OOM Guilin Release Proposal

"Internal" plan

By Order of priority

Passwords

Continue the removal of harcoded credentials, in this (proposed) order:

  • PostgreSQL

  •  Cassandra

    • As long as we're able to set an admin user → maybe need to find a new image → not simple

  • DMaaP (tentative)

  • AAI (tentative)

  • SDC (tentative)

  • SO (tentative)

Certificates

Start the certificates hunting and (try to) uses "aaf init" template.

Fyi, current "known" hardcoded certificates: https://github.com/onap/oom/blob/master/docs/oom_hardcoded_certificates.rst

Upgrade

let's work to have "ONAP Core" (AAF, AAI, SDC, SDNC, SO, DMaaP) fully upgradable from F to G (with their databases components, cassandra, mariadb, ...).

Current status is AAI and SO already there, SDN-C should be good for F release.

Allow choice of subcomponents during "big" components installation

Today, we can select what we want for deployment on DMaaP, AAI and soon contrib.

let's add the same for SDC, SO, Multicloud, SDNC, APPC, VFC, Policy and maybe other.

Should be "simple".

Follow version proposed by SECCOM

SECCOM Version Board

Kubernetes 1.18

Reuse all our templates to make ONAP 1.16+ (and then 1.18) compatible (can be long)

Mariadb upgrade

Move to 10.2+ (change base image, can be long)

PostgreSQL upgrade

Move to 12.2, should be "simple"

Cassandra upgrade

Move to 3.11.6, should be "simple"

External plan (A.K.A expectations from other projects)

  • All logs to STDOUT

  • Certificates

  • Crash when Issue (and not "wait for I don't know" or exit with status 0)

  • AAF integration must be settable to off

  •  MSB integration must be settable to off

  • Well formatted commit messages --> with format:

    • title: [NAME_OF_COMPONENT|DOC|GENERIC] Real Title

    • blank line

    • at least one sentence explaining the change done in this patch, cause and consequences and possibly more of course

    • blank line

    • Issue-ID, Change-ID, Signatures, ...

Tentative / PoC

  • Make Ingress default deployment

  • Make Deployment with storage class default deployment

  • check storage asked for PVC is consistent with actual deployments

  • Service Mesh PoC continuation

  • All pods have requests/limits

  • request/limits bad values hunting