...
In Casablanca, MSB mainly focuses on the integration of Istio service mesh with ONAP to enhance OMSA, while keeping the Istio integration compatible with the existing MSB API Gateway approachesapproach.
- Integrate Istio with ONAP to provide a reliable, secure and flexible service communication layer (service discovery/retries/circuit breaker/route rule/policy)
- Integrate with CNCF projects jaeger to provide distributed tracing Prometheus and Grafana for metrics collection and display
- Add MSB Portal to control plane to provide service catalog, swagger UI of Restful API, service mesh configuration, etc
...
- Manage ONAP Microservices with Istio Service Mesh
- Manage ONAP Microservices with Istio Service Mesh-Mutual TLS Authentication Enabled
- Current issues with Istio integration with mTLS enabled
Proposed migration approach: Service Mesh Migration
S3P Updates
- Security
- CII CII passing Badge
- SONAR code coverage. Reach or surpass the 50% goal on all repos.
- Nexus IQ scans:
- All critical license issues are cleared
- Most of the critical security issues are cleared. The left one is Remote Code Execution (RCE) introduced by the jackson-bind, which is an indirect dependency of some fundamental 3-party libraries such as dropwizard, Hibernate and swagger . We are still looking for possible solution or mitigation.
- and it can't be simply replaced/removed. After analyzing these reports, It turns out all these issues are false positive, see this wiki page for detailed explanation.
- HTTPS endpoint at MSB API gateway has been provided for encrypted communication
- Scalability and Resiliency
No update- Scalability: MSB API Gateway and Discovery have been deployed in a cluster of two instances, and they can be horizontally scaled to more instances for large scale.
- Resiliency: K8s liveness probe is used to check the health status of MSB component.
- Performance and stability
- Define performance metrics and set up a baseline
Jira Legacy server System Jira columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 4733707d-2057-3a0f-ae5e-4fd8aff50176 key MSB-116
- Integrate with logging enhancement project to provide central Logging
Jira Legacy server System Jira columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 4733707d-2057-3a0f-ae5e-4fd8aff50176 key MSB-145Test the API Gateway baseline performance
- Define performance metrics and set up a baseline
- Manageability
- Integrate with logging enhancement project to provide central Logging
Filebeat sidecar has been installed in MSB pod to collect the logs.
Could Logging project support the collection of Docker container logs(stdout/stderr) besides file log?
- Integrate with logging enhancement project to provide central Logging
...