 All right, I'm going to start it. And if you didn't hear already, you can please add your name and any agenda items to the main notes in the Zoom chat. I think everyone probably got the notice this meeting is being recorded it'll be posted to the CNCF YouTube and the telecom user group playlist. So once a month meeting for the user group and following this meeting, which is actually every Monday is a the CNF working group. Does anyone have any additional agenda items I'd like to add. If you're not able to see the doc or verbalize or put something in the chat. I haven't heard anybody is. Are you all able to hear me. Yeah, yeah, I think we're just quiet. All right. Okay, I can hear you Taylor. Seven minutes of quiet. All right. So, let's see. If anyone has any interesting cube con in a or any us. track our events, they should be coming out this week, keep in mind you could drop them in here so that folks will see those and be aware of things that are interesting to our community. And with that. I'll hand it over to visit. Yeah, fam. Yes, yes. Yeah. All right. Okay. Yeah. All right. And I will, if I can unshare and you can share your screen if you'd like. Sure. Yep, thank you. This email. Yes, I can hear you and I can see the screen share. Okay. Let me open the slides. All right. This is about CNF deployments. Right. All right. Okay. Can you see it now? Yes, and it's full screen on the slides. Okay. So, yeah, good morning. Good evening, everyone. My name is Zangia and I'm glad to be here to share with the community. Our community. Yeah, about this demonstration. That is the end to end LTE network CNF deployed on the Kubernetes infrastructure. Yeah, there are two tasks in regarding to this. Yeah, the first one is to deploy the whole end to end LTE network onto the Kubernetes infrastructure and the next one that is to do some advanced configuration in the 4G network. And this is the network slicing. And it is to see how the Kubernetes behave and support the complicated configuration inside the KS. Okay, so I move on to the setup of the demo. I'm just using the virtual box virtualization. And you can see there, I'm using two VM inside the virtual box. Outlet structure for the Kubernetes infrastructure I'm using the Rancher platform to install the Kubernetes. And then after that, we have the Docker, the CNI is Calico. For the CNF itself. I'm using the hem chart report from open virtual. And that's very brief information for the setup of this demo for the LTE network functions. For the PPC, including the MME, X Gateway, P Gateway, I'm using Open 5GS, and the same for the HSS and PCIF, I'm also using Open 5GS. E-Untran or the RAN network, the E-NodeB and the UE is from the SRS RAN, so as you can see on the screen, the whole LTE network is on the left hand side of the picture. So that's the brief information for how we set up the lab. Let's, I think, jump right into the lab demo. Okay, here is the one that I introduced. So the two nodes is here. Inside the Kubernetes, I have a list of namespace already, one of that just created. That's the demo 4G. So the ones on the left hand side here in the GUI. What we're going to do, we will deploy the EPC package for part first. So in order to do that, we choose application and marketplace. Here already, and the open virtual repository is added before. If you want to add this repository, it's very quick and easy. Just go to the chart repository, and then you add this repository inside. And then we go. Inside this, there will be a list of open source, a telecom application for package core, for RAN, for 4G and 5G. What we need in this demo is the open 5GS. So I pick this one, and I choose the namespace I want. And I name it. For the values here, I need to change a little bit the MCC and the MNC, the key parameter defining the telco network. So I need to change this to 001 for the MCC and 01 for the MNC for the MME. I will do the same for the AMF. This is for it too much with this parameter of the RAN network later on. And for the other parameter, I just keep the default value. Hit install. From the command line, we can also see and monitor the resources being created. So there's a list of resources now being created. I just display the port only in the ham chart window. The updated information for this resources creation is also updated. Almost. All right. That's one thing I need to tweak a bit. I realize this is the new thing. I just added in the latest release of the open 5GS. That's there's one container. It's not up and running fully yet. What I need to do. I go to the deployment. I change one parameter here. Let me double check if it's okay now. Look like it's good. Okay, it's good. I don't need to change anything. Next. Okay, so now you can see in the mentioned namespace demo 4G. Huge list of network function or the CNF just created using that ham chart. We need to expose the service of the HSS. We need the HSS at GUI because we have to do or to add information for the subscriber we need. So we want to see this GUI and it is now not exposed yet. So I need to do that now. This is just the normal task in the Kubernetes. I'm sure you guys are all familiar with this. Nothing fancy here. Right now we have the notepad of the HSS. HSS is the database note of the EPC package called 4G network. So it's important for us to subscribe our GUI. We will go to this one. We know the notepad 31288 something wrong with this one. Just wait a bit. 31288. Okay. Let me try the other note. Web 2 note. Okay. There might be something wrong with the first note. Let me check. Okay. Looks okay. But if I use the note, the first note, it's ham. So never mind. We just use another note. Okay. So inside this one, we have this information for the GUI already. It's just the database we need to add or config in order to make sure that the GUI is registered into the EPC network. So this information needs to be subscribed. So the EMZ and the key and the OPC will so slice configuration. So the first one. Yeah, this one. Yeah, 411000011 the first UA is added. So that's it for the core part. For the radio part. We will initiate the E note B and the UA. Also inside that open virtual ham chart. And we choose the SSLTE. There's also other E note B, but I choose SSLTE. I choose the name space. The same name space that I use for the EPC. So I named this one. The note B, UA, Internet 11. Important thing here we need to make sure that this key information that I mentioned when I opened the headset window. The EMZ key and OPC must match. So I need to key in that here. Okay. It's a bit weird when I am in the sharing mode. I could not call the other window easily. So I think I mean, I mean the moment you turn the UA. It's initiates with the CM connection mode and registration mode. And looking in the equipment that you use through the EMEI or through the Mac and then, you know, checks on the registration. You're using IMSI or MSI SDM. Yeah, looking for the SBI that's soupy and, you know, sushi and, you know, good tea and then also you have some other things related to the PCA or the UPF and different modes like idle and connected or inactive. And it's also a little bit, you know, how the PCA is actually deployed and the interaction from the PCA or the UPF. You know, GTPU and the different PDU sessions, you know, the formats and the translation, but all these will cause to you some delays. And all these that you have, I'm sorry to interrupt you. When you're actually serving, you have to fulfill certain requirements to particular services and you'll be talking about slices and currently there are five standardized categories. I think I would come to that. Yeah, I think you have high performance for communication. You know, the RRC will provide you with the NSAI and then the UEE can support up to NSSAI. So now, a little bit back, all these configurations, could you please be so kind to share which service category this is implemented for and could you please be so kind to share. How do you actually need the specified 5QI or the quality of service identifier, which is specified. I will go into that. One of the categories in subservices. I will come to that. Okay. Thank you. Okay. Yep. I hope I have enough time. But I will come to that. This is the first step. All right. Yep. Okay, we continue. So, yeah, we need to do the configuration at the radio side after we do the configuration at the headset set. So let me copy all of these key information in order to initiate the E-Node B and the UEE. Okay. Care, IMZ, key, and OPC. Let me see if anything else needed to be changed. No, good enough. Okay. I hit install. Yep. This guy is up and running. The first, it'll be an UEE called Internet 11. It's up and running. So, right now. If you go to the MME window. Let me see. Yeah, this one. MME. If we go to the logs, view the logs of the MME. We see that it's up and running, but it hasn't had the connectivity with the UEE and the E-Node B yet. So what we need to do, we need to change the IP address inside this E-Node B here. Yeah, we need to use that in the config map. For this one, one one, remember one one. Edit the config. And we need the IP address of the MME. I choose the cluster IP address of the MME because it's less changing than the container itself. So it's 10, 43, 2, 3, 0, about 3, 7. We need to... Very quickly, but can I make a quick suggestion? We've also deployed open 5GS and you could use Kubernetes services with DNS. So you do not have to use the hard-coded cluster IPs. You can let Kubernetes cloud natively manage those IPs for you and have them connect by DNS. That works. Okay, yep. Thank you. Yeah, it sounds good. But yeah, how about if we have the E-Node B or the G-Node B outside of the cluster. Yeah. We still have to do this manually. Is it? Is it okay? Okay, never mind. Were you asking a question for Tal there on the manual or someone else? No, yeah. Hello, Tal. Yeah, there are some comments from someone. And then I asked him back, but yeah, there was no response from him. Oh, sure it's okay. If you want to connect it somewhere externally, I thought you were trying to connect the internal components. But yeah, still I would recommend using Kubernetes services. That's exactly what they're for, because the pods can come and go and the IP addresses can change. Yeah, exactly. Yeah, the point here is if we have to do the configuration of the IP address at the E-Node B, then it might be in the other network, right? It can be the bare meter. So we still need to do the configuration of the IP address for the E-Node B to reach out to the MME. If the NF or the container is inside the Kubernetes, like HSS or AMF or the other NF, then it's okay to use the service name. But if the network functions or the elements is outside of the Kubernetes, then normally we would have to key in the IP address manually. But yeah, let's hope if I guess later on or in the real-life configuration, we can have some kind of automation tools to do that for us. But yeah, anyway, for the purpose of the demo, I'm okay with this right now. So I save this one. And in order for the change to take effect, I will redeploy this one. You can see that the old E-Node B is being terminated. And at the same time, we see the reaction from the MME. The MME is the control plane elements interfacing a couple of other network elements, including the E-Node B. So let's see if the E-Node B is up and running. It will talk and it will attach with the MME. Okay, so the E-Node B is accepted. And the IP address of the E-Node B is 10, 42, 44, 83. And this is the one that we just created, 10, 42, 44, 83. So this is the one. And right now, the UE, then we also ask the MME to attach. And you see the MZ that we, we config at the headset set, ending with one-one, it just ask the MME for the attachment and the MME top with the headset set. And if everything is okay, authenticated and information is matched, then it is accepted. So now the connectivity between the E-Node B, the UE and the MME or the package called EPC is okay. We can check the actual connectivity of the UE. So right now the UE is assigned with a context represented by an interface. And this interface will have the UE to reach out to the outside world. Let's ping using this interface, Google.com. And it's true. That's kind of very basic deployment of a complete LTE network, including EPC, a CNF, and E-Node B or the BTS. And it is okay now. Any questions so far? Any more comments? I'll just comment quickly. A bunch of people are working on the same thing at Red Hat. Myself and my colleague are here. I'm going to share a repository in the chat of some of my work with Open 5GS, where you can build it from source and deploy to Kubernetes. I don't have any EPC, you know, it'd be connected quite yet, but my colleague Jose here I think does, maybe he can share something more. But otherwise, I wanted to ask you if you can introduce yourself. I didn't get a real sense of who you are, where you're coming from, and what the context of this work is. Really? What do you get in the first place? I think I did have an introduction. This one. It is me. I'm here. I'm in the telecom industry. My name is Pham Zangia. Is that okay? That's good. I was hoping for more. You're working for an organization. I'm in the telecom industry. I'm working for the telecom vendor, but I'm here as my personal interest. Because you see, yeah, I'm using a lot of open source software. So, yep, it's my interest and I'm here with my personal interest. Okay. If I may, I will share with you a few reports that here in Red Hat, we've been working on related with this demo. Before we switch over to show something else, are there any specific questions for Gia about what he's given so far? Well, I have a question about the demo itself. So in this case, the antenna is based on the USRP technology. Is that the case? I don't get the question. Yeah, if you're using some sort of software defined radio technology to do this demo. Hang on. Okay. Yeah, you see, as I said, the Inobi is SIS run, the same with the UE. SIS is the open source and inside this one, yeah, there's the emulated run hardware in order for it to do some kind of emulated insight. Yep. In order to reach to the EPC. That's the answer. Is that okay? Yeah. Yeah. We can also see the logs for the UE and the Inobi, it's here. I'm not the expert of the run Inobi here, but here is the information inside the logs of the Inobi. And then you can see there, there's some more parameters there. Frequency or parameters or yep. Okay, then I will move on to the slicing. Yeah, if we do the slicing, then we'll be more your configuration for that. Okay, first. Yep, I need to change some configuration inside the config map of the FSMF and the UPF. The network functions that's handling the slicing or the networking informations of the EPC or LTE network. So what I need to do I need to scale down these NF first. In the meantime, we go to the config map and we go to the FSMF. I pick up the FSMF and I go to edit it because for slicing more network information needed to be added. So I remove this one and I prepare its configuration here already. It's nothing too big. Just to add the network functions for more slides here into the config map. And then I save it. We need to do the same for the PCF. PCF is the P gateway. Where is it? No, the UPF, I'm sorry. UPF, remove this. Okay, I save it. So we need to scale up these network functions back to apply the new configuration. Okay, they're up and running with the new configuration. Now, we go to this one, it better. So here I add three more UEs for three more slides. Let's see. Okay, so the UE ending with two one. I put it in the slides IOT. And it is matched with the configuration that I mentioned that I added into the SMF and the UPF just now. So this is the new slice or a new network. Yep, of course, this is the 4G and it is not as full as the 5G network slicing, but this is one just the simple view of the network slicing in the 4G network. In order to differentiate the traffic or the type of traffic we want. In the real life, this parameter might be customized depending on your use case, it can be IOT, it can be H, your mobile H computing or ML, MRLLC, low latency, no, you are LLC, you can try reliable and low latency communication, or it can be even AI, ML, industrial automation, and so on. But I will keep this the full value as it is. So the next UE is for the H. And choose that in the H slice or DNN and the final one, the fourth one. I name it your slice, it's up to you to spin up your own type of slice that fulfill your requirement. It can be also your own private LTE 4G network. So because we have this information at the HSSH already, we go back to the run part for the run. I also install these three additional inodeb already, and it is the same way that I just installed the first one like this one. The only difference is just it's in another slice and the IMZ is different. So I scan up this inodeb. I could have changed the IP address. But anyway, that's okay, we can do that now. So these new UE, no not new, but in stone, and it's just up and running, we need to change the IP address also. 1043 230.37. And I will change that for the three one. We need to change that using the config map 230.37. Where is the IMZ? Okay, it's good enough. So save. Do the same for the three one. Save. And the final one, your slice. And as normal, we need to really point it. And we watch the reaction at the MME. Because as long as this new UE will be up and running with the right MME IP address, it will do the attachment with the MME. Yes. The first UE, the second UE. And that's great for the other to finish. And after the E-note B is accepted, then the UE will be authenticated and then attached. A quick question, how do you manage certificates for authentication for the demo at least? It's not kind of the certificate, but you're between the SSH and the UE, there's special authentication method. It's used even more complex than the certificate. But it is also two ways, mutual, that it will use the IMZ in order to authenticate. And it's quite complex. Another question related with previous one. What are you using to manage certificates required for diameter protocol between the HSS, the MME and the PCRF? Good question. I think it is the internal inside the Open5GS. I haven't checked if they use that yet. I haven't answered. It uses a diameter internally and using the free diameter project and indeed there it uses TLS, standard TLS certificates for authentication internally. Okay. Yeah, thank you. So that's the UE, right? These UE are the config inside this, its own special slice. And let's go to H to see if it's really connected. So you see this is the UE 21 and it is the site inside this network. It is the same or it is matched with what we can fix inside the SMF here for the IoT. So this guy can ping the internet. Let's ping VNX branch. Okay. It could not ping yet. There's one more thing we need to do. And that's the NAT right now. It could not ping to the outside yet because at the UPF we need to do the NAT. Yeah, from the UPF to the outside world for these new slides or APN that we added before. So we need to add all of these to the new network or APN into the UPF. I go to the UPF here. I go to the container. Open it. See there's a list of interfaces. This is kind of the gateway for the interfaces or the network that we created, but it hasn't been up yet. We need to add this or config this information into this. And now it's up and the ping is through. So, yeah, it is the kind of very basic configuration for the network slicing in 4G. I think it's a bit complicated for the telecom network, but it is trust you to show that the slicing configuration, the advanced configuration. Yeah. How is it handed in the Kubernetes and native cloud infrastructure. And do you have any configuration for the NAS from the UE traversing MME towards the application server for the IoT and implementing on the control plane, the NIDD. Yeah, this is only for the UE to be connected to the UPF and then from the UPF to the outside world. We don't have any application server here for the IoT nor for the H or for any other slides. Yeah, it is just, if it is through to the internet, then it is, it is up to the application or the use case. It is not to install the application server. Is that, is that what you can you, can you configure for the SC mode one to three on the UPF for the PDU session or PCA. I haven't tried that yet. Okay. We do the same for the other UE. We check for the UE in the slides IOT or APN IOT already we can check the same for the slide H. Here you see the network for the slide H is this one. It's aligned with what we set in the UPF and what we set in the SML. It is in this network. So this UE is assigned with this. And inside the UPF that is the gateway. The ton three is the gateway of that edge slides. Yeah. That's the gateway. And this one is IP address of the UE. How are the devices set up those additional devices like the ton device? I'm sorry. Are the, the, it looks like you have additional interfaces. Yes, correct. At the UE, huh. Yeah, so how are those set up or those, is that part of open five GS like automated or how do you, how does that done. Okay, it is. Okay, look, it will attack with the MME right because the MME is the first representative that it can talk to and then after that. It is the authenticated and once it is accepted, it will ask the SMF, the SMF to assign the network for it. The SMF will assign the network which is in the UPF for this UE. I mean, do you have also support for the on the UE? Yeah, those are the telecom your protocol. Yep. It, it, it will be handled by the telecom network. Yeah, it's the same with 2G, 3G, 4G. There will be the network functions inside the EPC or the core network. And that will be responsible for assigning the PDP contacts or the interface that we just saw in the UE like this. If, if we create a new in OB, there will be no attend interface, but only if it is attacked with the EPC and with the right network with the right MNC mobile country code and mobile network code. Once after it is authenticated by the HSH, that would be a send to the SMF and the UPF and those guys will be responsible for assigning network interface for this UE as long as they are configured at the HSH. I want to do a quick time check. We got three minutes. Does anybody have questions? Yeah. No, no, no. Good for me. Any comments or questions about all this? Yep, I see that. Yeah, yeah, there's some comment from the chat about the new repository that I shared by the Red Hat team, right? Yeah, I think it's, it's, it's good that we can have that and we can also check. Especially in the end to end environment or context, then I'm, I'm glad. And I would try that. Yep, thank you for that. Thanks, Gia. Does anyone want to, does anyone have any other, I guess, final comments and then like the, this Red Hat posted kind, Kate's from Isaiah or Tal, do y'all want to put something on the agenda for next month? We were actually just discussing among ourselves. We might have something, something also to demonstrate. It could be similar to this, but different. We, we, the definition of end to end is, is might be different for, for us. I'll just quickly mention, you know, we're all using upstream projects, open 5GS. If anybody's more interested in how this all works as a 5G core, or it also supports 4G core, sorry, 4G EPS, you can just go do their website and see the work that they're doing. Where what we're doing is merely packaging it and making it more cloud native for Kubernetes. Tal, would you show anything on the SCP service communication proxy for the inter-UPF on N9 using SCPP also? Anything, you know, for the service session continuity mode one to three in the, depending on the UPF selection and reselection, depending on the location of the UPF? That's a very, very interesting point you're getting into that it technically it ends up being quite difficult because of the way that open 5GS uses SCP. I don't know if you know, but STP is kind of a new thing in Kubernetes. It's just recently gotten support. It's up to your containers to really do it. The problem is that open 5GS uses a few different upstream open source libraries, and some of them use kernel mode STP. Some of them allow user mode STP. There are a lot of challenges in running kernel mode STP in Kubernetes. What ends up happening is that we've actually instead of STP, I've been playing around with using just TCP instead, which is a plain TCP, which is what open 5GS supports. So I personally don't have complete open STP running. What about you, Jose? Have you managed to get it? Hey, we're at time. Anyone that wants to continue can hear. I'm going to be dropping for the CNF working group, which starts right now. Thanks, everyone. See you all next month. Thank you. Thank you. Thanks. Bye.