Add free5GC as an example CNF

[marketa-zejdova]

Description

Introduce free5GC as an example CNF that is fully deployable and testable via the CNTi test suite.

Issues:

Refs: #2374

How has this been tested:

• Covered by existing integration testing
• Added integration testing to cover
• Verified all A/C passes
  • develop
  • master
  • tag/other branch
• Test environment
  • Shared Packet K8s cluster
  • New Packet K8s cluster
  • Kind cluster
• Have not tested

Types of changes:

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update

Checklist:

Documentation

• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• No updates required.

Code Review

• Does the test handle fatal exceptions, ie. rescue block

Issue

• Tasks in issue are checked off

[collivier]

@marketa-zejdova could we leverage public helm charts instead of duplicating all files in our tree ?

[collivier]

+ it would be great to cover this example cnf via gate jobs

[marketa-zejdova]

@marketa-zejdova could we leverage public helm charts instead of duplicating all files in our tree ?

For now, I used a local copy of the free5GC Helm chart as a temporary solution. The upstream chart is still missing some changes needed for this deployment to work reliably (mainly MongoDB storage and kind compatibility).

I also had to make a few adjustments on our side to get it running on kind.

Because of that, I didn’t want to pull the chart directly from their development branch, as it could introduce breaking changes.

I agree that copying the chart is not ideal long-term. Would it be better to reference a public Helm repository here, or possibly publish a stabilized version of this chart somewhere (if we have an internal Helm registry)?

[marketa-zejdova]

• it would be great to cover this example cnf via gate jobs

I agree this would be useful. We are planning to handle it in a follow-up PR.

[martin-mat]

Why exactly is this needed? What issues does this address? That does not make sense to me on a first glance.

[martin-mat]

Elaborate more in details what do you mean by this. What is impact on CNTi tests?

[martin-mat]

What do you mean "may fail"? We should know cert test execution results of Free5GC. Be more specific. List tests that fail and reasoning.

[martin-mat]

Does control plane really require this?

[marketa-zejdova]

Without the allowedUnsafeSysctls the upf pods fail after cnf_install with SysctlForbidden