...

Organization Mgmt, Sales Strategies - There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 

Container rootfs has to be mounted readOnly

Key Contacts -  Krzysztof Opasiak Paweł Pawlak Amy Zwarico Sylvain Desbureaux

Executive Summary - By design containers running in kubernetes should be ephemeral and stateless. It's a good security practice to mount their rootfs as a read only

Business Impact - Improves ONAP security and reduces the number of potential failures during ONAP deployment.

Business Markets - All operators, service providers and entities using ONAP.  

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies - There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 

Application config should be fully prepared before starting the application container

Key Contacts -  Krzysztof Opasiak Paweł Pawlak Amy Zwarico Sylvain Desbureaux

Executive Summary - Editing config files with sed from docker entrypoint script often causes a lot of silent failures in OOM deployments. Instead, config should be either provided as a ConfigMap and templated using helm or generated in the init container before the main application container comes up.

Business Impact - Reduces the number of potential failures during ONAP deployment and thus makes it more reliable.

Business Markets - All operators, service providers and entities using ONAP.  

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies - There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider.