Sample PCF Configuration

Sample Configuration File

The following is only a sample configuration file provided solely for your reference. You must create and modify your own configuration file according to the specific needs of your deployment.


Important


The mandatory parameters are required to ensure that the critical pods such as CRD and Policy Engine are in the running state.



config 
datastore primary-endpoint connection-settings keep-alive keep-alive-time-ms 200 
datastore primary-endpoint connection-settings channel count 4 
datastore primary-endpoint connection-settings timeout-ms 500 
datastore external-endpoints datastore 
 connection-settings keep-alive keep-alive-time-ms 200 
 connection-settings channel count 3 
 connection-settings timeout-ms 500 
exit 
ldap replicas 2 
ldap server-set USD 
 search-user dn cn=sdcUser,dc=C-NTDB 
 search-user password $8$yx0jELXTK0f7CJO2XklpJx+CpCUIX13B9C5oQ4NEnaI= 
 health-check interval-ms 5000 
 health-check dn cn=sdcUser,dc=C-NTDB 
 health-check filter msisdn=918369110173 
 health-check attributes napCustType 
 initial-connections                            10 
 max-connections                                10 
 retry-count                                    2 
 retry-timer-ms                                 100 
 max-failover-connection-age-ms                 60000 
 binds-per-second                               0.2 
 number-consecutive-timeouts-for-bad-connection -1 
 missing-attribute-result-code                  32 
 connection 192.0.2.18 389 
  priority        400 
  connection-rule ROUND_ROBIN 
  auto-reconnect  true 
  timeout-ms      200 
  bind-timeout-ms 3000 
 exit 
 connection 192.0.2.18 390 
  priority        400 
  connection-rule ROUND_ROBIN 
  auto-reconnect  true 
  timeout-ms      200 
  bind-timeout-ms 3000 
 exit 
 connection 192.0.2.18 391 
  priority        400 
  connection-rule ROUND_ROBIN 
  auto-reconnect  true 
  timeout-ms      200 
  bind-timeout-ms 3000 
 exit 
exit 
//This is a mandatory parameter 
db global-settings db-replica 3 
//This is a mandatory parameter 
db global-settings volume-storage-class local 
db spr shard-count 1 
db balance shard-count 1 
debug tracing type DISABLED 
debug logging default-level error 
debug logging logger com.broadhop 
 level warn 
exit 
debug logging logger com.broadhop.custrefdata.impl.dao.GenericDao 
 level error 
exit 
debug logging logger com.broadhop.diameter2.policy.endpoints 
 level error 
exit 
debug logging logger com.broadhop.ldap 
 level error 
exit 
debug logging logger com.broadhop.microservices.control 
 level error 
exit 
debug logging logger com.broadhop.utilities.queue.redis 
 level error 
exit 
debug logging logger com.cisco 
 level warn 
exit 
debug logging logger com.cisco.diameter 
 level error 
exit 
debug logging logger com.cisco.diameter.endpoint 
 level error 
exit 
debug logging logger com.cisco.pcf 
 level debug 
exit 
debug logging logger com.cisco.pcf.endpoint.client 
 level error 

exit 
debug logging logger com.cisco.pcf.endpoint.client.Http2JettyRequestAsync 
 level error 
exit 
debug logging logger com.cisco.pcf.ldapserver 
 level warn 
exit 
debug logging logger com.cisco.pcf.nf.cache.NfCache 
 level warn 
exit 
debug logging logger io.prometheus.client 
 level error 
exit 
debug logging logger policy.engine 
 level debug 
exit 
debug logging logger rest.message 
 level warn 
exit 
features patching ingress-enabled true 
diameter settings timeouts-ms dpa 5000 
diameter application rx 
 application-id   16777236 
 tgpp-application true 
 vendor           [ 10415 ] 
exit 
diameter group rx-protocol-1 
 mode server 
 stack rx-protocol-1 
  application rx 
  replicas    2 
  bind-ip      192.0.2.19 
  bind-port   3868 
  fqdn        pcf-rx-server-1 
  realm       pcf.rx.server.cisco.com 
  settings timeouts-ms request 5000 
 exit 
exit 
ldap-server-endpoint connect bind-ip  192.0.2.20 
ldap-server-endpoint connect binddn cn=plfuser 
ldap-server-endpoint connect password $8$1eiow0TCw8sMRzP8czGABoog5Y1DxrD49EGWVmw3PoI= 
ldap-server-endpoint connect port 1399 
ldap-server-endpoint connect request-timeout 5000 
ldap-server-endpoint connect replicas 2 
ldap-server-endpoint connect max-transactions 200 
ldap-server-endpoint health-check-filter name msisdn 
ldap-server-endpoint health-check-filter value 11110100000 
ldap-server-endpoint input-mapping framedipaddress 
 internal-lookup-key IP_ADDRESS 
exit 
ldap-server-endpoint input-mapping imsi 
 internal-lookup-key IMSI 
exit 
ldap-server-endpoint input-mapping msisdn 
 internal-lookup-key MSISDN 
exit 
ldap-server-endpoint output-mapping ACCESS_TYPE 
 input accessType 
exit 
ldap-server-endpoint output-mapping RAT_TYPE 
 input ratType 
exit 
ldap-server-endpoint output-mapping calledstationid 
 input dnn 
exit 
ldap-server-endpoint output-mapping callingstationid 
 input msisdn 
exit 
ldap-server-endpoint output-mapping framedipv4 
 input framedIp 
exit 
ldap-server-endpoint output-mapping framedipv6 
 input framedIpv6Prefix 
exit 
ldap-server-endpoint output-mapping imsi 
 input supi 
exit 
ldap-server-endpoint output-mapping offline_charging 
 input offline 
exit 
ldap-server-endpoint output-mapping online_charging 
 input online 
exit 
ldap-server-endpoint health-check-attributes msisdn 
 value 11110100000 
exit 
//This is a mandatory parameter 
rest-endpoint port   9082 
rest-endpoint tracing-service-name pcf-rest-endpoint 
rest-endpoint replicas 2 
rest-endpoint interface n28 
 ip [  192.0.3.20 ] 
exit 
rest-endpoint interface n7 
 ip [  192.0.3.21 ] 
exit 
rest-endpoint interface n15 
 ip   [ 10.102.3.218 ] 
 port 9082 
exit 
rest-endpoint interface nnrf 
 ip                          [  192.0.2.22 ] 
 outbound-request-timeout-ms 500 
exit 
advance-tuning http2-threading min-thread-pool-size 10 
advance-tuning http2-threading max-thread-pool-size 25 
advance-tuning http2-threading disable-validation false 
advance-tuning overload-control rest global limits max-requests-per-sec 9000 
advance-tuning overload-control rest global action throttle-action REJECT 
advance-tuning overload-control rest global action throttle-action N7_CREATE discard-action DROP threshold-count 3500
 
advance-tuning overload-control rest global action throttle-action N7_CREATE discard-action REJECT threshold-count 2000
 
advance-tuning overload-control diameter global limits max-requests-per-sec 9000 
advance-tuning overload-control diameter global action throttle-action DROP 
advance-tuning async-threading default-worker-threads 20 
advance-tuning async-threading default-queue-size 100 
advance-tuning async-threading default-processing-threads 20 
advance-tuning async-threading http2-connect-timeout-ms 120 
api unified engine-group pcf01production 
//This is a mandatory parameter 
api unified externalIPs [  192.0.2.23 ] 
//This is a mandatory parameter 
api unified external-port 8080 
//This is a mandatory parameter 
engine pcf01production 
//This is a mandatory parameter 
 replicas              2 
//This is a mandatory parameter 
 subversion-run-url    http://svn/repos/run 
//This is a mandatory parameter 
 subversion-config-url http://svn/repos/configuration 
//This is a mandatory parameter 
 tracing-service-name  pcf-engine 
 properties broadcast.tps 
  value 100 
 exit 
 properties ldap.retry.time.ms 
  value 200 
 exit 
 properties loopback.delay 
  value 20 
 exit 
 properties pcf.actions.sync.timeoutMs.default 
  value 410 
 exit 
 properties useZlibCompression 
  value true 
 exit 
 properties virtualservice.cache.enabled 
  value true 
 exit 
 properties virtualservice.evaluate.defaultvs 
  value true 
 exit 
 properties warmup.message.count 
  value 20 
 exit exit 
label protocol-layer key smi.cisco.com/node-type-2 
label protocol-layer value protocol 
label service-layer key smi.cisco.com/node-type-3 
label service-layer value service 
label cdl-layer key smi.cisco.com/node-type-4 
label cdl-layer value session 
label oam-layer key smi.cisco.com/node-type 
label oam-layer value oam 
external-services datastore 
 ips   [  192.0.2.24 ] 
 ports [ 8882 ] 
exit 
profile nf-client nf-type udr 
 udr-profile local-udr 
  locality localudr 
   priority 10000 
   service name type nudr-dr 
    endpoint-profile udr_profile_1 
     capacity   10 
     priority   30 
     uri-scheme http 
     version 
      uri-version v2 
      exit 
     exit 
     endpoint-name udr_ep1 
      primary ip-address ipv4 10.102.4.151 
      primary ip-address port 5182 
     exit 
    exit 
    endpoint-profile udr_profile_2 
     capacity   10 
     priority   30 
     uri-scheme http 
     version 
      uri-version v2 
      exit 
     exit 
     endpoint-name udr_ep1 
      primary ip-address ipv4 10.102.4.151 
      primary ip-address port 5183 
     exit 
    exit 
    endpoint-profile udr_profile_3 
     capacity   10 
     priority   30 
     uri-scheme http 
     version 
      uri-version v2 
      exit 
    exit 
     endpoint-name udr_ep1 
      primary ip-address ipv4 10.102.4.151 
      primary ip-address port 5184 
     exit 
    exit 
   exit 
  exit 
 exit 
exit 
profile nf-client nf-type chf 
 chf-profile local-chf 
  locality localchf 
   priority 10000 
   service name type nchf-spendinglimitcontrol 
    endpoint-profile chf_profile_1 
     capacity   50 
     priority   30 
     uri-scheme http 
     version 
      uri-version v1 
      exit 
     exit 
     endpoint-name chf_ep1 
      primary ip-address ipv4 10.102.1.151 
      primary ip-address port 5082 
     exit 
    exit 
    endpoint-profile chf_profile_2 
     capacity   50 
     priority   30 
     uri-scheme http 
     version 
      uri-version v1 
      exit 
     exit 
     endpoint-name chf_ep1 
      primary ip-address ipv4 10.102.1.151 
      primary ip-address port 5083 
     exit 
    exit 
    endpoint-profile chf_profile_3 
     capacity   50 
     priority   30 
     uri-scheme http 
     version 
      uri-version v1 
      exit 
     exit 
     endpoint-name chf_ep1 
      primary ip-address ipv4 10.102.1.151 
      primary ip-address port 5084 
     exit 
    exit 
   exit 
  exit 
 exit 
exit 
profile nf-pair nf-type UDR 
 nrf-discovery-group    nrf-discovery-group 
 subscription-enabled   true 
 subscription-extension 3 
 locality client  pcf01 
 locality preferred-server loc1 
 locality geo-server loc2 
exit 
profile nf-pair nf-type CHF 
 nrf-discovery-group    nrf-discovery-group 
 subscription-enabled   true 
 subscription-extension 3 
 locality client  pcf01 
 locality preferred-server loc1 
 locality geo-server loc2 
exit 
service-registration services amfService 
exit 
service-registration services smfService 
exit 
//This is a mandatory parameter 
service-registration profile locality pcf01 
//This is a mandatory parameter 
service-registration profile capacity 20 
//This is a mandatory parameter 
service-registration profile priority 10 
//This is a mandatory parameter 
service-registration profile nf-status REGISTERED 
//This is a mandatory parameter 
service-registration profile plmn-list 100 010 
exit 
//This is a mandatory parameter 
service-registration profile snssais 
//This is a mandatory parameter  
1 sd ABCDEF 
exit 
group nf-mgmt nf-mgmt-grpup 
 nrf-mgmt-group nrf-register-group 
 locality       pcf01 
 failover sla 1200 
 reconnect interval 100 
exit 
group nrf discovery nrf-discovery-group 
 service type nrf nnrf-disc 
  endpoint-profile nrf_disc_profile_1 
   capacity   10 
   priority   10 
   uri-scheme http 
   version 
    uri-version v1 
    exit 
   exit 
   endpoint-name nrf_disc_ep1 
    priority 1 
    capacity 10 
    primary ip-address ipv4 192.0.2.26 
    primary ip-address port 8183 
    secondary ip-address ipv4 192.0.2.19 
    secondary ip-address port 8184 
    tertiary ip-address ipv4 192.0.2.15 
    tertiary ip-address port 8185 
   exit 
  exit 
 exit 
exit 
group nrf mgmt nrf-register-group 
 service type nrf nnrf-nfm 
  endpoint-profile nrf_regi_profile_1 
   capacity   10 
   priority   10 
   uri-scheme http 
   version 
    uri-version v1 
    exit 
   exit 
   endpoint-name nrf_regi_ep1 
    priority 1 
    capacity 10 
    primary ip-address ipv4 192.0.1.15 
    primary ip-address port 8183 
    secondary ip-address ipv4 192.0.3.15 
    secondary ip-address port 8184 
    tertiary ip-address ipv4 192.0.2.12 
    tertiary ip-address port 8185 
   exit 
  exit 
 exit 
exit 
cdl system-id          1 
cdl node-type          session 
cdl enable-geo-replication true 
cdl zookeeper data-storage-size 1 
cdl zookeeper log-storage-size 1 
cdl zookeeper replica 3 
cdl remote-site 2 
 db-endpoint host  192.0.2.24 
 db-endpoint port 8882 
 kafka-server 19.102.11.108 10091 
 exit 
 kafka-server 19.102.11.109 10092 
 exit 
 kafka-server 19.102.11.110 10093 
 exit 
exit 
cdl label-config session 
 endpoint key smi.cisco.com/node-type-4 
 endpoint value session 
 slot map 1 
  key   smi.cisco.com/node-type-4 
  value session 
 exit 
 slot map 2 
  key   smi.cisco.com/node-type-4 
  value session 
 exit 
 slot map 3 
  key   smi.cisco.com/node-type-4 
  value session 
 exit 
 slot map 4 
  key   smi.cisco.com/node-type-4 
  value session 
 exit 
 index map 1 
  key   smi.cisco.com/node-type-4 
  value session 
 exit 
 index map 2 
  key   smi.cisco.com/node-type-4 
  value session 
 exit 
exit 
cdl logging logger datastore.ep.session 
 level debug 
exit 
cdl logging logger datastore.index.session 
 level debug 
exit 
cdl logging logger datastore.slot.session 
 level debug 
exit 
cdl datastore session 
 cluster-id      1 
 label-config    session 
 geo-remote-site [ 2 ] 
 endpoint replica 2 
 endpoint external-ip 10.102.11.218 
 index replica 2 
 index map 2 
 slot replica 2 
 slot map 4 
 slot notification limit 25 
exit 
cdl kafka replica 3 
cdl kafka storage 1 
cdl kafka label-config key smi.cisco.com/node-type-4 
cdl kafka label-config value session 
cdl kafka external-ip 10.102.11.104 10091 
exit 
cdl kafka external-ip 10.102.11.105 10092 
exit 
cdl kafka external-ip 10.102.11.106 10093 
exit 
system mode running 
helm default-repository base-repos 
helm repository base-repos 
 url https://charts.10.100.11.107.nip.io/pcf.2020.05.m0.i33 
exit 
k8s name          cl-hawaii-s1 
k8s namespace     pcf-pcf-hawaii-s1 
k8s nf-name       pcf 
k8s registry      docker.10.100.11.107.nip.io/pcf.2020.05.m0.i26 
k8s single-node   false 
k8s use-volume-claims true 
k8s ingress-host-name 10.84.102.200.nip.io 
k8s nodes cl-hawaii-s1-master-1 
 node-type   master 
 worker-type master 
exit 
k8s nodes cl-hawaii-s1-master-2 
 node-type   master 
 worker-type master 
exit 
k8s nodes cl-hawaii-s1-master-3 
 node-type   master 
 worker-type master 
exit 
aaa authentication users user admin 
 uid        1117 
 gid        1117 
 password   $1$ywmCvRqU$e1ho7HLAmgfQS5LT9HAXQ. 
 ssh_keydir /tmp/admin/.ssh 
 homedir    /tmp/admin 
exit 
aaa ios level 0 
 prompt "\h> " 
exit 
aaa ios level 15 
 prompt "\h# " 
exit 
aaa ios privilege exec 
 level 0 
  command action 
  exit 
  command autowizard 
  exit 
  command enable 
  exit 
  command exit 
  exit 
  command help 
  exit 
  command startup 
  exit 
 exit 
 level 15 
  command configure 
  exit 
 exit 
exit 
nacm write-default deny 
nacm groups group admin 
 user-name [ admin ] 
exit 
nacm groups group policy-admin 
 user-name [ admin ] 
exit 
nacm rule-list admin 
 group [ admin ] 
 rule any-access 
  action permit 
 exit 
exit 
nacm rule-list confd-api-manager 
 group [ confd-api-manager ] 
 rule any-access 
  action permit 
 exit 
exit 
nacm rule-list ops-center-security 
 group [ * ] 
 rule change-self-password 
  module-name       ops-center-security 
  path              /smiuser/change-self-password 
  access-operations exec 
  action            permit 
 exit 
 rule smiuser 
  module-name       ops-center-security 
  path              /smiuser 
  access-operations exec 
  action            deny 
 exit 
exit