Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents


SUPPORT FOR IPv4/IPv6 DUAL STACK DEPLOYMENTS IN R8 (REQ-432)

R8 PRESENTATION:

ITEMDETAILS
R8 Presentation
Recording mp4
Audio only

Key Contacts - damian.nowak Martin Skorupski

...

There is also a requirement to register the NetConf network devices in SDN-R controller, using IPv6 networking.

It is mainly about a Kubernetes platform, hosting ONAP application containers. An enabler for IPv4/IPv6 networking would be an upgrade of ONAP OOM Helm charts to K8S 1.16+ APIs.
The support for IPv4/IPv6 dual stack networking is planned to be executed in (at least) two steps:

  1. Migrate ONAP OOM Helm charts to support Kubernetes 1.17+ interfaces.
    Currently (June 2020), the newest K8S platform available as RKE distribution is 1.17. Newest K8S open-source GA distro is 1.18.
  2. Alternatively, certain components of ONAP, which are deployed using non-Helm methods could be placed on a dedicated K8S platform with IPv4/IPv6 support
  3. Review alternative K8S platforms, which can get an "ONAP recommended" stamp, and which support IPv4/IPv6 dual stack networking.

The 1st step described is considered as an enabler to execute the 2nd step. In ONAP/Guiin release, it is planned to implement the 1st step.
Initial tests targeting ONAP Frankfurt on RKE-K8S 1.17 have been executed, and impact is already understood.

...

Business Impact - Improves ONAP integration capabilities, mainly in 5G use-cases and E2E Network Slicing. Future-proofs ONAP for years to come.

Business Markets The target for Honolulu is to update all ONAP components, which do not install/execute properly in IPv4/IPv6 dual stack environment.
As of today (B10/2020), the following components are affected:

  • SDN-R Elastic Search module
  • Portal MariaDB database
  • SDC/AAI Cassandra database
  • DCAE - CFY Plugin - support exposing services using IPv6
  • This might not be a full, comprehensive list.
    Additionally, we`d like to make sure, that ONAP CI/Gating environment is running RKE-Kubernetes 1.18.x (at least).

Business Impact - Improves ONAP integration capabilities, mainly in 5G use-cases and E2E Network Slicing. Future-proofs ONAP for years to come. Allows to use AKS/EKS/GKS (* managed Kubernetes Service) to deploy ONAP in public clouds.

Business Markets All operators, service providers and entities using ONAP.  

Funding/Financial Impacts - None. RKE is already supporting K8S 1.18 as one of recommended K8S solutions, thus no additional costs here.

Organization Mgmt, Sales Strategies There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider

CONTINUATION OF PACKAGES UPGRADES IN DIRECT DEPENDENCIES (REQ-439) 

R8 PRESENTATION:

ITEMDETAILS
R8 Presentation
Recording mp4
Audio only

Key Contacts - Paweł Pawlak Amy Zwarico

Executive Summary -  All ONAP projects shall continue their efforts to reduce the risks associated with software vulnerabilities in the ONAP code base by upgrading all outdated, vulnerable direct dependencies in their code bases following the recommendations of SECCOM. The project and repo specific recommendations are provided in the Security Vulnerability space for Honolulu release.

Business Impact - Improves the security posture of ONAP. 

Business Markets - All operators and service providers can leverage the of fewer vulnerabilities in the open source dependencies in ONAP

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider.

COMPLETION OF JAVA LANGUAGE UPDATE (v8 → v11) (REQ-438) 

R8 PRESENTATION:

ITEMDETAILS
R8 Presentation
Recording mp4
Audio only

Key Contacts -  Amy Zwarico Paweł Pawlak 

Executive Summary - All remaining ONAP projects using java shall reduce the risks associated with no regular support for java v8 software as it causes increase of usage risk, as recommended by SECCOM. Continuation of REQ-351.

Business Impact - Improves the security posture of ONAP. 

Business Markets - All operators, service providers and entities using ONAP.  

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 

COMPLETION OF PYTHON LANGUAGE UPDATE (v2.7 → v3.8) (REQ-437)

R8 PRESENTATION:

ITEMDETAILS
R8 Presentation
Recording mp4
Audio only

Key Contacts -  Amy Zwarico Paweł Pawlak 

Executive Summary - All remaining ONAP projects using Python shall reduce the risks associated with no community support for Python 2.7 software as it causes increase of usage risk, as recommended by SECCOM. Continuation of REQ-373.

Business Impact - Improves the security posture of ONAP. 

Business Markets - All operators, service providers and entities using ONAP.  

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 

LOGS MANAGEMENT - PHASE 1: COMMON PLACE FOR DATA (REQ-441)

R8 PRESENTATION:

ITEMDETAILS
R8 Presentation
Recording mp4
Audio only

Key Contacts -  rouzaut Amy Zwarico Paweł Pawlak 

Executive Summary - All ONAP applications should generate logs that can be collected by Kubernetes. 

Business Impact - Improves the security posture of ONAP. 

Business Markets - All operators, service providers and entities using ONAP.  

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 

COMPLETION OF HELM MIGRATION (v2 → v3) (REQ-442)

R8 PRESENTATION:

ITEMDETAILS
R8 Presentation
Recording mp4
Audio only

Key Contacts -  Amy Zwarico Paweł Pawlak 

Executive Summary - All ONAP projects using HELMv2 must migrate during the Honolulu release to HELMv3. 

Business Impact - Improves the security posture of ONAP. 

Business Markets - All operators, service providers and entities using ONAP.  

Funding/Financial Impacts - None. RKE is already supporting K8S 1.17 as one of recommended K8S solutions, thus no additional costs here.
Organization Mgmt, Sales Strategies  - N/A

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 

CONTINUATION OF CII BADGING SCORE IMPROVEMENTS FOR SILVER LEVEL (REQ-443)

Key Contacts - Tony Hansen Amy Zwarico Paweł Pawlak  

Executive Summary - ONAP project will provide their feedback for the Application Security questions:

  1. Crypto Credentials Agility – ½ od apps in met and almost half not yet answered
  2. Implement Secure Design – 1/3 of projects did not answer 
  3. Crypto Weaknesses – tests to be applied (3 including Morgan)

Projects that have already answered this question positively, should verify that the answer is still correct.

Continuation of REQ-350.

Business Impact - Improves the security posture of ONAP by lessening the risk. 

Business Markets - All operators and service provider.

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider.


Support for the Multi Tenancy in ONAP (REQ-463)

Key Contacts -  Olivier Phenix Seshu Kumar Mudiganti Mike Elliott rodrigo lima

Executive Summary - Allow ONAP to run in a multi-tenant environment, where each tenant can manage access to his service designs, instances, and namespace-specific component

Business Impact - Make ONAP more appealing for operators and service providers, which often require different user groups to have different access level to resources.

Business Markets - All operators and service providers can leverage the multi-tenancy functionality of ONAP 

Funding/Financial Impacts - Reduction in operations expense from using industry standard Interfaces.

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. 


Identification of events that compromise the ONAP system (REQ-464)

Key Contacts - rouzaut  Amy Zwarico Paweł Pawlak  

Executive Summary 

Implementation is done to identify events that compromise the system.

This information feedback is done because only an intervention can stop this risk.

The events are logged and according to rules have intervened according to the risks.

 External system must be use to save and display the log

Secure protocol  must be use to transfert the log between ONAP and external system

Business Impact - Improves the security posture of ONAP by lessening the risk. 

Business Markets - All operators and service provider.

Funding/Financial Impacts - N/A

Organization Mgmt, Sales Strategies -There is no additional organizational management or sales strategies for this requirement outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider.