Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Duration 90 minutes

Agenda ItemsPresented byTimeNotes/LinksJIRA Tasks
Subcommittee Update30 mins

Dublin Use Cases Update

View file
nameONAP-use cases and functional requirements status for Dublin Release.pptx
height250



Casablanca Maintenance Release30 mins

Casablanca Maintenance Release Guidelines already shared with PTLs

View file
nameONAP Casablanca TSC Dec6Version1.pdf
height250

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-34

Any Infrastructure Improvement/PlanLinux Foundation5 mins

Any LF showstopper

ONAP Helpdesk #65225, 64966 (CLM Issues)


Security Matters

30

mins

Note: CLM and Sonar jobs run on master - should we also add casablanca versions to the ci-management yaml - ie: https://git.onap.org/ci-management/tree/jjb/logging-analytics/logging-analytics.yaml#n23 - Michael O'Brien

Addressing nexus-iq server down 20181104

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyCIMAN-225

https://lists.onap.org/g/onap-discuss/topic/clm_nexus_iq_server_error/28625920?p=,,,20,0,0,0::recentpostdate%2Fsticky,,,20,2,0,28625920

btw https://nexus-iq.wl.linuxfoundation.org/assets/index.html#/reports/onap-aai-champ/d648d37d689c47fa95490778941f32ba works

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-29

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-32

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-39

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-49

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-50

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-58

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-59

Undercloud Security CLM/CVE

5 mins

1:21

A requirement to manage the CLM security of the undercloud infrastructure.

Docker, Kubernetes versions

Several of us cl664y@att.com Michael O'Brien Mike Elliott James MacNider ran into the new level 9 CVE on Tue

https://github.com/kubernetes/kubernetes/issues/71411

According to the shared-responsibility model - the cloud provider handles physical/VM/blade security, however it is our responsibility to keep up with CVE issues in our undercloud stack (Ubuntu 16, Docker 17, Kubernetes 1.11, Helm 2.9, Rancher 1.6)


Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-75

related

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyOOM-1539

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-895

(and 4 other jiras for the other installs)

TSC Activities and Deadlines

ONAP TSC Special Election: Chaker Al-Hakim has been elected

Kick-Off TSC Vice-Chair self-nomination - deadline: December 12th, 2018 Noon PST

https://lists.onap.org/g/onap-tsc/topic/tsc_vice_chair_elections_call/28617002?p=,,,20,0,0,0::recentpostdate%2Fsticky,,,20,2,0,28617002

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyTSC-3

Incoming ONAP Events5 mins

ONAP Project Developers Event, Dec 10 - 12, 2018, (Virtual Webinars)

Jan 8-11 - Dublin Release F2F Developer Design Forum (France): https://wiki.lfnetworking.org/pages/viewpage.action?pageId=8257579   

Feel free to request your VISA: http://events.linuxfoundation.org/visa-request

Submit your proposal: https://wiki.lfnetworking.org/display/LN/OPNFV-ONAP+January+2019+Session+Proposals

TSC-7 - Confirm/Setup Dublin Developer Forum before Dublin release In Progress

Zoom Chat Log: 
Anchor
zoom
zoom

05:59:10 From Viswa KSP ( Verizon ) : #info Viswa, Verizon
05:59:44 From Alla Goldner : #Alla Goldner, Amdocs
05:59:57 From Andreas Geissler (Deutsche Telekom) : #info Andreas Geissler (DT)
06:00:22 From Yan Chen : #info Yan Chen?China Telecom
06:00:25 From Catherine Lefevre : #info, Catherine Lefevre (AT&T)
06:00:37 From Jason Hunt : #info Jason Hunt, IBM
06:00:38 From Ranny Haiby : #info Ranny Haiby, Nokia
06:00:59 From Bin Yang (Wind River) : #info Bin Yang, Wind River
06:01:08 From Eric Debeau : #info Eric Debeau, Orange
06:02:08 From Kedar Ambekar : #info proxy Kedar Ambekar, TechMahindra
06:02:48 From Alla Goldner : #info Alla Goldner, Amdocs
06:03:08 From Murat Turpcu ( Turk Telekom) : #info Murat Turpcu, Turk Telekom
06:03:38 From Catherine Lefevre : #action we are canceling meetings conflicting with V2F
06:05:04 From Gildas Lanilis : #Action schedule PTL meetig on Monday (after vF2F) at 8:00 am PST.
06:05:08 From Kenny Paul (LFN) : #topic Dublin Usecase Update
06:05:10 From Alexis de Talhouët : #info Alexis de Talhouët; Bell Canada
06:05:55 From Catherine Lefevre : #action (Kenny) add bridge for V2F
06:07:26 From John Quilty : #info John Quilty Ericsson proxy for Stephen Terrill
06:07:50 From Kenny Paul (LFN) to Alexis de Talhouët (Privately) : seen. thank you
06:07:53 From Chaker Al-Hakim : #info Chaker Al-Hakim, Huawei
06:08:04 From Kenny Paul (LFN) to John Quilty (Privately) : seen. thank you
06:08:15 From Kenny Paul (LFN) to Chaker Al-Hakim (Privately) : seen. thank you.
06:08:51 From Kenny Paul (LFN) to Murat Turpcu ( Turk Telekom) (Privately) : seen. thank you
06:11:19 From Kenny Paul (LFN) : Alla reports that usecase requirements are not likely to be available next week for VF2F
06:12:31 From Viswa KSP ( Verizon ) : Does this mean that M1 of R4 likely to get delayed ?
06:13:03 From Gildas Lanilis : @Viswa. date won't chnage
06:13:11 From Gildas Lanilis : M1 is Jan 17.
06:13:36 From Viswa KSP ( Verizon ) : Thnx Gildas
06:14:50 From NingSo : #info Ning So, Reliance Jio
06:15:02 From Kenny Paul (LFN) to NingSo (Privately) : seen. thankyou
06:15:49 From Catherine Lefevre : #action items for the subcommittees - prepare your first top 3 requirements (Use Case, Security, architecture, contriol loop and modeling)
06:17:25 From Catherine Lefevre : these first 3 top items are they meeting the checklist ....
06:17:31 From Catherine Lefevre : Did they meet the checklist? • [SP Interest] • Reqs Details: • Use Case/Archi Review: • Impacted Components
06:17:55 From Catherine Lefevre : then we can pursue with with PTLs on • Estimates (T-Shirt): • Committed Resources:
06:18:05 From Catherine Lefevre : Estimates = DEV & TEST
06:20:12 From Catherine Lefevre : Feedback received - is there a way to highlight functionalities through these use cases
06:22:25 From Kenny Paul (LFN) : https://wiki.onap.org/display/DW/SP+priorities+for+Dublin
06:23:12 From Eric Debeau : +2 with Alexis
06:25:02 From Catherine Lefevre : The question that we need to answer as TSC: shall we focus on our "technical debt" (documentation, security, remove hardcode, container optimization) = TSC MUST HAVE and maybe select 1 requirement from each subcomittee?
06:25:37 From Catherine Lefevre : onap capacity seems to be fixed
06:26:17 From Catherine Lefevre : Use cases could be part of our 3 years roadmap?
06:28:40 From Kenny Paul (LFN) : #topic Casablanca Maint. Release
06:29:09 From Alla Goldner : we must define, I believe, 3 highest priority items per eaxh subcommittee, S3P, etc.
06:29:28 From Alla Goldner : then we commit to those, and optionally to additional things, if there are resources available
06:29:35 From Alla Goldner : can this be a way forward?
06:30:03 From Kenny Paul (LFN) : M1 Dec 10: scope locked
06:30:41 From Kenny Paul (LFN) : only high/highest, security updates, doc imporovements
06:30:52 From Kenny Paul (LFN) : NO NEW FEATURES
06:31:23 From Kenny Paul (LFN) : commit to casablanca branch, cherry pick into master
06:31:37 From Eric Debeau : ExtrenalAPI/NBI may also be part of Csa Release
06:32:59 From Alexis de Talhouët : > commit to casablanca branch, cherry pick into master
06:33:10 From Alexis de Talhouët : just for fixes, please. No new features
06:33:19 From Kenny Paul (LFN) : usecaseui-174
06:34:26 From Catherine Lefevre : severity has been increased to Hghest
06:35:41 From Steven Wright : VNFRQTS (like Docs) may have some updates for the maintenance branch
06:35:45 From Catherine Lefevre : TSC members and proxies, please add #info, your name, company name if you have joined after the meeting has started. Thank you
06:36:05 From Viswa KSP ( Verizon ) : Do we have a upgrade path from R3 to R3 Maint release ?
06:36:32 From Kedar Ambekar : I am increasing severity of TEST-133 to High to get it included in maintenance release.
06:36:57 From Catherine Lefevre : # action (PTL call) OOM Helm charts wil move to projects by dublin. To be discussed during PTL call
06:37:19 From Kenny Paul (LFN) : if a docker image changes the project teams are responsible for providing updates
06:39:13 From Brian : robot
06:42:25 From Kenny Paul (LFN) : TEST-133 == feature, to be targeted for Dublin., not Casablanca maint.
06:42:33 From Catherine Lefevre : Can we start to move to upgrade release as part of Dublin to avoid rebuilding environment from scratch?
06:42:52 From Catherine Lefevre : Mike will make a presentation at V2F
06:44:58 From Kenny Paul (LFN) : #topic Security
06:49:27 From Gildas Lanilis : @Brian F. My access to https://nexus-iq.wl.linuxfoundation.org/assets/index.html#/reports/onap-aaf-authz/b343e31d9e574e0486fccb6888bb906a works fine.
06:49:43 From Kenny Paul (LFN) : #action kenny follow-up with Rel-Eng on nexus IQ issues
06:50:48 From Gildas Lanilis : Regarding CLM access to Casablanca LF Ticket 64966 opebed.
06:52:30 From Michael O'Brien(Amdocs,LOG) : https://wiki.onap.org/display/DW/Security+Space+Wiki+Access+List
06:55:33 From Catherine Lefevre : #action PTLs to add their SMEs to Michael's wiki
06:57:24 From Catherine Lefevre : #action Kenny - to meet Sonatype and have a readout by F2F meeting - stretch goal: Jan 3rd
07:02:06 From Michael O'Brien(Amdocs,LOG) : example from my github - personal projects
07:02:07 From Michael O'Brien(Amdocs,LOG) : obriensystems’s repository security updates from the week of Nov 27 - Dec 4


obrienlabs organization organization
Warning!
obrienlabs / biometric
Known security vulnerabilities detected

Dependency
com.fasterxml.jackson.core:jackson-databind
Version
< 2.6.7.1
Upgrade to
~> 2.6.7.1
Vulnerabilities
CVE-2017-7525 High severity
CVE-2017-7525 High severity
CVE-2018-7489 High severity
CVE-2018-7489 High severity
CVE-2017-17485 High severity
View 1 more
Defined in
pom.xml
07:02:22 From Michael O'Brien(Amdocs,LOG) : Your GitHub security alerts for the week of Nov 27 - Dec 4
07:02:32 From Michael O'Brien(Amdocs,LOG) : mail and on the admin page
07:02:58 From Michael O'Brien(Amdocs,LOG) : agree that the microsoft tool is not well defined enough for us
07:03:47 From Kenny Paul (LFN) : TSC-32 - sonotype replacement investigation
07:05:12 From Dan Timoney : I thought I remembered discussions before Casablanca about enhancements to NexusIQ that would scan our code itself for new vulnerabilities (e.g. potential buffer overflow exploits). Is that still in the works?
07:05:52 From Kenny Paul (LFN) : SEC-50 oparent.pom as an alternative fix
07:06:16 From Michael O'Brien(Amdocs,LOG) : logging/pomba uses oparent very well
07:09:29 From Catherine Lefevre : #action PTL call - oparent will be supported bu Integration team to support common vulenrabilities, get adoption by PTLS and provide feedback to TSC
07:11:59 From Catherine Lefevre : #Action Alexis - resume discussion with ODL to fix vulneabilities so we can consume it
07:12:10 From Michael O'Brien(Amdocs,LOG) : sorry forgot to put myself on mute at 1:07:20 - sorry about that 10 seconds
07:12:25 From Kenny Paul (LFN) : oh. lol
07:13:42 From Catherine Lefevre : TSC-39 adoption of code of conduct
07:13:43 From Catherine Lefevre : CNCF has a CoC that could be edited and put forth as a starting place: https://github.com/cncf/foundation/blob/master/code-of-conduct.md
07:14:48 From Keong Lim k00759777 : cannot see screen share of the other page
07:19:27 From Keong Lim k00759777 : what is the governance around updating the CoC?
07:20:29 From Catherine Lefevre : do u see it know Keong?
07:21:23 From Kenny Paul (LFN) : TSC-39 CoC
07:21:49 From Keong Lim k00759777 : yes, i saw the screen share
07:21:56 From Michael O'Brien(Amdocs,LOG) : yes, my mike
07:22:00 From Michael O'Brien(Amdocs,LOG) : I will update the TSC
07:22:41 From Michael O'Brien(Amdocs,LOG) : @Michael O'Brien will update the TSC on TSC-25
07:24:18 From Catherine Lefevre : @mike - feel free to add to 12/13 agenda - thanks - Toolchain Matters
07:25:38 From Kenny Paul (LFN) : #topic housekeeping
07:26:23 From Kenny Paul (LFN) : LF shutdown Dec 17 - Jan 2 - emergency requests only - use helpdesk
07:26:49 From Kenny Paul (LFN) : Confluence upgrade next week
07:27:05 From Catherine Lefevre : #action OOM/Integration team to meet to plan update labs regarding K8S/CLM vulnearbility issues
07:27:30 From Kenny Paul (LFN) : #topic undercloud security CLM/CVE
07:28:02 From Catherine Lefevre : #action - identify a tool for docker scan --- TSC-58
07:28:03 From Kenny Paul (LFN) : OOM-1539
07:28:20 From Amy Zwarico : •Kubernetes v1.0.x-1.9.x •Kubernetes v1.10.0-1.10.10 (fixed in v1.10.11) •Kubernetes v1.11.0-1.11.4 (fixed in v1.11.5) •Kubernetes v1.12.0-1.12.2 (fixed in v1.12.3)
07:28:42 From Amy Zwarico : https://github.com/kubernetes/kubernetes/issues/71411
07:29:14 From Lior Nachmias AT&T : Thank you


Zoom Attendance Log 
Anchor
attendance
attendance

TSC Members Attendance: 89%

View file
nametsc-attendees-2018-12-06.pdf
height250


TSC Decisions  

2018 TSC Decisions


Action Items

  •  Meetings conflicting with the ONAP Virtual Event will be canceled
  •  Subcomittees to prepare their top 3 requirements (UseCase, Security, Control Loop, Modeling and Architecture)
  •  (Gildas/PTL Call): OOM Helm Charts will move to the project's responsibility by Dublin
  •  PTL to add their security SME to Michael's wiki by December 11th, 2018 -
    Jira Legacy
    serverSystem Jira
    serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
    keyTSC-29
  •  Kenny to meet Sonatype and a readout by F2F meeting or stretch goal: 2019/1/3 -
    Jira Legacy
    serverSystem Jira
    serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
    keyTSC-78
  •  oparent will be supported by the Integration team to support common vulnerabilities, need to get adoption by PTLS and to provide feedback to TSC
  •  Alexis will resume discussions with ODL - 
    Jira Legacy
    serverSystem Jira
    serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
    keyTSC-77
  •  OOM/Integration team to meet to plan update labs regarding K8S/CLM vulnerability issues
  •  Identify a tool for docker scan -
    Jira Legacy
    serverSystem Jira
    serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
    keyTSC-58