: "free5gc" 14 | MongoDBUrl: "mongodb://f5gc-mongodb:27017" 15 | DefaultServiceIP: "f5gc-nrf" 16 | sbi: 17 | scheme: http 18 | ipv4Addr: 0.0.0.0 19 | port: 29510 20 | DefaultPlmnId: 21 | mcc: "208" 22 | mnc: "93" 23 | serviceNameList: 24 | - nnrf-nfm 25 | - nnrf-disc 26 | 27 | free5GC.conf: | 28 | db_uri: mongodb://f5gc-mongodb:27017/free5GC 29 | #all logging levels 30 | #panic 31 | #fatal 32 | #error 33 | #warn 34 | #info 35 | #debug 36 | #trace 37 | logger: 38 | # network function 39 | AMF: 40 | debugLevel: info 41 | ReportCaller: true 42 | SMF: 43 | debugLevel: info 44 | ReportCaller: true 45 | UDR: 46 | debugLevel: info 47 | ReportCaller: true 48 | UDM: 49 | debugLevel: info 50 | ReportCaller: true 51 | NRF: 52 | debugLevel: info 53 | ReportCaller: true 54 | PCF: 55 | debugLevel: info 56 | ReportCaller: true 57 | AUSF: 58 | debugLevel: info 59 | ReportCaller: true 60 | N3IWF: 61 | debugLevel: info 62 | ReportCaller: true 63 | # library 64 | NAS: 65 | debugLevel: info 66 | ReportCaller: true 67 | FSM: 68 | debugLevel: info 69 | ReportCaller: true 70 | NGAP: 71 | debugLevel: info 72 | ReportCaller: true 73 | NamfComm: 74 | debugLevel: info 75 | ReportCaller: true 76 | NamfEventExposure: 77 | debugLevel: info 78 | ReportCaller: true 79 | NsmfPDUSession: 80 | debugLevel: info 81 | ReportCaller: true 82 | NudrDataRepository: 83 | debugLevel: info 84 | ReportCaller: true 85 | OpenApi: 86 | debugLevel: debug 87 | ReportCaller: true 88 | Aper: 89 | debugLevel: info 90 | ReportCaller: true 91 | CommonConsumerTest: 92 | debugLevel: info 93 | ReportCaller: true 94 | # webui 95 | WEBUI: 96 | debugLevel: info 97 | ReportCaller: true 98 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/03_nrf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-nrf 6 | name: f5gc-nrf 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-nrf 11 | port: 29510 12 | protocol: TCP 13 | targetPort: 29510 14 | selector: 15 | app: f5gc-nrf 16 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/04_nrf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-nrf 5 | labels: 6 | app: f5gc-nrf 7 | annotations: 8 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 9 | free5gc.org/nsi-ids: '[ 10 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 11 | ]' 12 | spec: 13 | replicas: 1 14 | selector: 15 | matchLabels: 16 | app: f5gc-nrf 17 | strategy: 18 | type: Recreate 19 | template: 20 | metadata: 21 | labels: 22 | app: f5gc-nrf 23 | spec: 24 | securityContext: 25 | runAsUser: 0 26 | runAsGroup: 0 27 | containers: 28 | - name: f5gc-nrf 29 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-nrf:v3.0.4 30 | imagePullPolicy: IfNotPresent 31 | # imagePullPolicy: Always 32 | securityContext: 33 | privileged: false 34 | volumeMounts: 35 | - name: f5gc-nrf-config 36 | mountPath: /free5gc/config 37 | - name: f5gc-nrf-cert 38 | mountPath: /free5gc/support/TLS 39 | ports: 40 | - containerPort: 29510 41 | name: f5gc-nrf 42 | protocol: TCP 43 | - name: tcpdump 44 | image: corfr/tcpdump 45 | imagePullPolicy: IfNotPresent 46 | command: 47 | - /bin/sleep 48 | - infinity 49 | dnsPolicy: ClusterFirst 50 | restartPolicy: Always 51 | schedulerName: default-scheduler 52 | serviceAccountName: f5gc-nrf-sa 53 | terminationGracePeriodSeconds: 30 54 | volumes: 55 | - name: f5gc-nrf-cert 56 | secret: 57 | secretName: f5gc-nrf-tls-secret 58 | - name: f5gc-nrf-config 59 | configMap: 60 | name: f5gc-nrf-config 61 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/cert/nrf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEAnrbgWnBF/nCKyHHQWkUWC8oLJBFAJ1vUCekFG0LPcOSjyDD9 3 | SfzOLODGKi2VNbsPoHbZbxdLyqDYxBu4OHEAaeWWuNUX76E6uTb8l0BqqRDzADaI 4 | NA3dPdqXQh64OnBYdokmPZEYuH8cDS5YoraZHavVE6xawgwBPSDGFWrvLQ6tbwtt 5 | dgOCN7WvUpRVVC6O5J6HaSm4diWtorcTrJl6DgST74iUhTs8O8cO8nWDZyBdQA44 6 | XHcM8e+ZJYlIkcXQhOd0m9rvXRPTDbGR8Pefw82FL3P5qr8Gl1lObiW2MTCApp3e 7 | ggOaxQJQQzGu8ticwkR++DCAzox6+iYIWcF7MQIDAQABAoIBAALuKXJCBGjQNx/A 8 | SjKAeAm7rzz5PI/9eAq+zKNWNnJFJmj5zpNhIYVemQoKUWjujTlPOHB+o52YHqhw 9 | QpR4MaPC42eCN7Dq7ySgSUWZoN6CO5pTZ2xenSkZMhW8b3ZUwK1flt8oIKa3YhM0 10 | Odq3OFh95a85TWurwRIZ2s5mbQgN5+AUI6D/AmmybJu2qYo6Swq7T1r+YdPjA/ah 11 | LveS6juyeHj/+IQ5s0HbSkw1chGR/e2bM/L9SD5govY4EvXyZHfW9++DCfPZV4Bs 12 | 9yfmsWUh5iCbJjo+0c4Em1hZlS7SoilTU5y8NP4OTuMBWK+oLOc+Dp9ioVMWX/J4 13 | Pz/ZCEkCgYEAzRaEIzkhjD3nZRIOZ5ELCOeKaLh96HR0mqclmcT63peDFnGL8Gdh 14 | ce5r64W84aBzVmiu2z8wNLQl8f8zVuOyH/Brb+R66LXOnaiS0sB999YwJ2DFRiPr 15 | Fg6ANJiVCSJj36TIPNfD5m05TU2CxB8T1nLE/qSqbs531w9ZqmQhCWMCgYEAxh1J 16 | JnQt0/mg8w5S4v7WPkLSg8Gm+/TRsAr7WL1UmTe7bK21O4803/nhqhbgxYcxJxXC 17 | DK1On5zO3tLCBLeF2ZNVj2eeV0kPLxjbIgVYzMdCH+wIOw9H3pXg2ikmkQtz+/22 18 | HubL0lSMTZPjc7Zjwcd3fXt0/ph5jU/jRqqr11sCgYEAg1xNrKX2R/aKlOE42rs7 19 | Xyu3KpYpB1A4M6ql2dUifpp7O0/lO0lsT+ZPt56EudvkpE8O2J2jic5tk5BLWPck 20 | 63I5zoSA+TciLTeBO35R8QF+/GnuUZvGAu2szoOAykX9xIyuONJWxuvkzQ+9l1L0 21 | iOIgLZ5ZD/otJlHNs+bIhlMCgYB3/t8CspXbcbSh40gjA3WiyniVo2LP8y5asZwh 22 | 2LN4BkC4h9Jg29GL499iVW8ZVVRZNx2M7h/UH3dRkVhA4SPqcAn/zSQj/DV9MlHw 23 | Hkr15a7QhPdLRmsij6dcnFYmvkgnFjoMJ4DGyb0dc/jtakir43QlhfSMDLB6/itL 24 | 7y4cRwKBgDl9ErtNLkm49yT0YFwth2yfy7I4fsJWz4MGy5Dgs7VGb1g4P7vWyi1N 25 | ISTvfSV8oJcsUgPwtFYZ/WVwYfTzho2iGruTi2ZLqGlmBuI0VtiWjxmUeK2FQXtX 26 | pvLCTTCGoa7W63a7YXZy/CoeQzWvZHAdFbUOKWo2lP4GwPOz1qbc 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/cert/nrf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDozCCAougAwIBAgIUX7XnMYtfOyKrRZbCntYDzkvUYzEwDQYJKoZIhvcNAQEL 3 | BQAwYTELMAkGA1UEBhMCYWIxCzAJBgNVBAgMAmFiMQswCQYDVQQHDAJhYjELMAkG 4 | A1UECgwCYWIxCzAJBgNVBAsMAmFiMQswCQYDVQQDDAJhYjERMA8GCSqGSIb3DQEJ 5 | ARYCYWIwHhcNMTkwNzE5MDg1MDA4WhcNMjkwNzE2MDg1MDA4WjBhMQswCQYDVQQG 6 | EwJhYjELMAkGA1UECAwCYWIxCzAJBgNVBAcMAmFiMQswCQYDVQQKDAJhYjELMAkG 7 | A1UECwwCYWIxCzAJBgNVBAMMAmFiMREwDwYJKoZIhvcNAQkBFgJhYjCCASIwDQYJ 8 | KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ624FpwRf5wishx0FpFFgvKCyQRQCdb 9 | 1AnpBRtCz3Dko8gw/Un8zizgxiotlTW7D6B22W8XS8qg2MQbuDhxAGnllrjVF++h 10 | Ork2/JdAaqkQ8wA2iDQN3T3al0IeuDpwWHaJJj2RGLh/HA0uWKK2mR2r1ROsWsIM 11 | AT0gxhVq7y0OrW8LbXYDgje1r1KUVVQujuSeh2kpuHYlraK3E6yZeg4Ek++IlIU7 12 | PDvHDvJ1g2cgXUAOOFx3DPHvmSWJSJHF0ITndJva710T0w2xkfD3n8PNhS9z+aq/ 13 | BpdZTm4ltjEwgKad3oIDmsUCUEMxrvLYnMJEfvgwgM6MevomCFnBezECAwEAAaNT 14 | MFEwHQYDVR0OBBYEFI/fV4ZPL4WqXwMmG7TQNIGrf3OEMB8GA1UdIwQYMBaAFI/f 15 | V4ZPL4WqXwMmG7TQNIGrf3OEMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL 16 | BQADggEBAGrYf+bXccD7ofzRKzcdh0fmG4abBVX8wT7YC4qtYCQewjBB+cjhxYjx 17 | wzwfT3YKeovs4vzL2uRKvGsSLKUPCgFm1cipIuTeQCFyEhunttAbuWISP+QGfiM8 18 | Qr/Bc52DYPiJNnxxLUMWKgttlnpo2naYNRnrzDucHYuCmCC57+MZhaYOD+0Rl/rP 19 | HhBxwst+XtnsOYTN0TKoAEbDYeeCopoLEEvWZDQsco39qFzHWb5k+KPDggRcfR6A 20 | QgNNelNPN1yVE1jh80IeQ+hQ8RIzgnQgjT4E/Z+BZ/qtVEBvRtLfrFUswpDPH+6c 21 | 7n6n3eNIF53bxxt//KNgJWBzNuxup9A= 22 | -----END CERTIFICATE----- 23 | -------------------------------------------------------------------------------- /manifests/f5gc-nrf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_nrf-sa.yaml 3 | - 01_nrf-rbac.yaml 4 | - 02_nrf-configmap.yaml 5 | - 03_nrf-service.yaml 6 | - 04_nrf-deployment.yaml 7 | 8 | namespace: f5gc 9 | 10 | secretGenerator: 11 | - name: f5gc-nrf-tls-secret 12 | namespace: f5gc 13 | files: 14 | - cert/nrf.pem 15 | - cert/nrf.key 16 | type: "Opaque" 17 | generatorOptions: 18 | disableNameSuffixHash: true 19 | -------------------------------------------------------------------------------- /manifests/f5gc-nssf/00_nssf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-nssf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-nssf/01_nssf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-nssf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-nssf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-nssf/03_nssf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-nssf 6 | name: f5gc-nssf 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-nssf 11 | port: 29531 12 | protocol: TCP 13 | targetPort: 29531 14 | selector: 15 | app: f5gc-nssf 16 | -------------------------------------------------------------------------------- /manifests/f5gc-nssf/04_nssf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-nssf 5 | labels: 6 | app: f5gc-nssf 7 | annotations: 8 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 9 | free5gc.org/nsi-ids: '[ 10 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 11 | ]' 12 | free5gc.org/supported-snssais: '[ 13 | { "st": 1, 14 | "ssd": "010203", 15 | }, 16 | { "st": 1, 17 | "ssd": "112233", 18 | }, 19 | ]' 20 | spec: 21 | replicas: 1 22 | selector: 23 | matchLabels: 24 | app: f5gc-nssf 25 | strategy: 26 | type: Recreate 27 | template: 28 | metadata: 29 | labels: 30 | app: f5gc-nssf 31 | spec: 32 | securityContext: 33 | runAsUser: 0 34 | runAsGroup: 0 35 | containers: 36 | - name: f5gc-nssf 37 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-nssf:v3.0.4 38 | imagePullPolicy: IfNotPresent 39 | # imagePullPolicy: Always 40 | securityContext: 41 | privileged: false 42 | volumeMounts: 43 | - name: f5gc-nssf-config 44 | mountPath: /free5gc/config 45 | - name: f5gc-nssf-cert 46 | mountPath: /free5gc/support/TLS 47 | ports: 48 | - containerPort: 29531 49 | name: f5gc-nssf 50 | protocol: TCP 51 | - name: tcpdump 52 | image: corfr/tcpdump 53 | command: 54 | - /bin/sleep 55 | - infinity 56 | dnsPolicy: ClusterFirst 57 | restartPolicy: Always 58 | schedulerName: default-scheduler 59 | serviceAccountName: f5gc-nssf-sa 60 | terminationGracePeriodSeconds: 30 61 | volumes: 62 | - name: f5gc-nssf-cert 63 | secret: 64 | secretName: f5gc-nssf-tls-secret 65 | - name: f5gc-nssf-config 66 | configMap: 67 | name: f5gc-nssf-config 68 | -------------------------------------------------------------------------------- /manifests/f5gc-nssf/cert/nssf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAwsrvEP7x76q1/dMEovHMHDowdcpHUfffSsLHiHE/fNpu+8FJ 3 | 3l0M4sBtBkoZ4ymlJOtUGGAbRKSy9CB01WfEd/zSeoxbk+oxZVLlopXJMaowTmiw 4 | fmqrhHTf4+gOzWLl3Qws19FiQrEpOPPUIRLejXjVt1iSjpUBqklfk6qme2ajv7SW 5 | AWZ2J5JcOAvnPHCdiW0LhR02veU3c/Hjcvz1tvbUYPHdUdfT4Z78qLHNG7R033E5 6 | 9GoVcmQTGvBOGkjTO+7tuzoB6uV/iNsIZ62xh2NUKpoi/2NHO5uzN9XvNnGBPWPM 7 | 6vEuIG7RTgLZXkjr1ntRDPjTxR9uxbOTtoKlhQIDAQABAoIBABKPzeobsSg6Zy8x 8 | vX5ddiq2bMm8pcEs0o1INEVPLVKTagH5cDWNPl4ZIgp4YzEfVcpH1nKgLdkDrL3Q 9 | nfF7+t/IKrJcz5kvttdF5/XvOgXOht3h4feZ6JAtpuwLv+VYaDkBIQDLxgY+5YO0 10 | 0GD6cFSg0BSxjv2hO1Bjv4TNvSGDAr+b1qIPJc+hJfxTYksPqijATOAov1oWfntZ 11 | o5bwu2sZYYBaMN3mWNT5RI+0LPmEvBpS4zasFjmGzIuhGiW9+Qy7n6zE1rjyOjt7 12 | aXqQmi1MpchLEEZ8YKZ5yCqse+LPnOVo41K02n9cRbpyx2PlOEzaZAhf4OhHAux0 13 | 7PMvk8ECgYEA52jiR4GnrP5k57WL5PWW/d71uCnkB7bsAA5plhA/L8M3cBtH1D10 14 | XzxhJsgD4gzvOBbHdzlQlv1qaSEonXiBfDRYI6vE2jdF12/P1FnRn6itAsPyv8+B 15 | eTugbtK1QyOUUFbWidluKYZyc8NBshdQs2MAGrxEIPyp9RsEWoElmXECgYEA133y 16 | EO6ZSF7hOWtyajdbRl3U7W3ueVAcZ+XAwHg/1CR/DKP10nk41YoPKen+2eTtwPuz 17 | FcJiTSiQTz24NC8oa1/HJOJisCzsY0hnr0eIfv8vh8KGZ+twNURMfRHDOgUHbPRA 18 | k07Ua9qElLBS+K6IjFHBw/R5x7lV/Aut+h2wY1UCgYEA2yAcNS33Av8ZubfVsodD 19 | 5T39W9h/DzcNnrgHD4xu6OFoW4XZrIZM7emU7U41LxakZ25ajvD8+R0aaFZ3yTVV 20 | F7HRTGXYz/HK9sfv+traft8QhS/ba/ooVg46SvbHob3NMY4pNPtpL3UaZ7gbO3KM 21 | fnFepfJkaQAYR/q/Upw8aGECgYAU8R9yN83bs6TNsLx4yBJtvzavMEzJq1hnXHOk 22 | AMurMTTLpK+CGdfFINqiZyQmRtI4O/3GcpKdDwEfQk9BewfBj5hJ5FpU5ri+WU4C 23 | QcBpHyGeXvAy7zWDZ7TLPsurOsvi8cXIyxNnu9/Al3YoxsVsZZGgGoUvPLq3eOca 24 | dIIs1QKBgQC0eTeBuEDkTc0lFSeIW+t5l5Bq02sNKnciMpdXuIabkqm0d86BhxkK 25 | FQuSr0KA2oAj0x5aB8V7c04uAbUOevRzh7f0ol0G4Eb6DyWJUKHlYZsPKVZASa3D 26 | EZhtUy9ZHfLiMm7/qxGMZNjWJB56Pi52I6iJbeQGxF5DFXMvgAmrcw== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-nssf/cert/nssf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDXTCCAkWgAwIBAgIJAKvguoLGe9PUMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV 3 | BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX 4 | aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzI0MDUwMTQ2WhcNMjkwNzIxMDUwMTQ2WjBF 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 7 | CgKCAQEAwsrvEP7x76q1/dMEovHMHDowdcpHUfffSsLHiHE/fNpu+8FJ3l0M4sBt 8 | BkoZ4ymlJOtUGGAbRKSy9CB01WfEd/zSeoxbk+oxZVLlopXJMaowTmiwfmqrhHTf 9 | 4+gOzWLl3Qws19FiQrEpOPPUIRLejXjVt1iSjpUBqklfk6qme2ajv7SWAWZ2J5Jc 10 | OAvnPHCdiW0LhR02veU3c/Hjcvz1tvbUYPHdUdfT4Z78qLHNG7R033E59GoVcmQT 11 | GvBOGkjTO+7tuzoB6uV/iNsIZ62xh2NUKpoi/2NHO5uzN9XvNnGBPWPM6vEuIG7R 12 | TgLZXkjr1ntRDPjTxR9uxbOTtoKlhQIDAQABo1AwTjAdBgNVHQ4EFgQU3YRaENrE 13 | WQ3PIe0ZrpLhRhqhYIowHwYDVR0jBBgwFoAU3YRaENrEWQ3PIe0ZrpLhRhqhYIow 14 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAnP/DtbZ++F5/92myjfkW 15 | 0onqZ053xJXJTUzwKqUhsxLjRUo1tpZRLksVC3oh9e41pg0s2hHM7aZARGyBEsxo 16 | NiZr0xUYS3RAnedd7zAUwigTTdWesBlcvePNO73dYzui1sPVx1RVZgH8uUONqKot 17 | W07pBiQBcI0MMpmwYm3kC7Uvuaf99VZrhhR+jPFyQrawNROD4/tIvFYj26TVtmrn 18 | GFvz6GqWgOGSZAmMx2ZZh+KvU4pnxJVoeWP/TXluiaWpAnzOmGvQqP32gaDBozLc 19 | smIg0D5rSovfshZQgLUbnLSqBKwwYGdFdA7/0IKs5YeAKnjSBBC5vLrOaNGLlNwM 20 | 8g== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /manifests/f5gc-nssf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_nssf-sa.yaml 3 | - 01_nssf-rbac.yaml 4 | - 02_nssf-configmap.yaml 5 | - 03_nssf-service.yaml 6 | - 04_nssf-deployment.yaml 7 | 8 | namespace: f5gc 9 | 10 | secretGenerator: 11 | - name: f5gc-nssf-tls-secret 12 | namespace: f5gc 13 | files: 14 | - cert/nssf.pem 15 | - cert/nssf.key 16 | type: "Opaque" 17 | generatorOptions: 18 | disableNameSuffixHash: true 19 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/00_pcf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-pcf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/01_pcf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-pcf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-pcf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/02_pcf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-pcf-config 5 | data: 6 | pcfcfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: PCF initial local configuration 10 | 11 | configuration: 12 | pcfName: PCF 13 | sbi: 14 | scheme: http 15 | registerIPv4: f5gc-pcf # Can also be a kubernetes service IP or domain name. 16 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 17 | port: 29507 18 | timeFormat: 2019-01-02 15:04:05 19 | defaultBdtRefId: BdtPolicyId- 20 | nrfUri: http://f5gc-nrf:29510 21 | serviceList: 22 | - serviceName: npcf-am-policy-control 23 | - serviceName: npcf-smpolicycontrol 24 | suppFeat: 3fff 25 | - serviceName: npcf-bdtpolicycontrol 26 | - serviceName: npcf-policyauthorization 27 | suppFeat: 3 28 | - serviceName: npcf-eventexposure 29 | - serviceName: npcf-ue-policy-control 30 | 31 | free5GC.conf: | 32 | db_uri: mongodb://f5gc-mongodb:27017/free5gc 33 | 34 | #all logging levels 35 | #panic 36 | #fatal 37 | #error 38 | #warn 39 | #debug 40 | #debug 41 | #trace 42 | logger: 43 | # network function 44 | AMF: 45 | debugLevel: debug 46 | ReportCaller: true 47 | SMF: 48 | debugLevel: debug 49 | ReportCaller: true 50 | UDR: 51 | debugLevel: debug 52 | ReportCaller: true 53 | UDM: 54 | debugLevel: debug 55 | ReportCaller: true 56 | NRF: 57 | debugLevel: debug 58 | ReportCaller: true 59 | PCF: 60 | debugLevel: debug 61 | ReportCaller: true 62 | AUSF: 63 | debugLevel: debug 64 | ReportCaller: true 65 | N3IWF: 66 | debugLevel: debug 67 | ReportCaller: true 68 | # library 69 | NAS: 70 | debugLevel: debug 71 | ReportCaller: true 72 | FSM: 73 | debugLevel: debug 74 | ReportCaller: true 75 | NGAP: 76 | debugLevel: debug 77 | ReportCaller: true 78 | NamfComm: 79 | debugLevel: debug 80 | ReportCaller: true 81 | NamfEventExposure: 82 | debugLevel: debug 83 | ReportCaller: true 84 | NsmfPDUSession: 85 | debugLevel: debug 86 | ReportCaller: true 87 | NudrDataRepository: 88 | debugLevel: debug 89 | ReportCaller: true 90 | OpenApi: 91 | debugLevel: debug 92 | ReportCaller: true 93 | Aper: 94 | debugLevel: debug 95 | ReportCaller: true 96 | CommonConsumerTest: 97 | debugLevel: debug 98 | ReportCaller: true 99 | # webui 100 | WEBUI: 101 | debugLevel: debug 102 | ReportCaller: true 103 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/03_pcf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-pcf 6 | name: f5gc-pcf 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-pcf 11 | port: 29507 12 | protocol: TCP 13 | targetPort: 29507 14 | selector: 15 | app: f5gc-pcf 16 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/04_pcf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-pcf 5 | labels: 6 | app: f5gc-pcf 7 | annotations: 8 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 9 | free5gc.org/nsi-ids: '[ 10 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 11 | ]' 12 | spec: 13 | replicas: 1 14 | selector: 15 | matchLabels: 16 | app: f5gc-pcf 17 | strategy: 18 | type: Recreate 19 | template: 20 | metadata: 21 | labels: 22 | app: f5gc-pcf 23 | spec: 24 | securityContext: 25 | runAsUser: 0 26 | runAsGroup: 0 27 | containers: 28 | - name: f5gc-pcf 29 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-pcf:v3.0.4 30 | imagePullPolicy: IfNotPresent 31 | # imagePullPolicy: Always 32 | securityContext: 33 | privileged: false 34 | volumeMounts: 35 | - name: f5gc-pcf-config 36 | mountPath: /free5gc/config 37 | - name: f5gc-pcf-cert 38 | mountPath: /free5gc/support/TLS 39 | ports: 40 | - containerPort: 29507 41 | name: f5gc-pcf 42 | protocol: TCP 43 | - name: tcpdump 44 | image: corfr/tcpdump 45 | command: 46 | - /bin/sleep 47 | - infinity 48 | dnsPolicy: ClusterFirst 49 | restartPolicy: Always 50 | schedulerName: default-scheduler 51 | serviceAccountName: f5gc-pcf-sa 52 | terminationGracePeriodSeconds: 30 53 | volumes: 54 | - name: f5gc-pcf-cert 55 | secret: 56 | secretName: f5gc-pcf-tls-secret 57 | - name: f5gc-pcf-config 58 | configMap: 59 | name: f5gc-pcf-config 60 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/cert/pcf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAvrAD943EXFG1sWQYv4HzMWAsZdvypE+taRGaFB4IoqPpPKLj 3 | gJN6wsHE16ehisixMXLwTNmuaiT6BAWDLKSuLTAJENB/3wX89Ga3KGEo9BKOVy0j 4 | lU3PZDfGS6Crc1I2xyT5cwtZe85h941XtPCkuSyIO2ZDz2uT5cOj/Hm1gLeZqEXC 5 | +6fly7K87DUrosOXAVxRtMhyYENeTGQPZV9Wcwqqi3f+01kVhESmT3hTw4u5f/nn 6 | +Isx99uZwsHBlkmiUC9prgef9jdN1+GwfUKptTDPPzKNMn/aG7glKs9VnI3pcgha 7 | WoUENMkhSOwIvfePPf1PF35yEK5fdm2HfxCNTQIDAQABAoIBAQCieRboNsK4ZmaJ 8 | XuA3TGIKEAfEQkPb/IeknnrJ6U0yRrbUE3YEd6SBjNhLZ2kc9yMDHwvgbxlNF3Rv 9 | OMMrpqVBm0weJ4jMXi3JkDs/DIn4bFcbsDpBXKr4mQ08IwnymHpT9A0XGPSFqLOQ 10 | Wb4BTYkMvgTVl6zvbpn1i1yOIqWjpVMmmofA7ENLtBJxq+vMIhks3Pd8xjw2bUeL 11 | Sc6PDc8mf5Svsjy+vIX4wzda+ND95QyFyTV9O+Liia3JU+VvaoTUTtLr8OwWmUw9 12 | V7d3XyCddw2FasmB9OfUHDsvags2DoChp3S+zh0V3YDQlCJv9v111L7rMJFUA8Uo 13 | KfVohnOBAoGBAOiIVxtcqE5xxrWjJlHc1ljBY6egqRNNgRBWstcW7WctxGQAAYCy 14 | DIpYcgRfNKgThcerLJa0hy+THBFNjh9c35vLfL/mOXEHE4tw2MsZGr8I/p9e7c7i 15 | m7aR43mUXMoYocbD9htZ/xs0zR+nzurT6UEVHT7c5qb/ifU4UYy92AZvAoGBANHu 16 | k6HGE6uiI+53Rwzc5Uv4t80F5xGg31yEgNXmcq0pCiYNju90gvMWXJujdqtKQXWF 17 | xnGobchzzRoMclsOpmADgeyOIf0FHue1W2U/q2anZJpmZFz9ApvLiTGfX1ntubYw 18 | 5RriSe08c50Sa6naGF3MXiJrqwcMWdjNqgA+rCYDAoGAPfbW/3uZfg3jndN0CqyG 19 | kfA21hyB8ZrdobT4w0hgyvXvN5aoz9qibNtUxsV4CrHpHGQI5cAFpi/Vcubv0Hu3 20 | OpTnEVwQQoZYNvhDTRvLfMywzVdGl7LbO7N0oplegJw/v+/ITVGWIXHYl27oPLtr 21 | lORDftTuweGmqanwUUjloBECgYBjIzx6qBS/98jqI0/dRi/Oib0ayA/P5l20ziod 22 | WT+MgJX3VG3MrQPuEgBXy4EN8PoqqqsFH5oAkJcqFvimAawWKXHgqVppp1Jp794i 23 | WUfzKVe8BmCc/SqPMjYuxel8iWQrIrn+0SBCNUsPwRQw2PqqyQknThstL+r6FF2U 24 | 0gPvywKBgQDOHgczHI+G8pgivzC2W6OUvImm7DEFKZw2ZRNFSqq0/ksWfUnYIUaf 25 | KyNhKOCmCqYSZr6ivX47dO9G2x8OM5u95paY8ysOB+mlx/yrXKI8B4ZMax3xaVMq 26 | QDwiWcsGN6VUvyWITyDDsoUgWK7sPsVcoJgvVKduz/VRkPZk2YNGyA== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/cert/pcf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDSDCCAjACCQDQLErVY/eE8DANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJU 3 | VzEPMA0GA1UECAwGVGFpd2FuMQ8wDQYDVQQHDAZUYWlwZWkxDTALBgNVBAoMBE5U 4 | Q1UxDDAKBgNVBAsMA0lPVDEYMBYGA1UEAwwPd3d3Lm50Y3UuZWR1LnR3MB4XDTE5 5 | MDcyMzAzMjcwM1oXDTI5MDcyMDAzMjcwM1owZjELMAkGA1UEBhMCVFcxDzANBgNV 6 | BAgMBlRhaXdhbjEPMA0GA1UEBwwGVGFpcGVpMQ0wCwYDVQQKDAROVENVMQwwCgYD 7 | VQQLDANJT1QxGDAWBgNVBAMMD3d3dy5udGN1LmVkdS50dzCCASIwDQYJKoZIhvcN 8 | AQEBBQADggEPADCCAQoCggEBAL6wA/eNxFxRtbFkGL+B8zFgLGXb8qRPrWkRmhQe 9 | CKKj6Tyi44CTesLBxNenoYrIsTFy8EzZrmok+gQFgyykri0wCRDQf98F/PRmtyhh 10 | KPQSjlctI5VNz2Q3xkugq3NSNsck+XMLWXvOYfeNV7TwpLksiDtmQ89rk+XDo/x5 11 | tYC3mahFwvun5cuyvOw1K6LDlwFcUbTIcmBDXkxkD2VfVnMKqot3/tNZFYREpk94 12 | U8OLuX/55/iLMffbmcLBwZZJolAvaa4Hn/Y3TdfhsH1CqbUwzz8yjTJ/2hu4JSrP 13 | VZyN6XIIWlqFBDTJIUjsCL33jz39Txd+chCuX3Zth38QjU0CAwEAATANBgkqhkiG 14 | 9w0BAQsFAAOCAQEABtO5Re3ekkXGgBGDBBxBzfIV9H19s4xi3sIhav8d20uaT0lK 15 | rYlYIFH4U7yi2eIs60OWDa5kATrOtTeE3Q9hQ4zZMq8xlerz8w/muRS/1AcjI6y0 16 | MXQIiv+RVNeWrWSwaOXPDjOXIP1QjG8WEddJg4DMu4copGSmLlv+ETYRuE6OklgU 17 | YUgu+Fo+73UAL8LMQFwXNpfvtkvwWLEZhPvkbMgnTY/1da+BIX0nJqkKxy2E5xYf 18 | gRMPsd6DdcQ1yHc/b90G0X3VRSaUgW97SPoEn+LFuQMJ0aIN7o5O+GW74yUfyxMo 19 | VVF59Dz6FUAk+PupYWvjsh2tL92R/tdykSlDVw== 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /manifests/f5gc-pcf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_pcf-sa.yaml 3 | - 01_pcf-rbac.yaml 4 | - 02_pcf-configmap.yaml 5 | - 03_pcf-service.yaml 6 | - 04_pcf-deployment.yaml 7 | 8 | namespace: f5gc 9 | 10 | secretGenerator: 11 | - name: f5gc-pcf-tls-secret 12 | namespace: f5gc 13 | files: 14 | - cert/pcf.pem 15 | - cert/pcf.key 16 | type: "Opaque" 17 | generatorOptions: 18 | disableNameSuffixHash: true 19 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/00_smf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-smf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/01_smf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-smf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-smf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/02_smf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-smf-config-2 5 | data: 6 | smfcfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: AMF initial local configuration 10 | 11 | configuration: 12 | smfName: SMF2 13 | sbi: 14 | scheme: http 15 | registerIPv4: f5gc-smf-2 16 | bindingIPv4: 0.0.0.0 17 | port: 29502 18 | tls: 19 | key: free5gc/support/TLS/smf.key 20 | pem: free5gc/support/TLS/smf.pem 21 | serviceNameList: 22 | - nsmf-pdusession 23 | - nsmf-event-exposure 24 | snssai_info: 25 | # - sNssai: 26 | # sst: 1 27 | # sd: 010203 28 | # dnnSmfInfoList: 29 | # - dnn: internet 30 | - sNssai: 31 | sst: 1 32 | sd: 112233 33 | dnnSmfInfoList: 34 | - dnn: internet 35 | pfcp: 36 | addr: 172.16.30.21 37 | userplane_information: 38 | up_nodes: 39 | gNB1: 40 | type: AN 41 | an_ip: 192.168.10.10 42 | UPF2: 43 | type: UPF 44 | node_id: 172.16.30.31 45 | links: 46 | - A: gNB1 47 | B: UPF2 48 | dnn: 49 | internet: 50 | dns: 51 | ipv4: 8.8.8.8 52 | ipv6: 2001:4860:4860::8888 53 | internet2: 54 | dns: 55 | ipv4: 8.8.4.4 56 | ipv6: 2001:4860:4860::8844 57 | ue_subnet: 172.16.1.0/24 58 | nrfUri: http://f5gc-nrf:29510 59 | 60 | uerouting.yaml: | 61 | info: 62 | version: 1.0.0 63 | description: Routing information for UE 64 | 65 | ueRoutingInfo: 66 | - SUPI: imsi-2089300007487 67 | AN: 10.200.200.101 68 | PathList: 69 | - DestinationIP: 60.60.0.101 70 | DestinationPort: 8888 71 | UPF: !!seq 72 | - BranchingUPF 73 | - AnchorUPF1 74 | 75 | - DestinationIP: 60.60.0.103 76 | DestinationPort: 9999 77 | UPF: !!seq 78 | - BranchingUPF 79 | - AnchorUPF2 80 | 81 | - SUPI: imsi-2089300007486 82 | AN: 10.200.200.102 83 | PathList: 84 | - DestinationIP: 10.0.0.10 85 | DestinationPort: 8888 86 | UPF: !!seq 87 | - BranchingUPF 88 | - AnchorUPF1 89 | 90 | - DestinationIP: 10.0.0.11 91 | DestinationPort: 9999 92 | UPF: !!seq 93 | - BranchingUPF 94 | - AnchorUPF2 95 | # routeProfile: 96 | # MEC1: 97 | # forwardingPolicyID: 10 98 | # 99 | # pfdDataForApp: 100 | # - applicationId: edge 101 | # pfds: 102 | # - pfdID: pfd1 103 | # flowDescriptions: 104 | # - permit out ip from 60.60.0.1 8080 to any 105 | 106 | free5GC.conf: | 107 | db_uri: mongodb://f5gc-mongodb:27017/free5GC 108 | #all logging levels 109 | #panic 110 | #fatal 111 | #error 112 | #warn 113 | #info 114 | #debug 115 | #trace 116 | logger: 117 | # network function 118 | AMF: 119 | debugLevel: info 120 | ReportCaller: true 121 | SMF: 122 | debugLevel: debug 123 | ReportCaller: true 124 | UDR: 125 | debugLevel: info 126 | ReportCaller: true 127 | UDM: 128 | debugLevel: info 129 | ReportCaller: true 130 | NRF: 131 | debugLevel: info 132 | ReportCaller: true 133 | PCF: 134 | debugLevel: info 135 | ReportCaller: true 136 | AUSF: 137 | debugLevel: info 138 | ReportCaller: true 139 | N3IWF: 140 | debugLevel: info 141 | ReportCaller: true 142 | # library 143 | NAS: 144 | debugLevel: info 145 | ReportCaller: true 146 | FSM: 147 | debugLevel: info 148 | ReportCaller: true 149 | NGAP: 150 | debugLevel: info 151 | ReportCaller: true 152 | NamfComm: 153 | debugLevel: info 154 | ReportCaller: true 155 | NamfEventExposure: 156 | debugLevel: info 157 | ReportCaller: true 158 | NsmfPDUSession: 159 | debugLevel: info 160 | ReportCaller: true 161 | NudrDataRepository: 162 | debugLevel: info 163 | ReportCaller: true 164 | OpenApi: 165 | debugLevel: debug 166 | ReportCaller: true 167 | Aper: 168 | debugLevel: info 169 | ReportCaller: true 170 | CommonConsumerTest: 171 | debugLevel: info 172 | ReportCaller: true 173 | # webui 174 | WEBUI: 175 | debugLevel: info 176 | ReportCaller: true 177 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/03_smf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-smf-2 6 | name: f5gc-smf-2 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-smf-sbi 11 | port: 29502 12 | protocol: TCP 13 | targetPort: 29502 14 | - name: f5gc-smf-n4 15 | port: 8805 16 | protocol: UDP 17 | targetPort: 8805 18 | selector: 19 | app: f5gc-smf-2 20 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/04_smf-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-smf-2-n4 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "172.16.30.21/24", 17 | "gateway": "172.16.30.1" 18 | } 19 | ] 20 | } 21 | }' 22 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/05_smf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-smf-2 5 | labels: 6 | app: f5gc-smf-2 7 | sliceidx: f2755a68-e24a-4112-8931-ffad4bafa0e2 8 | annotations: 9 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 10 | free5gc.org/nsi-ids: '[ 11 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 12 | ]' 13 | free5gc.org/supported-snssais: '[ 14 | { "st": 1, 15 | "ssd": "112233", 16 | }, 17 | ]' 18 | spec: 19 | replicas: 1 20 | selector: 21 | matchLabels: 22 | app: f5gc-smf-2 23 | strategy: 24 | type: Recreate 25 | template: 26 | metadata: 27 | labels: 28 | app: f5gc-smf-2 29 | annotations: 30 | k8s.v1.cni.cncf.io/networks: f5gc-smf-2-n4 31 | spec: 32 | securityContext: 33 | runAsUser: 0 34 | runAsGroup: 0 35 | containers: 36 | - name: f5gc-smf 37 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-smf:v3.0.4 38 | imagePullPolicy: IfNotPresent 39 | # imagePullPolicy: Always 40 | securityContext: 41 | privileged: false 42 | volumeMounts: 43 | - name: f5gc-smf-config 44 | mountPath: /free5gc/config 45 | - name: f5gc-smf-cert 46 | mountPath: /free5gc/support/TLS 47 | ports: 48 | - containerPort: 29502 49 | name: if-sbi 50 | protocol: TCP 51 | - containerPort: 8805 52 | name: if-n4 53 | protocol: UDP 54 | - name: tcpdump 55 | image: corfr/tcpdump 56 | imagePullPolicy: IfNotPresent 57 | command: 58 | - /bin/sleep 59 | - infinity 60 | dnsPolicy: ClusterFirst 61 | restartPolicy: Always 62 | schedulerName: default-scheduler 63 | serviceAccountName: f5gc-smf-sa 64 | terminationGracePeriodSeconds: 30 65 | volumes: 66 | - name: f5gc-smf-cert 67 | secret: 68 | secretName: f5gc-smf-tls-secret-2 69 | - name: f5gc-smf-config 70 | configMap: 71 | name: f5gc-smf-config-2 72 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/cert/smf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEA3SU3yVrp5Ig9aRFh3OWtvydxJC/ZzA8zijrSRldrCMEhCPsX 3 | C6htxPiolyYfX95ooG3lUhU8KHunQ6RkBqYtxKHrk/uSeN6iDOxv2d4cp7MtTlHn 4 | uc9SmzOOiU9t6MH2UiXC0t7hGBQshE6lSXLESA+ZGWbbraba2j5coyIaR3KJtyuc 5 | 3d0X8AT7JFUnM/hPLBdGJ5g1ek7/2mN0jXWy4iCXIeD5sPD+aI0jI5waq5XMfl2K 6 | bOU9X69z2fLnwCcwxWXkp3hZDtxZ3bgWDZe+l7Mx25QUwP7GI+MHWY7CMREUY4CA 7 | MuWcLnuCxhujbE3CDA72cZ4B5/NWrHdo4rQL4QIDAQABAoIBAQC+RtiyOrRGu2bD 8 | cX5Xt5OAhupVrYpjhqzdAfGNLohc1veap5jTog8YzK8apmWWcmJpr0UCFF1Xo9Vu 9 | YRLjmbaFmqB9CpejwkOChSlUN0VGkeeonNaaTKWR/pFk2eACxmkvk2gHUlgxBKKt 10 | EJItGT+DlVAwyAy6ZHeoEsJYZu5fi7ciiJHLAuKI4W/a0SZLFelcw3iOhiVyQrME 11 | 1C0BgZW0oUCcsTy5sa27Fs/OSQvCFyyDuTLMK5lPgkkUzhnhnA3zbBb9hjKTdCyG 12 | sg3I9DCRwWG1C/CL1/W2r7s6AhIv24Yn1G7KG3KmQCO3gmoms/BzOR+4LrkN3nva 13 | WWzVJlDxAoGBAPLqBExjxyg/x0sdZF8dDFQU8oA3x8pLvxkqzJWaVKf8d3YL5GI4 14 | AWyMtiz0kWSXHfk1tEPosG3mvFwiouh1K1kE9pHo4WrqfUt9RCiEZEzl9R9x2Opl 15 | BOz2c0Ol8VpjrRBBf3PV6kXmGEE9IA1f0oTva8lBIrOb5gQcMRbT/SuVAoGBAOkO 16 | /hA8Gp+ekmO7qiGcUQhB7/tbkwoaf+o2A8GlasPRz/wubPTogsvqe6DqQQo56v6/ 17 | zY0mpFADtWyyqa4AvkGwG/W4JF7BdQ+k3KI/D2Gh5gHbzn01cZASvXAYnM0AWi/t 18 | dOrK9H8cg+E7YJKyoclHwl2n5/QXXTiqC+CvRqwdAoGABDErr9HM/xHSs6YnNEkB 19 | DHZsFPBhf0k9XAbUDwThzyBZQ21DHLrQs3neLvptg+njt4hIux9J5CumNoTWgOJ8 20 | xAWE59G4CitPzDy2L2jRfk49o7RIRQtHQXujU5iKiL/NnckzlOEtMNWet4mBgxmT 21 | PX4QQyHfom/fUVTXOAiiht0CgYBQmY/B+5dVhpioBzniX9YiXfNp4ZSrlNiSHlYU 22 | PWn8CO6+Dyw9UsARV6mjz//oUnlz2s9ytl9zEKVIz00hUT57JzW0OBfT8WHTpDdt 23 | oRNnt379O5Bg+v+oTOLZBpoLx8ho9N1Pahs+bpUpasiOU1rian/Mtgng/8eMljp/ 24 | XP66/QKBgAsaiGqp1jTpoa6QtGDj8NH0Gse61A4ILuC7ttiREJZDoJyJelcF5IJ5 25 | yLJkuy+R5kzX0V7rCwYc5AxE3YeTteTmrmss+uFJo85BqN4dLFLFZsmEraXpwLbL 26 | /GOsQDF3PeOjJPHrafvi8JYckZsjUcwN7Yn3HbsQcvgi59EHLlTd 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/cert/smf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDazCCAlOgAwIBAgIUejW3Iw+Jqc6UimDjNL5A2iiTLLIwDQYJKoZIhvcNAQEL 3 | BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM 4 | GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xOTA3MTEwNzI1MThaFw0yOTA3 5 | MDgwNzI1MThaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw 6 | HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB 7 | AQUAA4IBDwAwggEKAoIBAQDdJTfJWunkiD1pEWHc5a2/J3EkL9nMDzOKOtJGV2sI 8 | wSEI+xcLqG3E+KiXJh9f3migbeVSFTwoe6dDpGQGpi3EoeuT+5J43qIM7G/Z3hyn 9 | sy1OUee5z1KbM46JT23owfZSJcLS3uEYFCyETqVJcsRID5kZZtutptraPlyjIhpH 10 | com3K5zd3RfwBPskVScz+E8sF0YnmDV6Tv/aY3SNdbLiIJch4Pmw8P5ojSMjnBqr 11 | lcx+XYps5T1fr3PZ8ufAJzDFZeSneFkO3FnduBYNl76XszHblBTA/sYj4wdZjsIx 12 | ERRjgIAy5Zwue4LGG6NsTcIMDvZxngHn81asd2jitAvhAgMBAAGjUzBRMB0GA1Ud 13 | DgQWBBQXefTGBKHZzWVpSISL/O3UKOjuuDAfBgNVHSMEGDAWgBQXefTGBKHZzWVp 14 | SISL/O3UKOjuuDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAH 15 | fponBxtMoweVP24tpY/gIYIQDMmr6zGslWJjBTS4azBL5/rdk1pZk6onRfQD7zAZ 16 | BBz+RBSnNQx9N23ZiNe+93w9L7gF74EOxRL9sCa2i1IDbUverxTmv0RmV4XuGtbI 17 | raj02DlULI+RGsKUfqSBNcZUAYyjEKIZja531eq+dRyP7qgyvcwK44f1BsnLSySH 18 | j958x1zYQFqvb4qaqC05bNU+CVuwaS0e+wbP1hCXncog3YKAkHYJqZZTjn15b8Op 19 | v1rppEFdjK7pCoRb6vP39Efo5uRCjGwdTZYgphX4begnN/muD69o8sEsw60Fuzgt 20 | OW7CHtwR2ZAUPJYUK04F 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /manifests/f5gc-smf-2/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_smf-sa.yaml 3 | - 01_smf-rbac.yaml 4 | - 02_smf-configmap.yaml 5 | - 03_smf-service.yaml 6 | - 04_smf-multus.yaml 7 | - 05_smf-deployment.yaml 8 | 9 | namespace: f5gc 10 | 11 | secretGenerator: 12 | - name: f5gc-smf-tls-secret-2 13 | namespace: free5gc 14 | files: 15 | - cert/smf.pem 16 | - cert/smf.key 17 | type: "Opaque" 18 | generatorOptions: 19 | disableNameSuffixHash: true 20 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/00_smf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-smf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/01_smf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-smf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-smf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/02_smf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-smf-config 5 | data: 6 | smfcfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: AMF initial local configuration 10 | 11 | configuration: 12 | smfName: SMF 13 | sbi: 14 | scheme: http 15 | registerIPv4: f5gc-smf 16 | bindingIPv4: 0.0.0.0 17 | port: 29502 18 | tls: 19 | key: free5gc/support/TLS/smf.key 20 | pem: free5gc/support/TLS/smf.pem 21 | serviceNameList: 22 | - nsmf-pdusession 23 | - nsmf-event-exposure 24 | snssai_info: 25 | - sNssai: 26 | sst: 1 27 | sd: 010203 28 | dnnSmfInfoList: 29 | - dnn: internet 30 | # - sNssai: 31 | # sst: 1 32 | # sd: 112233 33 | # dnnSmfInfoList: 34 | # - dnn: internet 35 | pfcp: 36 | addr: 172.16.30.20 37 | userplane_information: 38 | up_nodes: 39 | gNB1: 40 | type: AN 41 | an_ip: 192.168.10.10 42 | UPF1: 43 | type: UPF 44 | node_id: 172.16.30.30 45 | links: 46 | - A: gNB1 47 | B: UPF1 48 | dnn: 49 | internet: 50 | dns: 51 | ipv4: 8.8.8.8 52 | ipv6: 2001:4860:4860::8888 53 | internet2: 54 | dns: 55 | ipv4: 8.8.4.4 56 | ipv6: 2001:4860:4860::8844 57 | ue_subnet: 172.16.1.0/24 58 | nrfUri: http://f5gc-nrf:29510 59 | 60 | uerouting.yaml: | 61 | info: 62 | version: 1.0.0 63 | description: Routing information for UE 64 | 65 | ueRoutingInfo: 66 | - SUPI: imsi-2089300007487 67 | AN: 10.200.200.101 68 | PathList: 69 | - DestinationIP: 60.60.0.101 70 | DestinationPort: 8888 71 | UPF: !!seq 72 | - BranchingUPF 73 | - AnchorUPF1 74 | 75 | - DestinationIP: 60.60.0.103 76 | DestinationPort: 9999 77 | UPF: !!seq 78 | - BranchingUPF 79 | - AnchorUPF2 80 | 81 | - SUPI: imsi-2089300007486 82 | AN: 10.200.200.102 83 | PathList: 84 | - DestinationIP: 10.0.0.10 85 | DestinationPort: 8888 86 | UPF: !!seq 87 | - BranchingUPF 88 | - AnchorUPF1 89 | 90 | - DestinationIP: 10.0.0.11 91 | DestinationPort: 9999 92 | UPF: !!seq 93 | - BranchingUPF 94 | - AnchorUPF2 95 | 96 | # routeProfile: 97 | # MEC1: 98 | # forwardingPolicyID: 10 99 | # 100 | # pfdDataForApp: 101 | # - applicationId: edge 102 | # pfds: 103 | # - pfdID: pfd1 104 | # flowDescriptions: 105 | # - permit out ip from 60.60.0.1 8080 to any 106 | 107 | free5GC.conf: | 108 | db_uri: mongodb://f5gc-mongodb:27017/free5GC 109 | #all logging levels 110 | #panic 111 | #fatal 112 | #error 113 | #warn 114 | #info 115 | #debug 116 | #trace 117 | logger: 118 | # network function 119 | AMF: 120 | debugLevel: info 121 | ReportCaller: true 122 | SMF: 123 | debugLevel: debug 124 | ReportCaller: true 125 | UDR: 126 | debugLevel: info 127 | ReportCaller: true 128 | UDM: 129 | debugLevel: info 130 | ReportCaller: true 131 | NRF: 132 | debugLevel: info 133 | ReportCaller: true 134 | PCF: 135 | debugLevel: info 136 | ReportCaller: true 137 | AUSF: 138 | debugLevel: info 139 | ReportCaller: true 140 | N3IWF: 141 | debugLevel: info 142 | ReportCaller: true 143 | # library 144 | NAS: 145 | debugLevel: info 146 | ReportCaller: true 147 | FSM: 148 | debugLevel: info 149 | ReportCaller: true 150 | NGAP: 151 | debugLevel: info 152 | ReportCaller: true 153 | NamfComm: 154 | debugLevel: info 155 | ReportCaller: true 156 | NamfEventExposure: 157 | debugLevel: info 158 | ReportCaller: true 159 | NsmfPDUSession: 160 | debugLevel: info 161 | ReportCaller: true 162 | NudrDataRepository: 163 | debugLevel: info 164 | ReportCaller: true 165 | OpenApi: 166 | debugLevel: debug 167 | ReportCaller: true 168 | Aper: 169 | debugLevel: info 170 | ReportCaller: true 171 | CommonConsumerTest: 172 | debugLevel: info 173 | ReportCaller: true 174 | # webui 175 | WEBUI: 176 | debugLevel: info 177 | ReportCaller: true 178 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/03_smf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-smf 6 | name: f5gc-smf 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-smf-sbi 11 | port: 29502 12 | protocol: TCP 13 | targetPort: 29502 14 | - name: f5gc-smf-n4 15 | port: 8805 16 | protocol: UDP 17 | targetPort: 8805 18 | selector: 19 | app: f5gc-smf 20 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/04_smf-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-smf-n4 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "172.16.30.20/24", 17 | "gateway": "172.16.30.1" 18 | } 19 | ] 20 | } 21 | }' 22 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/05_smf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-smf 5 | labels: 6 | app: f5gc-smf 7 | sliceidx: 6d3d79da-f781-4cd9-813a-dbdad01e01c0 8 | annotations: 9 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 10 | free5gc.org/nsi-ids: '[ 11 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 12 | ]' 13 | free5gc.org/supported-snssais: '[ 14 | { "st": 1, 15 | "ssd": "010203", 16 | }, 17 | { "st": 1, 18 | "ssd": "112233", 19 | }, 20 | ]' 21 | spec: 22 | replicas: 1 23 | selector: 24 | matchLabels: 25 | app: f5gc-smf 26 | strategy: 27 | type: Recreate 28 | template: 29 | metadata: 30 | labels: 31 | app: f5gc-smf 32 | annotations: 33 | k8s.v1.cni.cncf.io/networks: f5gc-smf-n4 34 | spec: 35 | securityContext: 36 | runAsUser: 0 37 | runAsGroup: 0 38 | containers: 39 | - name: f5gc-smf 40 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-smf:v3.0.4 41 | imagePullPolicy: IfNotPresent 42 | # imagePullPolicy: Always 43 | securityContext: 44 | privileged: false 45 | volumeMounts: 46 | - name: f5gc-smf-config 47 | mountPath: /free5gc/config 48 | - name: f5gc-smf-cert 49 | mountPath: /free5gc/support/TLS 50 | ports: 51 | - containerPort: 29502 52 | name: if-sbi 53 | protocol: TCP 54 | - containerPort: 8805 55 | name: if-n4 56 | protocol: UDP 57 | - name: tcpdump 58 | image: corfr/tcpdump 59 | imagePullPolicy: IfNotPresent 60 | command: 61 | - /bin/sleep 62 | - infinity 63 | dnsPolicy: ClusterFirst 64 | restartPolicy: Always 65 | schedulerName: default-scheduler 66 | serviceAccountName: f5gc-smf-sa 67 | terminationGracePeriodSeconds: 30 68 | volumes: 69 | - name: f5gc-smf-cert 70 | secret: 71 | secretName: f5gc-smf-tls-secret 72 | - name: f5gc-smf-config 73 | configMap: 74 | name: f5gc-smf-config 75 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/cert/smf.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEA3SU3yVrp5Ig9aRFh3OWtvydxJC/ZzA8zijrSRldrCMEhCPsX 3 | C6htxPiolyYfX95ooG3lUhU8KHunQ6RkBqYtxKHrk/uSeN6iDOxv2d4cp7MtTlHn 4 | uc9SmzOOiU9t6MH2UiXC0t7hGBQshE6lSXLESA+ZGWbbraba2j5coyIaR3KJtyuc 5 | 3d0X8AT7JFUnM/hPLBdGJ5g1ek7/2mN0jXWy4iCXIeD5sPD+aI0jI5waq5XMfl2K 6 | bOU9X69z2fLnwCcwxWXkp3hZDtxZ3bgWDZe+l7Mx25QUwP7GI+MHWY7CMREUY4CA 7 | MuWcLnuCxhujbE3CDA72cZ4B5/NWrHdo4rQL4QIDAQABAoIBAQC+RtiyOrRGu2bD 8 | cX5Xt5OAhupVrYpjhqzdAfGNLohc1veap5jTog8YzK8apmWWcmJpr0UCFF1Xo9Vu 9 | YRLjmbaFmqB9CpejwkOChSlUN0VGkeeonNaaTKWR/pFk2eACxmkvk2gHUlgxBKKt 10 | EJItGT+DlVAwyAy6ZHeoEsJYZu5fi7ciiJHLAuKI4W/a0SZLFelcw3iOhiVyQrME 11 | 1C0BgZW0oUCcsTy5sa27Fs/OSQvCFyyDuTLMK5lPgkkUzhnhnA3zbBb9hjKTdCyG 12 | sg3I9DCRwWG1C/CL1/W2r7s6AhIv24Yn1G7KG3KmQCO3gmoms/BzOR+4LrkN3nva 13 | WWzVJlDxAoGBAPLqBExjxyg/x0sdZF8dDFQU8oA3x8pLvxkqzJWaVKf8d3YL5GI4 14 | AWyMtiz0kWSXHfk1tEPosG3mvFwiouh1K1kE9pHo4WrqfUt9RCiEZEzl9R9x2Opl 15 | BOz2c0Ol8VpjrRBBf3PV6kXmGEE9IA1f0oTva8lBIrOb5gQcMRbT/SuVAoGBAOkO 16 | /hA8Gp+ekmO7qiGcUQhB7/tbkwoaf+o2A8GlasPRz/wubPTogsvqe6DqQQo56v6/ 17 | zY0mpFADtWyyqa4AvkGwG/W4JF7BdQ+k3KI/D2Gh5gHbzn01cZASvXAYnM0AWi/t 18 | dOrK9H8cg+E7YJKyoclHwl2n5/QXXTiqC+CvRqwdAoGABDErr9HM/xHSs6YnNEkB 19 | DHZsFPBhf0k9XAbUDwThzyBZQ21DHLrQs3neLvptg+njt4hIux9J5CumNoTWgOJ8 20 | xAWE59G4CitPzDy2L2jRfk49o7RIRQtHQXujU5iKiL/NnckzlOEtMNWet4mBgxmT 21 | PX4QQyHfom/fUVTXOAiiht0CgYBQmY/B+5dVhpioBzniX9YiXfNp4ZSrlNiSHlYU 22 | PWn8CO6+Dyw9UsARV6mjz//oUnlz2s9ytl9zEKVIz00hUT57JzW0OBfT8WHTpDdt 23 | oRNnt379O5Bg+v+oTOLZBpoLx8ho9N1Pahs+bpUpasiOU1rian/Mtgng/8eMljp/ 24 | XP66/QKBgAsaiGqp1jTpoa6QtGDj8NH0Gse61A4ILuC7ttiREJZDoJyJelcF5IJ5 25 | yLJkuy+R5kzX0V7rCwYc5AxE3YeTteTmrmss+uFJo85BqN4dLFLFZsmEraXpwLbL 26 | /GOsQDF3PeOjJPHrafvi8JYckZsjUcwN7Yn3HbsQcvgi59EHLlTd 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/cert/smf.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDazCCAlOgAwIBAgIUejW3Iw+Jqc6UimDjNL5A2iiTLLIwDQYJKoZIhvcNAQEL 3 | BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM 4 | GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xOTA3MTEwNzI1MThaFw0yOTA3 5 | MDgwNzI1MThaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw 6 | HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB 7 | AQUAA4IBDwAwggEKAoIBAQDdJTfJWunkiD1pEWHc5a2/J3EkL9nMDzOKOtJGV2sI 8 | wSEI+xcLqG3E+KiXJh9f3migbeVSFTwoe6dDpGQGpi3EoeuT+5J43qIM7G/Z3hyn 9 | sy1OUee5z1KbM46JT23owfZSJcLS3uEYFCyETqVJcsRID5kZZtutptraPlyjIhpH 10 | com3K5zd3RfwBPskVScz+E8sF0YnmDV6Tv/aY3SNdbLiIJch4Pmw8P5ojSMjnBqr 11 | lcx+XYps5T1fr3PZ8ufAJzDFZeSneFkO3FnduBYNl76XszHblBTA/sYj4wdZjsIx 12 | ERRjgIAy5Zwue4LGG6NsTcIMDvZxngHn81asd2jitAvhAgMBAAGjUzBRMB0GA1Ud 13 | DgQWBBQXefTGBKHZzWVpSISL/O3UKOjuuDAfBgNVHSMEGDAWgBQXefTGBKHZzWVp 14 | SISL/O3UKOjuuDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAH 15 | fponBxtMoweVP24tpY/gIYIQDMmr6zGslWJjBTS4azBL5/rdk1pZk6onRfQD7zAZ 16 | BBz+RBSnNQx9N23ZiNe+93w9L7gF74EOxRL9sCa2i1IDbUverxTmv0RmV4XuGtbI 17 | raj02DlULI+RGsKUfqSBNcZUAYyjEKIZja531eq+dRyP7qgyvcwK44f1BsnLSySH 18 | j958x1zYQFqvb4qaqC05bNU+CVuwaS0e+wbP1hCXncog3YKAkHYJqZZTjn15b8Op 19 | v1rppEFdjK7pCoRb6vP39Efo5uRCjGwdTZYgphX4begnN/muD69o8sEsw60Fuzgt 20 | OW7CHtwR2ZAUPJYUK04F 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /manifests/f5gc-smf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_smf-sa.yaml 3 | - 01_smf-rbac.yaml 4 | - 02_smf-configmap.yaml 5 | - 03_smf-service.yaml 6 | - 04_smf-multus.yaml 7 | - 05_smf-deployment.yaml 8 | 9 | namespace: f5gc 10 | 11 | secretGenerator: 12 | - name: f5gc-smf-tls-secret 13 | namespace: free5gc 14 | files: 15 | - cert/smf.pem 16 | - cert/smf.key 17 | type: "Opaque" 18 | generatorOptions: 19 | disableNameSuffixHash: true 20 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/00_udm-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-udm-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/01_udm-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-udm-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-udm-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/02_udm-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-udm-config 5 | data: 6 | udmcfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: UDM initial local configuration 10 | 11 | configuration: 12 | serviceNameList: 13 | - nudm-sdm 14 | - nudm-uecm 15 | - nudm-ueau 16 | - nudm-ee 17 | - nudm-pp 18 | sbi: 19 | scheme: http 20 | registerIPv4: f5gc-udm # Can also be a kubernetes service IP or domain name. 21 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 22 | port: 29503 23 | tls: 24 | log: free5gc/udmsslkey.log 25 | pem: free5gc/support/TLS/udm.pem 26 | key: free5gc/support/TLS/udm.key 27 | 28 | udrclient: 29 | scheme: http 30 | ipv4Addr: 127.0.0.1 31 | port: 29504 32 | 33 | nrfclient: 34 | scheme: http 35 | ipv4Addr: 127.0.0.1 36 | port: 29510 37 | nrfUri: http://f5gc-nrf:29510 38 | 39 | # test data set from TS33501-f60 Annex C.4 40 | # udmProfileAHNPublicKey: 5a8d38864820197c3394b92613b20b91633cbd897119273bf8e4a6f4eec0a650 41 | # udmProfileAHNPrivateKey: c53c22208b61860b06c62e5406a7b330c2b577aa5558981510d128247d38bd1d 42 | # udmProfileBHNPublicKey: 0472DA71976234CE833A6907425867B82E074D44EF907DFB4B3E21C1C2256EBCD15A7DED52FCBB097A4ED250E036C7B9C8C7004C4EEDC4F068CD7BF8D3F900E3B4 43 | # udmProfileBHNPrivateKey: F1AB1074477EBCC7F554EA1C5FC368B1616730155E0041AC447D6301975FECDA 44 | keys: 45 | udmProfileAHNPublicKey: 5a8d38864820197c3394b92613b20b91633cbd897119273bf8e4a6f4eec0a650 46 | udmProfileAHNPrivateKey: c53c22208b61860b06c62e5406a7b330c2b577aa5558981510d128247d38bd1d 47 | udmProfileBHNPublicKey: 0472DA71976234CE833A6907425867B82E074D44EF907DFB4B3E21C1C2256EBCD15A7DED52FCBB097A4ED250E036C7B9C8C7004C4EEDC4F068CD7BF8D3F900E3B4 48 | udmProfileBHNPrivateKey: F1AB1074477EBCC7F554EA1C5FC368B1616730155E0041AC447D6301975FECDA 49 | 50 | free5GC.conf: | 51 | db_uri: mongodb://f5gc-mongodb:27017/free5gc 52 | 53 | #all logging levels 54 | #panic 55 | #fatal 56 | #error 57 | #warn 58 | #debug 59 | #debug 60 | #trace 61 | logger: 62 | # network function 63 | AMF: 64 | debugLevel: debug 65 | ReportCaller: true 66 | SMF: 67 | debugLevel: debug 68 | ReportCaller: true 69 | UDR: 70 | debugLevel: debug 71 | ReportCaller: true 72 | UDM: 73 | debugLevel: debug 74 | ReportCaller: true 75 | NRF: 76 | debugLevel: debug 77 | ReportCaller: true 78 | PCF: 79 | debugLevel: debug 80 | ReportCaller: true 81 | AUSF: 82 | debugLevel: debug 83 | ReportCaller: true 84 | N3IWF: 85 | debugLevel: debug 86 | ReportCaller: true 87 | # library 88 | NAS: 89 | debugLevel: debug 90 | ReportCaller: true 91 | FSM: 92 | debugLevel: debug 93 | ReportCaller: true 94 | NGAP: 95 | debugLevel: debug 96 | ReportCaller: true 97 | NamfComm: 98 | debugLevel: debug 99 | ReportCaller: true 100 | NamfEventExposure: 101 | debugLevel: debug 102 | ReportCaller: true 103 | NsmfPDUSession: 104 | debugLevel: debug 105 | ReportCaller: true 106 | NudrDataRepository: 107 | debugLevel: debug 108 | ReportCaller: true 109 | OpenApi: 110 | debugLevel: debug 111 | ReportCaller: true 112 | Aper: 113 | debugLevel: debug 114 | ReportCaller: true 115 | CommonConsumerTest: 116 | debugLevel: debug 117 | ReportCaller: true 118 | # webui 119 | WEBUI: 120 | debugLevel: debug 121 | ReportCaller: true 122 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/03_udm-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-udm 6 | name: f5gc-udm 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-udm 11 | port: 29503 12 | protocol: TCP 13 | targetPort: 29503 14 | selector: 15 | app: f5gc-udm 16 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/04_udm-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-udm 5 | labels: 6 | app: f5gc-udm 7 | annotations: 8 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 9 | free5gc.org/nsi-ids: '[ 10 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 11 | ]' 12 | spec: 13 | replicas: 1 14 | selector: 15 | matchLabels: 16 | app: f5gc-udm 17 | strategy: 18 | type: Recreate 19 | template: 20 | metadata: 21 | labels: 22 | app: f5gc-udm 23 | spec: 24 | securityContext: 25 | runAsUser: 0 26 | runAsGroup: 0 27 | containers: 28 | - name: f5gc-udm 29 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-udm:v3.0.4 30 | imagePullPolicy: IfNotPresent 31 | # imagePullPolicy: Always 32 | securityContext: 33 | privileged: false 34 | volumeMounts: 35 | - name: f5gc-udm-config 36 | mountPath: /free5gc/config 37 | - name: f5gc-udm-cert 38 | mountPath: /free5gc/support/TLS 39 | ports: 40 | - containerPort: 29503 41 | name: f5gc-udm 42 | protocol: TCP 43 | - name: tcpdump 44 | image: corfr/tcpdump 45 | command: 46 | - /bin/sleep 47 | - infinity 48 | dnsPolicy: ClusterFirst 49 | restartPolicy: Always 50 | schedulerName: default-scheduler 51 | serviceAccountName: f5gc-udm-sa 52 | terminationGracePeriodSeconds: 30 53 | volumes: 54 | - name: f5gc-udm-cert 55 | secret: 56 | secretName: f5gc-udm-tls-secret 57 | - name: f5gc-udm-config 58 | configMap: 59 | name: f5gc-udm-config 60 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/cert/udm.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEAo544dewlx0hksbXlgVVw0kZ2xdUehMDlgwQaQQOO8tntQ3lG 3 | H+3UeI2K8QUjrc9DlqkEkzLz7yLQDIFtXV063DWlH521xOTCbsU3iYjb+pZ0uRLV 4 | oRsrIflt8LQW3rELnOStI9crni5qd3gV6FT1Tr7puv2UDy8rIE32fbnVr1HvWWw5 5 | uSAmE3MRaS6DlO08/DQ/oto63ZFqxjc/x0lbJN3qGB5epgbVxTc1Q+VekPx7qMhj 6 | VkTZWueo6DZkiGg0qAI1cN6OI8yjM4yH34DQF2eQjJbTELH5rrrs/2LWJSXnvrXe 7 | tfxkuzvivUCF6xecU5SMMV117Q+4VheA9s/7xwIDAQABAoIBAFgZYZ1dQhpDyLRH 8 | lQRG1TDj8CAl2QDyPKKHGvvWxqnM3gxuyGt4y+b9j8qnUcbMyz/cUjJQRTiGLjAN 9 | oK2c/YyE9hxH9w/FfUvXtUfBAXG0gbUFhzHwRxFMFP5+ebH+8pnQJ8ocmcfahkk9 10 | x84JsOxtr7yXvZlPdJE4aXjZD04Om7++sOsds3MjfnGkBZ/17ke4nGsSYB78oxhN 11 | M1ILWBQS1YgfSWe+mcV4rxh0vp3R9aQIo7OCfC0RtprCeSNLr9dgiMJbNaAa5hf9 12 | F80i0+4l9R0OpMvkttHX5olID1+3p45pY0EHKAf+M2KaqiOHZQtnJ9DS0HkRw0LZ 13 | f3pYxQECgYEAzxWmJKt46H4Gj+PcC6UXfqRLfHKZ2NvJ1VU3RlM/Y22Yi+PFWKjp 14 | eVwdZMNh9k87vDoP/gipRX2mSRZW9efZJQNMEV/v1KoQCAvsQsSlhsMV6QbBaLZG 15 | gaMMFfpK1oX19mpXB8dWIe66vGpr5ahirvfdo07gACd5/WygDE7uNhcCgYEAykQp 16 | jWiMfvwoEbRuGWyWjeZW4tmNqiMACdPGuVQDKXUlYMtwv9RQmK5g/g1056D8rLOB 17 | nGhvENIR0MjtZAXMRGBmSAcnT3n3D+dbNS/J7PxhLz+ysi8r5ibaexTGGpxK4INQ 18 | uX112cIv0NRh+BVPl0T93YJ6bsd731NZYDLvpdECgYEAsUMj0/Hf7ouqTFNNEb7A 19 | 7MvwPdfPb707+NwYE5/A+/hdgyl2zVzRdevu0UkaOwA57vZ4qAh79RsIUznHOHm8 20 | +5zl6V2I6y6jyG+ETucLld66i50Xw+17Tw7lko6MrzM+hy8hzmvIhAVZXV1vfMf1 21 | qTZNR7SFtDwWhWMNYVvTNwMCgYA4HjdFI5evd7iKSPwvE6Cl2B2NLP0QEkvlbht5 22 | ueRysSzgsTEkF/0Qj3kbo5Im3dSc+eThB1yhVxdYTRcIJE+rPO/D1jBC7bztbawx 23 | koO8u70fBdZHd6z/WxJNCdN4+JoRtn1EKZn0A9uOXg6cbRU7DAo/Vf8wEyq8KHzo 24 | otk4sQKBgDsU0OoLpdFAdNSloipTw+Tvzlznm2OMOhD/AmUt/6xkiPFh8uFytZPW 25 | a/IxP7FmQDo34OFO6fDomRs83/uUQ/ToC3fyYKs1/DAOF3Cr3COOPzvWHAzfJI9V 26 | 9t/QhoSSnms4XHVEQDdoD/srefNuReaED7tXnLJ+BXhZbNiGryVJ 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/cert/udm.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIID7TCCAtWgAwIBAgIUfjRzF91Mkg/m/bXUK3kIJ1QH/FkwDQYJKoZIhvcNAQEL 3 | BQAwgYUxCzAJBgNVBAYTAlRXMRcwFQYDVQQIDA5Ic2luY2h1IENvdW50eTEVMBMG 4 | A1UEBwwMSHNpbmNodSBjaXR5MQ0wCwYDVQQKDAROQ1RVMREwDwYDVQQLDAhXSVJF 5 | IExBQjEkMCIGCSqGSIb3DQEJARYVZnJlZTVnYy5vcmdAZ21haWwuY29tMB4XDTE5 6 | MDcyOTA3NDg1OVoXDTI5MDcyNjA3NDg1OVowgYUxCzAJBgNVBAYTAlRXMRcwFQYD 7 | VQQIDA5Ic2luY2h1IENvdW50eTEVMBMGA1UEBwwMSHNpbmNodSBjaXR5MQ0wCwYD 8 | VQQKDAROQ1RVMREwDwYDVQQLDAhXSVJFIExBQjEkMCIGCSqGSIb3DQEJARYVZnJl 9 | ZTVnYy5vcmdAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC 10 | AQEAo544dewlx0hksbXlgVVw0kZ2xdUehMDlgwQaQQOO8tntQ3lGH+3UeI2K8QUj 11 | rc9DlqkEkzLz7yLQDIFtXV063DWlH521xOTCbsU3iYjb+pZ0uRLVoRsrIflt8LQW 12 | 3rELnOStI9crni5qd3gV6FT1Tr7puv2UDy8rIE32fbnVr1HvWWw5uSAmE3MRaS6D 13 | lO08/DQ/oto63ZFqxjc/x0lbJN3qGB5epgbVxTc1Q+VekPx7qMhjVkTZWueo6DZk 14 | iGg0qAI1cN6OI8yjM4yH34DQF2eQjJbTELH5rrrs/2LWJSXnvrXetfxkuzvivUCF 15 | 6xecU5SMMV117Q+4VheA9s/7xwIDAQABo1MwUTAdBgNVHQ4EFgQUKIlDmYIRzDmi 16 | 0LELxqiOtUccCbowHwYDVR0jBBgwFoAUKIlDmYIRzDmi0LELxqiOtUccCbowDwYD 17 | VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEARL2nK9jNzjXCgDU5m/nh 18 | UmseSK4VtrxHCcyP5Mvt6uAyIdgb5bPoOUXn36/4cTvJHnpttzarnxyxsZKcKRvK 19 | PrQs+yPGDCH46g6XCq/zHK4k5BemQapwUjXvcPW4+7E6EqzjWhY7/Dz7///Z3UpV 20 | RFoEFb1YYlM7Fl4tY1XLDNFsKGTcHL0gNMSbNKuYbVl4LufFshxOhPhh/p0YMtAu 21 | q5p3WIWawOLWMpzR9CHb7GW7m5v+nis2SUTyNR+2EWCN6htybLt7mNF4Be+xdgcy 22 | aDZ/Bcc/LyCsBoHujco6XxHb3AFURPOqF8GPppFl0kSDW/oSftiGZT70mFcZvAIu 23 | BA== 24 | -----END CERTIFICATE----- 25 | -------------------------------------------------------------------------------- /manifests/f5gc-udm/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_udm-sa.yaml 3 | - 01_udm-rbac.yaml 4 | - 02_udm-configmap.yaml 5 | - 03_udm-service.yaml 6 | - 04_udm-deployment.yaml 7 | 8 | namespace: f5gc 9 | 10 | secretGenerator: 11 | - name: f5gc-udm-tls-secret 12 | namespace: f5gc 13 | files: 14 | - cert/udm.pem 15 | - cert/udm.key 16 | type: "Opaque" 17 | generatorOptions: 18 | disableNameSuffixHash: true 19 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/00_udr-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-udr-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/01_udr-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-udr-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-udr-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/02_udr-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-udr-config 5 | data: 6 | udrcfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: UDR initial local configuration 10 | 11 | configuration: 12 | sbi: 13 | scheme: http 14 | registerIPv4: f5gc-udr # Can also be a kubernetes service IP or domain name. 15 | bindingIPv4: 0.0.0.0 # Can also be an ENV. 16 | port: 29504 17 | mongodb: 18 | name: free5gc 19 | url: mongodb://f5gc-mongodb:27017 20 | nrfUri: http://f5gc-nrf:29510 21 | 22 | free5GC.conf: | 23 | db_uri: mongodb://f5gc-mongodb:27017/free5gc 24 | 25 | #all logging levels 26 | #panic 27 | #fatal 28 | #error 29 | #warn 30 | #debug 31 | #debug 32 | #trace 33 | logger: 34 | # network function 35 | AMF: 36 | debugLevel: debug 37 | ReportCaller: true 38 | SMF: 39 | debugLevel: debug 40 | ReportCaller: true 41 | UDR: 42 | debugLevel: debug 43 | ReportCaller: true 44 | UDM: 45 | debugLevel: debug 46 | ReportCaller: true 47 | NRF: 48 | debugLevel: debug 49 | ReportCaller: true 50 | PCF: 51 | debugLevel: debug 52 | ReportCaller: true 53 | AUSF: 54 | debugLevel: debug 55 | ReportCaller: true 56 | N3IWF: 57 | debugLevel: debug 58 | ReportCaller: true 59 | # library 60 | NAS: 61 | debugLevel: debug 62 | ReportCaller: true 63 | FSM: 64 | debugLevel: debug 65 | ReportCaller: true 66 | NGAP: 67 | debugLevel: debug 68 | ReportCaller: true 69 | NamfComm: 70 | debugLevel: debug 71 | ReportCaller: true 72 | NamfEventExposure: 73 | debugLevel: debug 74 | ReportCaller: true 75 | NsmfPDUSession: 76 | debugLevel: debug 77 | ReportCaller: true 78 | NudrDataRepository: 79 | debugLevel: debug 80 | ReportCaller: true 81 | OpenApi: 82 | debugLevel: debug 83 | ReportCaller: true 84 | Aper: 85 | debugLevel: debug 86 | ReportCaller: true 87 | CommonConsumerTest: 88 | debugLevel: debug 89 | ReportCaller: true 90 | # webui 91 | WEBUI: 92 | debugLevel: debug 93 | ReportCaller: true 94 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/03_udr-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-udr 6 | name: f5gc-udr 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-udr 11 | port: 29504 12 | protocol: TCP 13 | targetPort: 29504 14 | selector: 15 | app: f5gc-udr 16 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/04_udr-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-udr 5 | labels: 6 | app: f5gc-udr 7 | annotations: 8 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 9 | free5gc.org/nsi-ids: '[ 10 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 11 | ]' 12 | spec: 13 | replicas: 1 14 | selector: 15 | matchLabels: 16 | app: f5gc-udr 17 | strategy: 18 | type: Recreate 19 | template: 20 | metadata: 21 | labels: 22 | app: f5gc-udr 23 | spec: 24 | securityContext: 25 | runAsUser: 0 26 | runAsGroup: 0 27 | containers: 28 | - name: f5gc-udr 29 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-udr:v3.0.4 30 | imagePullPolicy: IfNotPresent 31 | # imagePullPolicy: Always 32 | securityContext: 33 | privileged: false 34 | volumeMounts: 35 | - name: f5gc-udr-config 36 | mountPath: /free5gc/config 37 | - name: f5gc-udr-cert 38 | mountPath: /free5gc/support/TLS 39 | ports: 40 | - containerPort: 29504 41 | name: f5gc-udr 42 | protocol: TCP 43 | - name: tcpdump 44 | image: corfr/tcpdump 45 | command: 46 | - /bin/sleep 47 | - infinity 48 | dnsPolicy: ClusterFirst 49 | restartPolicy: Always 50 | schedulerName: default-scheduler 51 | serviceAccountName: f5gc-udr-sa 52 | terminationGracePeriodSeconds: 30 53 | volumes: 54 | - name: f5gc-udr-cert 55 | secret: 56 | secretName: f5gc-udr-tls-secret 57 | - name: f5gc-udr-config 58 | configMap: 59 | name: f5gc-udr-config 60 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/cert/udr.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAyL2vLO4vrQu2gGMsnjJ+ECkB0ThuA4CmhEktmhZx7uQCrDoX 3 | JG+qNgA5Xx5g/iM8otHB14X4CQB0ghjDSlw6z/M+eCL6fQaqjFkhrXj+LPeqNnWU 4 | ICDRxzYkyxnZ795yrs2HaQMnI053HRuuX4qssD31MTrlsoCXYQJrXP9yEZ9CaKMN 5 | QvDe1ZEhHx8odb0dvSTpXrdt8gv52Ro7c3Pt+igkuCOCRnOWiEUxcGIpNVad5nMF 6 | BMg6d8ILmoZCbof6DAneoDAsUYkh5BvKwUkQuRLWrRnU0zgw6QQfgQiYiz0DzQt8 7 | JqLOq+f8XsMQM/dFnsDEha1iSNf14mcZQd7N/wIDAQABAoIBAAtBr8AKPzwp6vr6 8 | FLduR2lqk0KDMpAZt7y1ScxZM9xchtXXkBKn/Fh43L67ul6l5TGQJ5mJVqZSkzX0 9 | Y4cY8udUUY11EKzQIeIq4VuT7FTjMnVJVJwUmw7bt2Z4NaNgyveIaO53kctGDCHi 10 | un17DkH3x3cSQW0oDtUOyKx3WpMoTKhAInnlI9lcS4rTNP2yJIUgZFd133EhnFuX 11 | SabzGkACR27Qyf66kReRRMKpqKn0sbpTQ/CyFZCiCTeKFzEsWMKlSyQ20Hg3NTil 12 | XG+cRSdajsM7lxXAQJka/qs4u/Nigst1qdn36rXt/vQq/smN062jkJr0x/UySjKc 13 | 4LJ8T1kCgYEA5xw8k+wvPc4I83G0LxBIEqrbYv+4C4Zl+YWIPEnLAzrIpjuX5LzH 14 | ENt7mELCufZ8T9dOxbLyg9MhNQTICKDCcteuu4KPegrEMBYxBzyxrx18Uj3UfhYq 15 | ZDX+NFsZql+3wqrN5QzFfimYkz8+zzos3Ox1gtXJjEukuWNb4HUjoVMCgYEA3lwo 16 | bROhiJ0U5etc6m0cSBMhFuzzD7vkl2eWXk00FV8iyiFqMRxoehog2/yfaWvCJ6za 17 | HFpmuiVRXeTa8cHSfVA3WMnCpI0l80cD1ej93gvmVuRGXJDvivwxwBVTgdczLr7f 18 | qsVQRo7wZxdwiw46VhCYs4tuU2DdvHfdFd/07yUCgYEAmB9L+IokZmgyGBwl4Dy1 19 | VCRGmBl+iYeDpASzMgvYp12QKWtcheGEnqH57rUy+7k1BlDQtu0dGIxmdUGacaNv 20 | mqxBhYdg7ZIcpRJWX08iHgQoivHL5tqsOJ4Zn1i/wheTG33WXQhVDsBOf83HiBvg 21 | 3+J9TwttyP0ZhjXSiiJQu6UCgYEAsCtNsBW0jjr9uqd9pxGpLYVSWwqCDD4t/rKI 22 | VNBP6nrEYmaU7rH2KH8Y95GvbuN8INj2uS36Y5J7Y6uUt6N7M+Ng5kx7lMlrftIN 23 | vOVqdQjyhnc3M9F0p6XleKysy5sHJwr8xByt3CkVWGget10fZN6jTOS0FQUSyGYi 24 | 2Fjmgq0CgYBiaeY8rABQ1Cpthe7BeqA6NyY+t8Vw4wuuD80G49yZuiHz5pNECBDa 25 | Do9P1RNU008byaKCphIJFpOeAGeyAlg3sRzj9RMkY3fTuOU2cq6ICxx33Y3TCiBe 26 | CqD+1jxyqTFWNIP1y+LiBGFjo4XzYXP8KHbVwtdth7BDSnTxuvFatQ== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/cert/udr.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDYDCCAkigAwIBAgIJAIYfrQTLTPZiMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV 3 | BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX 4 | aWRnaXRzIFB0eSBMdGQwHhcNMTkwNzIyMTM1MDU5WhcNMjkwNzE5MTM1MDU5WjBF 5 | MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 6 | ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 7 | CgKCAQEAyL2vLO4vrQu2gGMsnjJ+ECkB0ThuA4CmhEktmhZx7uQCrDoXJG+qNgA5 8 | Xx5g/iM8otHB14X4CQB0ghjDSlw6z/M+eCL6fQaqjFkhrXj+LPeqNnWUICDRxzYk 9 | yxnZ795yrs2HaQMnI053HRuuX4qssD31MTrlsoCXYQJrXP9yEZ9CaKMNQvDe1ZEh 10 | Hx8odb0dvSTpXrdt8gv52Ro7c3Pt+igkuCOCRnOWiEUxcGIpNVad5nMFBMg6d8IL 11 | moZCbof6DAneoDAsUYkh5BvKwUkQuRLWrRnU0zgw6QQfgQiYiz0DzQt8JqLOq+f8 12 | XsMQM/dFnsDEha1iSNf14mcZQd7N/wIDAQABo1MwUTAdBgNVHQ4EFgQUE/jHBVVy 13 | PlHey2lIv8CS9sIXHS4wHwYDVR0jBBgwFoAUE/jHBVVyPlHey2lIv8CS9sIXHS4w 14 | DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAZusdlEbXhDdmwZDN 15 | gBlO7oVV6kuWUR3v2udzFZN4EzP2qnf2JRkiMOnIn9l+NOcQVarGzI5+aZs4GbLr 16 | fGi6QOlu5zQ9rWR4kn2rSeIHhRMsYHtl/w+Dm3V/cV1u0ANcIfo1sVl1FTSEMwIl 17 | Xr/OZOtUgWwuRw4hwl2OaMDrK3Z2jTCtHONInRVKuyySqYgR6ZMJFKiKSfYYxSl9 18 | +i1bYCG5tVR1jZe5xvrF8gAABU+b24MJHGJfcXvSn8Z5JxgqRDX/cfKi1g27wewJ 19 | p5PRv659sSaHrk5yUTCar8s9zdNnaAkqtBmru0JxBkzEMN2mCoubwxyq1QVAI7u2 20 | yEIc7A== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /manifests/f5gc-udr/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_udr-sa.yaml 3 | - 01_udr-rbac.yaml 4 | - 02_udr-configmap.yaml 5 | - 03_udr-service.yaml 6 | - 04_udr-deployment.yaml 7 | 8 | namespace: f5gc 9 | 10 | secretGenerator: 11 | - name: f5gc-udr-tls-secret 12 | namespace: f5gc 13 | files: 14 | - cert/udr.pem 15 | - cert/udr.key 16 | type: "Opaque" 17 | generatorOptions: 18 | disableNameSuffixHash: true 19 | -------------------------------------------------------------------------------- /manifests/f5gc-upf-2/00_upf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-upf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-upf-2/01_upf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-upf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-upf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-upf-2/02_upf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-upf-config-2 5 | data: 6 | upfcfg.yaml: | 7 | info: 8 | version: 1.0.0 9 | description: UPF configuration 10 | 11 | configuration: 12 | # debugLevel: panic|fatal|error|warn|info|debug|trace 13 | debugLevel: info 14 | # ReportCaller: true|false 15 | ReportCaller: false 16 | 17 | pfcp: 18 | - addr: 172.16.30.31 19 | 20 | gtpu: 21 | - addr: 192.168.10.21 22 | # [optional] gtpu.name 23 | # - name: upf.5gc.nctu.me 24 | # [optional] gtpu.ifname 25 | # - ifname: gtpif 26 | 27 | dnn_list: 28 | - dnn: internet 29 | cidr: 172.16.1.0/24 30 | # [optional] apn_list[*].natifname 31 | # natifname: eth0 32 | -------------------------------------------------------------------------------- /manifests/f5gc-upf-2/03_upf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-upf-2 6 | name: f5gc-upf-2 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-upf-n3 11 | port: 2152 12 | protocol: UDP 13 | targetPort: 2152 14 | - name: f5gc-upf-n4 15 | port: 8805 16 | protocol: UDP 17 | targetPort: 8805 18 | selector: 19 | app: f5gc-upf-2 20 | -------------------------------------------------------------------------------- /manifests/f5gc-upf-2/04_upf-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-upf-2-n3 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "192.168.10.21/24", 17 | "gateway": "192.168.10.1" 18 | } 19 | ] 20 | } 21 | }' 22 | 23 | --- 24 | apiVersion: "k8s.cni.cncf.io/v1" 25 | kind: NetworkAttachmentDefinition 26 | metadata: 27 | name: f5gc-upf-2-n4 28 | spec: 29 | config: '{ 30 | "cniVersion": "0.3.1", 31 | "type": "macvlan", 32 | "master": "eno2", 33 | "mode": "bridge", 34 | "ipam": { 35 | "type": "static", 36 | "addresses": [ 37 | { 38 | "address": "172.16.30.31/24", 39 | "gateway": "172.16.30.1" 40 | } 41 | ] 42 | } 43 | }' 44 | --- 45 | apiVersion: "k8s.cni.cncf.io/v1" 46 | kind: NetworkAttachmentDefinition 47 | metadata: 48 | name: f5gc-upf-2-n6 49 | spec: 50 | config: '{ 51 | "cniVersion": "0.3.1", 52 | "type": "macvlan", 53 | "master": "eno2", 54 | "mode": "bridge", 55 | "ipam": { 56 | "type": "static", 57 | "addresses": [ 58 | { 59 | "address": "172.16.31.31/24", 60 | "gateway": "172.16.31.1" 61 | } 62 | ] 63 | } 64 | }' 65 | -------------------------------------------------------------------------------- /manifests/f5gc-upf-2/05_upf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-upf-2 5 | labels: 6 | app: f5gc-upf-2 7 | sliceidx: f2755a68-e24a-4112-8931-ffad4bafa0e2 8 | annotations: 9 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 10 | free5gc.org/nsi-ids: '[ 11 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 12 | ]' 13 | spec: 14 | replicas: 1 15 | selector: 16 | matchLabels: 17 | app: f5gc-upf-2 18 | strategy: 19 | type: Recreate 20 | template: 21 | metadata: 22 | labels: 23 | app: f5gc-upf-2 24 | annotations: 25 | k8s.v1.cni.cncf.io/networks: f5gc-upf-2-n3, f5gc-upf-2-n4, f5gc-upf-2-n6 26 | spec: 27 | securityContext: 28 | runAsUser: 0 29 | runAsGroup: 0 30 | containers: 31 | - name: f5gc-upf 32 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-upf:v3.0.4 33 | imagePullPolicy: IfNotPresent 34 | # imagePullPolicy: Always 35 | securityContext: 36 | privileged: false 37 | capabilities: 38 | add: ["NET_ADMIN", "NET_RAW", "NET_BIND_SERVICE", "SYS_TIME"] 39 | volumeMounts: 40 | - name: f5gc-upf-config 41 | mountPath: /free5gc/config 42 | - mountPath: /dev/net/tun 43 | name: tun-devdir 44 | ports: 45 | - containerPort: 2152 46 | name: if-n3 47 | protocol: UDP 48 | - containerPort: 8805 49 | name: if-n4 50 | protocol: UDP 51 | - name: tcpdump 52 | image: corfr/tcpdump 53 | command: 54 | - /bin/sleep 55 | - infinity 56 | dnsPolicy: ClusterFirst 57 | restartPolicy: Always 58 | schedulerName: default-scheduler 59 | serviceAccountName: f5gc-upf-sa 60 | terminationGracePeriodSeconds: 30 61 | volumes: 62 | - name: f5gc-upf-config 63 | configMap: 64 | name: f5gc-upf-config-2 65 | - name: tun-devdir 66 | hostPath: 67 | path: /dev/net/tun 68 | -------------------------------------------------------------------------------- /manifests/f5gc-upf-2/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_upf-sa.yaml 3 | - 01_upf-rbac.yaml 4 | - 02_upf-configmap.yaml 5 | - 03_upf-service.yaml 6 | - 04_upf-multus.yaml 7 | - 05_upf-deployment.yaml 8 | 9 | namespace: f5gc 10 | -------------------------------------------------------------------------------- /manifests/f5gc-upf/00_upf-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-upf-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-upf/01_upf-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-upf-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-upf-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-upf/02_upf-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-upf-config 5 | data: 6 | upfcfg.yaml: | 7 | info: 8 | version: 1.0.0 9 | description: UPF configuration 10 | 11 | configuration: 12 | # debugLevel: panic|fatal|error|warn|info|debug|trace 13 | debugLevel: info 14 | # ReportCaller: true|false 15 | ReportCaller: false 16 | 17 | pfcp: 18 | - addr: 172.16.30.30 19 | 20 | gtpu: 21 | - addr: 192.168.10.20 22 | # [optional] gtpu.name 23 | # - name: upf.5gc.nctu.me 24 | # [optional] gtpu.ifname 25 | # - ifname: gtpif 26 | 27 | dnn_list: 28 | - dnn: internet 29 | cidr: 172.16.1.0/24 30 | # [optional] apn_list[*].natifname 31 | # natifname: eth0 32 | -------------------------------------------------------------------------------- /manifests/f5gc-upf/03_upf-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-upf 6 | name: f5gc-upf 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - name: f5gc-upf-n3 11 | port: 2152 12 | protocol: UDP 13 | targetPort: 2152 14 | - name: f5gc-upf-n4 15 | port: 8805 16 | protocol: UDP 17 | targetPort: 8805 18 | selector: 19 | app: f5gc-upf 20 | -------------------------------------------------------------------------------- /manifests/f5gc-upf/04_upf-multus.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: "k8s.cni.cncf.io/v1" 3 | kind: NetworkAttachmentDefinition 4 | metadata: 5 | name: f5gc-upf-n3 6 | spec: 7 | config: '{ 8 | "cniVersion": "0.3.1", 9 | "type": "macvlan", 10 | "master": "eno2", 11 | "mode": "bridge", 12 | "ipam": { 13 | "type": "static", 14 | "addresses": [ 15 | { 16 | "address": "192.168.10.20/24", 17 | "gateway": "192.168.10.1" 18 | } 19 | ] 20 | } 21 | }' 22 | 23 | --- 24 | apiVersion: "k8s.cni.cncf.io/v1" 25 | kind: NetworkAttachmentDefinition 26 | metadata: 27 | name: f5gc-upf-n4 28 | spec: 29 | config: '{ 30 | "cniVersion": "0.3.1", 31 | "type": "macvlan", 32 | "master": "eno2", 33 | "mode": "bridge", 34 | "ipam": { 35 | "type": "static", 36 | "addresses": [ 37 | { 38 | "address": "172.16.30.30/24", 39 | "gateway": "172.16.30.1" 40 | } 41 | ] 42 | } 43 | }' 44 | --- 45 | apiVersion: "k8s.cni.cncf.io/v1" 46 | kind: NetworkAttachmentDefinition 47 | metadata: 48 | name: f5gc-upf-n6 49 | spec: 50 | config: '{ 51 | "cniVersion": "0.3.1", 52 | "type": "macvlan", 53 | "master": "eno2", 54 | "mode": "bridge", 55 | "ipam": { 56 | "type": "static", 57 | "addresses": [ 58 | { 59 | "address": "172.16.31.30/24", 60 | "gateway": "172.16.31.1" 61 | } 62 | ] 63 | } 64 | }' 65 | -------------------------------------------------------------------------------- /manifests/f5gc-upf/05_upf-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-upf 5 | labels: 6 | app: f5gc-upf 7 | sliceidx: 6d3d79da-f781-4cd9-813a-dbdad01e01c0 8 | annotations: 9 | free5gc.org/nssi-id: '27394d25-dbf5-428e-8fc3-f5b2add67115' 10 | free5gc.org/nsi-ids: '[ 11 | { "id": "4e6db941-47d6-4fce-9c71-f7eb35a75d03" }, 12 | ]' 13 | spec: 14 | replicas: 1 15 | selector: 16 | matchLabels: 17 | app: f5gc-upf 18 | strategy: 19 | type: Recreate 20 | template: 21 | metadata: 22 | labels: 23 | app: f5gc-upf 24 | annotations: 25 | k8s.v1.cni.cncf.io/networks: f5gc-upf-n3, f5gc-upf-n4, f5gc-upf-n6 26 | spec: 27 | securityContext: 28 | runAsUser: 0 29 | runAsGroup: 0 30 | containers: 31 | - name: f5gc-upf 32 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-upf:v3.0.4 33 | imagePullPolicy: IfNotPresent 34 | # imagePullPolicy: Always 35 | securityContext: 36 | privileged: false 37 | capabilities: 38 | add: ["NET_ADMIN", "NET_RAW", "NET_BIND_SERVICE", "SYS_TIME"] 39 | volumeMounts: 40 | - name: f5gc-upf-config 41 | mountPath: /free5gc/config 42 | - mountPath: /dev/net/tun 43 | name: tun-devdir 44 | ports: 45 | - containerPort: 2152 46 | name: if-n3 47 | protocol: UDP 48 | - containerPort: 8805 49 | name: if-n4 50 | protocol: UDP 51 | - name: tcpdump 52 | image: corfr/tcpdump 53 | command: 54 | - /bin/sleep 55 | - infinity 56 | dnsPolicy: ClusterFirst 57 | restartPolicy: Always 58 | schedulerName: default-scheduler 59 | serviceAccountName: f5gc-upf-sa 60 | terminationGracePeriodSeconds: 30 61 | volumes: 62 | - name: f5gc-upf-config 63 | configMap: 64 | name: f5gc-upf-config 65 | - name: tun-devdir 66 | hostPath: 67 | path: /dev/net/tun 68 | -------------------------------------------------------------------------------- /manifests/f5gc-upf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_upf-sa.yaml 3 | - 01_upf-rbac.yaml 4 | - 02_upf-configmap.yaml 5 | - 03_upf-service.yaml 6 | - 04_upf-multus.yaml 7 | - 05_upf-deployment.yaml 8 | 9 | namespace: f5gc 10 | -------------------------------------------------------------------------------- /manifests/f5gc-webui/00_webui-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: f5gc-webui-sa 5 | -------------------------------------------------------------------------------- /manifests/f5gc-webui/01_webui-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: f5gc-webui-rbac 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: f5gc-webui-sa 12 | -------------------------------------------------------------------------------- /manifests/f5gc-webui/02_webui-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: f5gc-webui-config 5 | data: 6 | webuicfg.conf: | 7 | info: 8 | version: 1.0.0 9 | description: WebUI initial local configuration 10 | 11 | configuration: 12 | mongodb: 13 | name: free5gc 14 | url: mongodb://f5gc-mongodb:27017 15 | -------------------------------------------------------------------------------- /manifests/f5gc-webui/03_webui-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: f5gc-webui 6 | name: f5gc-webui 7 | spec: 8 | type: NodePort 9 | ports: 10 | - name: f5gc-webui 11 | port: 5000 12 | protocol: TCP 13 | targetPort: 5000 14 | selector: 15 | app: f5gc-webui 16 | -------------------------------------------------------------------------------- /manifests/f5gc-webui/04_webui-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: f5gc-webui 5 | labels: 6 | app: f5gc-webui 7 | spec: 8 | replicas: 1 9 | selector: 10 | matchLabels: 11 | app: f5gc-webui 12 | strategy: 13 | type: RollingUpdate 14 | template: 15 | metadata: 16 | labels: 17 | app: f5gc-webui 18 | spec: 19 | securityContext: 20 | runAsUser: 0 21 | runAsGroup: 0 22 | containers: 23 | - name: f5gc-webui 24 | image: ghcr.io/sumichaaan/free5gc-k8s/f5gc-webui:v3.0.4 25 | imagePullPolicy: IfNotPresent 26 | # imagePullPolicy: Always 27 | securityContext: 28 | privileged: false 29 | volumeMounts: 30 | - name: f5gc-webui-config 31 | mountPath: /free5gc/config 32 | ports: 33 | - containerPort: 5000 34 | name: f5gc-webui 35 | protocol: TCP 36 | - name: tcpdump 37 | image: corfr/tcpdump 38 | command: 39 | - /bin/sleep 40 | - infinity 41 | dnsPolicy: ClusterFirst 42 | restartPolicy: Always 43 | schedulerName: default-scheduler 44 | serviceAccountName: f5gc-webui-sa 45 | terminationGracePeriodSeconds: 30 46 | volumes: 47 | - name: f5gc-webui-config 48 | configMap: 49 | name: f5gc-webui-config 50 | -------------------------------------------------------------------------------- /manifests/f5gc-webui/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - 00_webui-sa.yaml 3 | - 01_webui-rbac.yaml 4 | - 02_webui-configmap.yaml 5 | - 03_webui-service.yaml 6 | - 04_webui-deployment.yaml 7 | 8 | namespace: f5gc 9 | --------------------------------------------------------------------------------