Versions Compared

Version Old Version 4 New Version Current
Changes made by

Vijay Kumar

Kornel Janiak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Bridge

[dcaegen2] Team ONAP11, Wed UTC 14:30

https://zoom.us/j/824147956

...


 Time (est) Topics Requester/Assignee Notes/Links




START RECORDING

PARTICIPANT LIST

1
Project Status

Vijay Kumar

Release Status  

Frankfurt Milestone Status#RC1




DCAE Blockers/High priority

Jira Legacy
serverSystem Jira
jqlQueryfilter=12210
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176





DCAE Outstanding Jira & MED priority bugs 

DCAEGEN2-2219 - DFC's SFTP client doesn't protect from MITM attacks 


Open items from last meeting

  • DCAEGEN2-2194  runtTime 1.0.2 exception and import error

  • DCAEGEN2-2191 PH subscription error from Dmaap

  • DCAEGEN2-2193  During Deployment of Pm Mapper and Data File Collector fails in R6 release

  • DCAEGEN2-2170  Switch DCAE MOD components to non-root user (related to DCAEGEN2-2121) 
  • DCAEGEN2-2171 DL containers running as root(related to DCAEGEN2-2121)  - 4/1 - WIP
  • DCAEGEN2-2173,DCAEGEN2-2181, DCAEGEN2-2175 (PMSH) - Fiachra Corcoran will priortize and send email
  • DCAEGEN2-2067 VESCollector API/spec updates under documentation.
  • DCAEGEN2-2141 - Documentation warning  
  • AAF-1081 : Env issue; blocks DCAEGEN2-2042 Update DCAE certificates (Dashboard, PMSH SAN).
    • 4/1 - PMSH documentation to include workaround steps. 
  • CLAMP-650 - CLAMP not supporting blueprints (PMSH) with postgres plugin (workaround will be to onboard policy separate and use dashboard/consul)
    • Workaround will not involve CLAMP; so this defect/fix to be checked and moved to Guilin if still issue - David Farrelly  
    • 4/29 - Fix validated 
2
DCAE bootstrap updates

Vijay Kumar

Further blueprint updates will be assessed case by case if bootstrap version release is required

  • SON_handler - 2.0.2 (release pending)
  • DataFileCollector - TBA

4/7 - onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.5  released.

  • Datalake Handler (1.0.2)
  • PMSH 1.0.3

4/1 - Frankfurt 1.12.4 Bootstrap released 

  • PMSH 1.0.2 
  • VES HTTP disabled

3/25 1.12.3 Merged - delivered to oom

  • PMSH  - Merged  (1.12.2)
  • SON_handler - Merged
  • RESTConf - Merged (EL-Alto version) (1.12.3 - Release pending)
  • DL-Handler  - Merged (1.12.3)
  • Heartbeat - Merged (EL-Alto version)  (1.12.3 - Release pending)
  • VES Mapper - Merged (EL-Alto version)  (1.12.3 - Release pending)
  • BBS_Eventprocessor - Merged  (1.12.2)
  • DFC - Merged
  • VES 1.5.4 (1.12.3)
  • TCAGen2 1.0.1 (1.12.3) 

Reference : https://lists.onap.org/g/onap-discuss/message/20046  Blueprint management for Frankfurt - DCAEGEN2-2041

3
HV_VES Performance test 

Kornel Janiak

Review tools/setup introduced under https://gerrit.onap.org/r/c/dcaegen2/collectors/hv-ves/+/106356 

View file
nameHV-VES_PerformanceBaseline.pptx
height250

  • Complete performance test/report to be available end of May
  • Test report to include below
    • Test-setup/infrastructure
    • Peak load metrics
  • Documentation on generic tools/test container setup
4
CBS TLS in SDK

Piotr Wielebski

Review recent discussion on : https://gerrit.onap.org/r/#/c/dcaegen2/services/sdk/+/94266/ and identify next step

Confluence: TLS support for CBS - Migration Plan

Current implementation relies on trust.jks being available. Following options to be explored

  • Option 1: Work/address issue around using cacert.pem for CBS connection (original proposal)
  • Option 2: Enabled use_tls: true for all DCAE MS deployment (in blueprint) to ensure all AAF cert/trust and distributed (regardless of the MS/component being setup as server or not)
  • Option 3: Modify K8s plugin to include trust.jks distribution by default along with cacert.pem

Note: Current SDK change https://gerrit.onap.org/r/#/c/dcaegen2/services/sdk/+/94266/ relies on Option#2

3/11 - New k8plugin released (2.0.0) and corresponding CM container released. Platform updates completed. Need test of HV_VES with new plugin - Piotr Wielebski

4/29, 4/1 - tested on HV-VES 1.4.0 - not workingException in thread "main" org.onap.dcaegen2.services.sdk.security.ssl.exceptions.ReadingPasswordFromFileException: Could not read password from /etc/ves-hv/ssl/jks.pass   

    - jks.pass is distributed only when use_tls is set to true; need to be checked if app expects cert as server?  Piotr Wielebski  

5
Repo Branching 

Branching/tagging completed for all DCAE repo except  dcaegen2 (documentation)

Documentation repo branching targetted for  

Committer must ensure new submissions are cherrypicked into Frankfurt branch

  • dcaegen2/analytics/tca
  • dcaegen2/analytics/tca-gen2
  • dcaegen2/collectors/datafile
  • dcaegen2/collectors/hv-ves
  • dcaegen2/collectors/restconf
  • dcaegen2/collectors/snmptrap
  • dcaegen2/collectors/ves
  • dcaegen2/deployments
  • dcaegen2/platform
  • dcaegen2/platform/blueprints
  • dcaegen2/platform/configbinding
  • dcaegen2/platform/deployment-handler
  • dcaegen2/platform/inventory-api
  • dcaegen2/platform/plugins
  • dcaegen2/platform/policy-handler
  • dcaegen2/platform/servicechange-handler
  • dcaegen2/services
  • dcaegen2/services/heartbeat
  • dcaegen2/services/mapper
  • dcaegen2/services/pm-mapper
  • dcaegen2/services/prh
  • dcaegen2/services/sdk
  • dcaegen2/services/son-handler
  • dcaegen2/utils





6
Guilin Items

Vijay Kumar

DCAE Guilin Priorities

7
AAF change impact

Fiachra Corcoran Jack Lucas

aaf_agent (2.1.20) changed in Frankfurt generates cert as non-root; need to assess impact to dcae TLS init (currently uses 2.1.15)

  • one option is for separate truststore for external (discussed under CMPv2)
  • resolve the ownership for current cert/truststore to non-root user (common onap usergroup + and add into separate container)
    • change aaf_agent to default to non-root

DCAE change to be assessed based on CMPv2 proposal; generic onap/usergroup to be discsussed with AAF team - Vijay Kumar



Certificate for components/instance (wild card support)>Frankfurt

PMSH may need to support multiple instance per different usecase. The certificate generation should be supported at instance level (possible AAF dependency

4/29 - Policy may be using wildcard - *.pdp, *.pdp.onap.svc.cluster.local ; to be confirmed if supported from AAF currently - Vijay Kumar

2/20  -

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyDCAEGEN2-2084
to track this request for DCAE; AAF dependency will be discussed post Frankfurt and corresponding AAF Jira to be created






Frankfurt Artifacts Release versions

Check "Artifacts released" section under RTD - https://docs.onap.org/en/latest/submodules/dcaegen2.git/docs/sections/release-notes.html

Open Action Items


...