Agenda
- log4shell:
- recommended version for log4j2 is 2.16 and / or add a flag as a quickfixes (https://www.zdnet.com/article/second-log4j-vulnerability-found-apache-log4j-2-16-0-released/)
- [DCAE] Log4j vulnerability fix | https://gerrit.onap.org/r/c/oom/+/126236
- [SDNC] Mediate log4shell vulnerability | https://gerrit.onap.org/r/c/oom/+/126226
- [CDS] Remediate log4shell vulnerability | https://gerrit.onap.org/r/c/oom/+/126232
- OOM Cert Service is also impacted. Needs to see how to fix if needed
- OOM committers:
- Krzysztof Opasiak will step down start of January
- Mike Elliott and Borislav Glozman are not really present
- Asked Gareth Roper if he wants to be a committer
- DCAE: only log4shell
- POLICY:
- first "automated" review from Liam Fallon
- [POLICY] Update docker images to latest versions | https://gerrit.onap.org/r/c/oom/+/126213
- first "automated" review from Liam Fallon
- Service Mesh:
- SDC: Othman Touijer and Gareth Roper
- we have a SDC working on Service Mesh
- need to have a clean gate before merge
- able to launch basic_onboard
- CDS: Othman Touijer
- we have an almost working version with sdc communication !
- should be merged / or at least ready this week
- SO: next on the pipe
- SDNC: needed for vm onboarding → stretch goal for DDF for a demo
- SDC: Othman Touijer and Gareth Roper
- Database consolidation:
- polishing part of the code:
- postgres: A. Seaudi
- [DCAE] Use common postgres for DCAE | https://gerrit.onap.org/r/c/oom/+/124776
- [DMAAP] Use common postgress for dmaap bc | https://gerrit.onap.org/r/c/oom/+/124773
- [VNFSDK] Use common postgres for vnfsdk | https://gerrit.onap.org/r/c/oom/+/125081
- mariadb: Mahmoud Abdelhamid
- [POLICY] Use common mariadb instance | https://gerrit.onap.org/r/c/oom/+/123718
- [CDS] Update chart to use common mariadb-galera | https://gerrit.onap.org/r/c/oom/+/121936
- cassandra: A. Seaudi
- [PORTAL] Migrate Portal to shared cassandra | https://gerrit.onap.org/r/c/oom/+/124345
- move to gitlab: Sylvain Desbureaux
- https://gitlab.com/onap/oom/oom/
- [GLOBAL] Move to Gitlab | https://gerrit.onap.org/r/c/oom/+/126150
- an issue has been found
- waiting for krzysztof +2
- proposition: move to gitlab beginning of 2022
- Jakarta:
- Move to k8s 1.22 on Azure: planned beginning of 2022
- needed to be merged:
- [AAI] Use a recent HAProxy | https://gerrit.onap.org/r/c/oom/+/124180
- [GLOBAL] Bump Nginx image | https://gerrit.onap.org/r/c/oom/+/126191
- [GLOBAL] Bump Kubectl image | https://gerrit.onap.org/r/c/oom/+/126190
- [GLOBAL] Bump Java JRE image | https://gerrit.onap.org/r/c/oom/+/126189
- [GLOBAL] Bump curl image | https://gerrit.onap.org/r/c/oom/+/126188
- [GLOBAL] Bump busybox image | https://gerrit.onap.org/r/c/oom/+/126187
- already merged:
- [COMMON][MARIADB] Bump version to 10.6.5 | https://gerrit.onap.org/r/c/oom/+/126101
- [COMMON][MONGO] Bump Mongo to latest 4.x version | https://gerrit.onap.org/r/c/oom/+/126103
- needs to see how to bump:
- cassandra (4 or 3?)
- postgresql (stick to cruynchy or not)
- etcd (current image is not supported anymore)
- questions: @seccom (Paweł Pawlak Amy Zwarico )
- consul?
- redis?
- still have some containers with several process (UUI, VFC, ...) → what do we do?