This page provides a summary of project-by-project El Alto release updates. The table shows the list of approved projects. In addition, it also lists a few subcommittees (use-case, architecture, security) and OVP.
Project
Key Updates
Benefits
A&AI
Converting all microservices to Alpine, created common images for users to select either Alpine or Ubuntu, reduced the number of microservices that is started by default for the demo
Updated to newer versions of spring boot — in the process of moving to spring-boot 2, but many of the microservices are still running 1.5.21
Updated to JanusGraph 0.2.3, which is a seamless upgrade from 0.2.0 which was used in Dublin
Code footprint reduction
Greater stability
AAF
Engaged Global Location Strategy for Locator (from Dublin)
Engaged Certificate Dynamic Generation for Apps (from Dublin)
Miscellaneous improvements and fixes
Greater scalability
Greater security
Greater stability
APP-C
Upgraded OpenDaylight (ODL) version to Fluorine SR2
14 bug fixes
5 security fixes
Expanded support for VNF configuration
Greater stability, security
CLAMP
All major security issues resolved
Front-end GUI framework moving from Angular to the React
Genericity and Re-factoring reduces code footprint(size) by around 40%
Increased security
Code footprint reduction
CCSDK
OpenDaylight Fluorine SR2 (version 0.5.4) and OpenDaylight Neon SR1
Support Netconf notifications
Controller Design Studio (CDS) Initiative –
Decouple CDS HELM CHART from SDNC.
Consolidated controller blueprint pod into blueprint processor pod.
Refactored Resource Assignment to support resource resolution for primitive and complex data types.
Automated vLB_CDS SDC Model Distribution via Robot Script
Automated E2E Run Time MACRO Execution for vLB_CDS and vFW_CDS use case via Robot Script
Consolidated controller blueprint pod into blueprint processor pod.
Certified Kotlin Script Support for Netconf and RESTCONF for vLB CDS Package
Certified Python Netconf Support for vLB CDS Package
CDS UI Data Dictionary Screen Improvements for resource creation
45 bugs fixed
Captured in APP-C/SDN-C
DCAE
DCAE Platform/Deployment updates
Dashboard deployed via Helm
All DCAE Platform components: Cloudify, ConfigBindingService, InventoryAPI, ServiceChangeHandler, PolicyHandler, Healthcheck moved to Helm in Dublin
DCAE Cloudify deployed MS pods auto-cleanup (triggered via Helm)
DCAE MS Deployment options
Static deployment
Support integration usecases
Dynamic deployment
Cloudify/cli or Dashboard or CLAMP
Dynamic Topic/feed support
Dmaap Plugin enhancement (to support DMAAP-BusController interface)
Bootstrap updates
Configmap, consul entry, Update k8s plugin key to include configmap,
k8s plugin enhancement to support dynamic feed
Verified dynamic topic/feed on DMAAP Message Router and Data router interfacing components.
DataFileCollector and Pm-Mapper were pilot ms
Bp-gen tool enhanced to support dmaap plugin integrated blueprint generation
TLS Enablement for platform components
ConfigBindingService (deployment for El-Alto supports 2 parallel service – HTTP and HTTPS to mitigate client migration impact)
Deployment Handler
InventoryAPI
Cloudify Container
Other Security updates
Image optimization
CBS
ConfigBindingService, Inventory-API, ServiceChangeHandler, High volume VES (HV-VES), PNF Registration Handler (PRH), Son-handler
Non-root
SON-handler, PRH, ServiceChangeHandler,
CBS
ConfigBindingService, Inventory-API, HV
_
-VES
Increased usability
Dynamic topic/feed support for increased flexibility in closed loops
Greater security
DMaaP
DMaaP Message Router:
New Features
Cert based authentication support in Message Router
Improved Kafka and Zookeeper cluster lookup
Pluggable Kafka server.properties,log4j.properties and Message Router logback.xml
Bug Fixes
Fixed for security vulnerabilities in Message Router
Fixed authorization issues in Message Router
DMaaP Data Router:
New Features
Enhanced logging to match Platform Maturity Logging Spec.
Bug Fixes
Fixed for security vulnerabilities in
Message --
Data Router
Greater security, stability
Enhanced logging
Documentation
Documentation improvements
Swagger Integration
User Guides improvement including Postman collections
We have been wrapping up minor things that we didn’t manage to finalize for Dublin and been focusing on processes and how we should work with documentation within the community.
Increased usability
External API Framework
Migrated to
jdk --
11-jre-slim
Added postman collection
Bug fixes
Fixed External API Framework Tosca parsing to extract Inputs from SDC csar for generation of the external facing Service Catalog ServiceSpecifications.
Fixed issues in Health Check Tests with SDC
Greater stability
Increased usability
Holmes
No updates
--
Integration
Increase E2E Test Automation
Ability
Add new integration labs
Introduction of OOM Gating
Updated scripts for OOM daily automated deployment tests
Refactoring of the Integration wiki home page
Automation script for use cases
Updated java artifact versions for ONAP El Alto release
Cleaning of CSIT jobs
Update oparent library to fix security Vulnerabilities
Update Postman collection for test
Greater stability
More E2E use-case tests
Logging
Reduce the number of vulnerability issues. There are 15 issues addressed for this release.
Greater security and stability
MSB
Minor functional enhancements—delete custom services, register https services via MSB mgmt. UI
2 bug fixes
Greater stability, security, usability
Modeling
A new repo has been created (modeling/etsicatalog), which provides package management service and parser service as Micro Service
New model specification publication
root model
business and interaction model
VES 7.1 model
provide general micro service for package management and parser service
new models covering more area
MultiCloud
Rebased most MultiCloud services to python3
Rebased MultiCloud services to latest Django packages to fix security vulnerability issues
7 critical bugs fixed
Improved usability of MultiCloud k8s plugin
ONAP4K8S profile is added - A smaller ONAP if the cloud regions are all Kubernetes based.
ISTIO based security for ONAP4K8S profile is verified.
Enhancements to work with OVN Network operators, Provider network operator.
Greater stability, security, usability
Music
MUSIC Control Panel UI based on ONAP Portal SDK
Eliminating ZK and building mechanism with Cassandra Light Weight Transaction for locking to simplify containerization and boost performance
AAF CADI Support
Keyspace Based logging
Internal retry mechanisms
MUSIC API improvements to allow multiple non-blocking reads to improve performance
MDBC 2.0 - Allows apps to gain resiliency and performance benefits of MUSIC without rewriting existing JDBC code, supports mixture of tables requiring immediate and eventual consistency. Built support for MySQL, MariaDB and Postgres database. Utilized existing open source Avatica project and filled the solution gaps with connection pool support and optimization.
Remediation of all 9 open Black Duck, 28 Fortify and 5 Sonar reported issues.
Greater security, stability, usability
New enhancements to make it easier for workloads to consume Music
CLI
Multi-level orchestration capability (how platform helps to support the hierarchy of service->domain->resource level orchestration and this platform would help to perform orchestration at each level and across.) Python, or similar scripting/workflow engine can be used for this
VNF Test Platform(VTP) has used the Open Command Platform (OCOMP) – part of ONAP CLI project, for VNF life cycle testing (create and delete)
Enabled as experimental (dev) mode
Used for end-end automation of VNF service provision and termination for both HEAT and TOSCA based VNF service
Multi-level orchestration capability
Used for increasing test coverage and OVP
Enables OVP, by helping integration and end-end service automation
Improves usability to use CLI as an alternative to GUI/API
OOM
Upgraded to Kubernetes 1.15.2 and Helm 2.14.2
25 bug fixes
Higher
Greater stability and security
OOF
CMSO (Change Management Scheduler Optimization) enhancements - Schedule a workflow in SO and track status to completion
Automation on policy model uploading for vCPE, vFW use cases
10 Bug fixes
4 Vulnerabilities fixed
Enhancements for change management scheduling
UUI
Adaptive Pages : change the Home, Customer, Lifecycle Management and Package Management modules to adaptive pages that can be normally displayed in all screen sizes
Mock Data Scheme : build mock data scheme to support the development and preview in local environment in case of lack of server environment
Document Enhancement : enrich README.md to introduce the general situation and add CHANGELOG.md to record the commit messages
Structure Optimization : restructure the project to increase the development efficiency and improve the performance
Function Optimization : delete useless modules and simplify some apis to improve loading speed of the project
2 bug fixes
Improved usability with support for different screen sizes
Greater stability and performance
Policy
56 minor enhancements or fixes
Policy Lifecycle API handling of Version fields
Improvement of Docker image generation
Code cleanup: sonar, checkstyle and code coverage for core components
22 Bug Fixes
Initial CDS API and Actor integration
XACML PDP retrieval of Policy Types to support ability of dynamic policy translation using "matchable" metadata fields.
CII Silver Badging for core components
Various upgrades of dependencies for security fixes
Greater stability and security
Portal
Bug fixes and security enhancements
Specifically, addressed OJSI security enhancements and also fixed security issues reported by NexusIQ scan tool. As part of maintenance, enhanced known MariaDB/UX bugs and improved deployment helm charts.
Greater stability and security
SDN-C
New functionality such as ODL Neon, implementing a Configuration database, Netconf enhancements including receiving notification from RAN
Generic Resource API support for async and concurrency request for VNF and VF Module Topology operation request
41 bug fixes
11 security fixes
Closed loops can use Netconf notification
Ability to store configurations
Expanded configuration capabilities
Greater stability and security
SDC
Fixed 12 OJSI tickets
Integrated with AAF for certificates, so SDC works in HTTPS-only mode;
8% more test coverage
Migrated to OParent
Upgraded DB infrastructure (Titan to JanusGraph)
And fixed 60 defects
Greater stability, security
SO
84 enhancements
156 bug fixes
Greater stability
VF-C
VF-C added
Added 15 csit test cases to cover more
API
APIs and code
branch
branches testing
Optimized NSLCM, catalog, VNFLCM code and 20% code reduction
Leverage
Rebased python based VF-C components to python3
Integrate with VNFSDK VTP and leverage existing VF-C capabilities to Support OVP TOSCA VNF validation.
Integrate with CLI
and
4 bug fixes
1 security fix
to improve the VF-C usability
Greater stability
Code footprint reduction
VID
OVP supporting
VID
Fixed security and non-security defects
Minor improvements to code conventions, logging and documentation
Added lots of unit-tests and integrative tests covering many user-scenarios
Greater stability and security
VNFSDK
TOSCA based VNF validation enabled for support OVP & CVC.
TOSCA based VNF compliance check based on some operator requirements.
SDC now integrated VNFSDK VTP on VNF validation.
ETSI SOL004 Security check (CMS signature validation) enabled.
Code quality improvement.(e.g. replace the Jackson to Gson, 100 + sonar issue fix)
A C++ implement of VES spec 7.0.1 on ves-agent.
VNF SDK: improved support for ETSI SOL004
Greater stability and usability
VNFRQTS
Defined reference test cases for VNF onboarding and instantiation to further expand the compliance badge scope available in the OPNFV Verified Program (OVP).
Covers both Heat-based and TOSCA-based VNFs
Over 30 requirement changes across VNF packaging, security, monitoring, and management to ensure VNF Providers can more readily integrate with ONAP in a compliant and secure manner
VNF Requirements: 30 additional VNF requirements around VNF packaging, security, monitoring, and management to improve VNF interop and security compliance
VVP
New features:
VNF Preload Generation
Executing the VVP validation scripts will now generate valid preloads for each VF module present in a VNF
This simplifies the creation of preloads, and greatly reduces the chance of errors during instantiation due to an incomplete or malformed preload
Supports both VNF API and GR API formats
Security, Performance, and Bug Fixes:
Improved performance of validating complex VNFs by > 30%
Improved security by adding bandit library to perform code scans on each commit
Aligned VVP validation scripts with the latest version of the VNF Heat Template Requirements
Improved error messages, enhanced report readability for users
Refactored code to reduce code complexity and increase code re-use
VVP: Day 0 config simplification for testing, greater security, performance, stability
Benchmark
Completed
The performance test script of vfw has been developed 90%. Before we have run the basic functions on the B version, we have not tested the concurrent version in the B version. Last month and the integration group meeting, the integration team suggested that we switch to the D version of the vfw performance test.
The vcpe performance test script has been developed. On the onap dublin version, we create only one virtual machine model. And use the modified vcpe script to create a service instance and virtual machine. The concurrent creation of a single virtual machine script, the completion of 20 concurrent tests, and the recording of test results
Work in progress
Find the reason why the virtual machine was not successfully created in the 20 concurrent test in the vcpe performance test.
Transplant the beijing version of the benchmark test mock server, simulate openstack request processing, and then concurrently create a virtual machine test.
Use Case Subcommittee
No new use cases
--
Arch Subcommittee
No architectural change
--
Security Subcommittee
First of all we are very pleased by the quality that ONAP projects managed to reach, especially comparing with what was prepared initially around end of September. This means that SECCOM complaints during PTL and TSC meetings were received and triggered right and a very positive outcome. El Alto has the best security release notes out of all ONAP releases!Thank you all teams for your hard work!
AAF Auto-Configuration and Certificate Generation
Upgrade to latest oParent 2.1.0
Release key achievements from SECCOM perspective:
State of ONAP security is improving. We are not there yet to say that ONAP is a secure piece of software but we are definitely going in the right direction.
Some key facts from this release:
Number of exposed HTTP ports has been significantly reduced (21 currently but may reduce further by the time the release is pushed out)
12 CVEs has been fixed, 7 still being worked on (out of total 26)
44 OJSI tickets has been resolved and 19 still in progress (some may be fixed till Thursday but most will be probably deferred to Frankfurt), 66 still untouched.
Analyzing known vulnerabilities – first component upgrades were introduced by Portal project Springframework: from v 4.2.3 to 4.3.24. Next upgrades not yet pushed into ONAP gerrit due to resource constraints for testing the recent changes
CII Badging:
Updates of projects representatives
Having a LF representative on each of the CII projects has provided the "bus factor" backup needed to guarantee transition on several projects whose project editor has left ONAP.
Updates of ONAP projects answers in passing level
At the passing level, we remained constant. The majority of our projects are passing, with only a handful in the 80-90% passing.
Updates of ONAP projects answers in silver level
In Dublin, we had 30% of our projects in the 80-90% silver, 16% in the 40-80% silver, and the remaining 53% below 40%.
In El Alto, we improved considerably. We now have one project achieving the Silver level and 47% achieving 80-90% silver, 23% in the 40-80% silver level, and only 27% below 40%.
Updates of ONAP projects answers in gold level
We also showed a steady climb in the gold achievements. In Dublin, only two projects were above 40% gold, 10% in the 20-40% gold, and the remaining 83% below 20% gold.
In El Alto, one projects reached the 60-80% level and now three projects were in the 40-60% range. 27% of the projects are in the 20-40% gold range, and now there are only 60% of the projects below 20% gold.
Following the last call with Dan, SDNC team fixes for the remote code execution vulnerability were implemented - SDNC portal is disabled.
If the vulnerability is mitigated with the workaround instead of a permanent fix, then the CVEs must be documented in the known security issues section of the El Alto release notes in order to improve ONAP transparency.
Reduced vulnerabilities
Reduced traffic in the clear
Increased CII badging compliance
Modeling Subcommittee
Developed and published new information model specifications for:
root model
business and interaction model
VES 7.1 model
Information Integration
The Root model establishes a common base for the ONAP information model
The general Business Interaction model provides a means to tie in concepts such as Service Order, VES Events, and Licenses into ONAP's model hierarchy
The VES model describes ONAP's Event Streaming information as implemented
Infrastructure Improvements
Self-Serve Release
Kick-Off Dockerhub Migration
Release Management Automation
Activation of jS Test Coverage
Improve tool-chain efficiency
Improve software quality
General
Total
3571
issuesbeing addressed - currently 3407 closed but PTLs are currently cleaning-up