Duration 60 minutes
Zoom Bridge https://zoom.us/j/283628617
Duration | Agenda Item | Requested by | Notes / Links | ||||
---|---|---|---|---|---|---|---|
START RECORDING | |||||||
Casablanca Maintenance Release
| Remaining Open Issues: https://lists.onap.org/g/onap-release/message/935 Casablanca Maintenance Manifest: https://gerrit.onap.org/r/gitweb?p=integration.git;a=blob_plain;f=version-manifest/src/main/resources/docker-manifest.csv;hb=refs/heads/casablanca New Docker Image - Component
|
|
N - latest changes to be reviewed by OOM
|
|
N - latest changes to be reviewed by OOM
gerrit nbr:
Jira Legacy | ||||||
---|---|---|---|---|---|---|
|
|
|
VFC
Integration Status: AAI Healcheck - issue raised this morning (AAI-2026); need to retry since OOM not yet reviewed so it could be related to ... Remaining Docker Image (Yellow & Blue items) to be delivered no later than Jan 16th, 2019 Release note: Follow-up offline with Sofia | ||||
Dublin Release - M1 preparation S3P Requirements |
Security pNF/xNF |
TSC Dublin Release Prioritization (v11): Dublin Release Requirements Feedback/Action items: https://lists.onap.org/g/onap-tsc/message/4460 Remaining Open Issues: https://lists.onap.org/g/onap-release/message/934 |
<1-7/2019>: Work in progress. Schedule might shift to another week. Michael will follow-up with Mike. Training will be open to everybody. The objective is that each team will take over the management of their Helm Charts.
K8S: Yang Xu Ensure labs are updated to relevant K8S version
<1-7/2019>: Ongoing. K8s 1.11.5; Rancher 2.0 - parameters set in the Heat template to bring the VMs related to K8S.
<01/13/2019> From Integration, here are the related versions:
docker_version:
type: string
default: "17.03.2"
rancher_version:
type: string
default: "1.6.25"
rancher_agent_version:
type: string
default: "1.2.11"
kubectl_version:
type: string
default: "1.11.5"
helm_version:
type: string
default: "2.9.1"
and secondary here https://git.onap.org/logging-analytics/tree/deploy - under https://jira.onap.org/browse/OOM-1496
https://wiki.onap.org/display/DW/Security+Space+Wiki+Access+ListOom values.yaml or integration repo manifest ( TSC-86 - Lock down docker image tag name source of truth - oom values.yaml or integration repo manifest - A: both but manifest is the source Submitted )
if not covered - see TSC 2019-01-10
Quick discussion on nailing down whether we need a yaml override of the deployable
docker image tags in the oom repo (understanding is no) - with the integration docker manifest
(manifest is currently a copy of the oom values.yaml tags - not the reverse)
If not - then we need a documented procedure wiki/RTD on running a derived values.yaml override for the entire system before deployment
AAF is only an example here
https://git.onap.org/oom/tree/kubernetes/aaf/charts/aaf-service/values.yaml?h=casablanca#n28
image: onap/aaf/aaf_service:2.1.8
drives
onap/aaf/aaf_service,2.1.8<1-7/2019> Integration team to document the procedure.
<01/13/2019> Answer from Integration team: docker manifest under integration repo is the source of truth, and is used by Integration team to override OOM values.yaml when deploying ONAP in Openlab. See the instructions at the bottom of page https://onap.readthedocs.io/en/casablanca/submodules/integration.git/docs/onap-oom-heat.html#onap-oom-heat-template
Please review the Windriver information sent by Stephen Gooch
Rules:
- Tenant Space, VM not used over the last 3 months will be deleted.
- People not log over the last 6 months will be deleted
Lab Strategy to be established
DEV reduced deployment footprint
through ReplicaSet: 1
Continue dev.yaml adjustment for ReplicSet: 1
This reduction of 20+ containers is easier - just need a signoff on several PTLs that the remaining clusters actually run with 1 instance enough for dev.
DEV environment deployment footprint reduction by reducing remaining ReplicaSet clusters to 1 from 2/3/5/7 - only in dev.yaml override
Jira Legacy | ||||||
---|---|---|---|---|---|---|
|
Discussion on state of enforced dependencies - SDNC is a good example - it will not deploy unless dmaap, consul and sdc are pre-deployed, however other projects that have compile-time/injection-time pom.xml dependencies are not reflected.
Some projects have explicit deployments set in their init containers - others do not yet.
Issues:
Enforced dependencies block a module for dev testing unless dependencies are up
For example - everyone needs AAI up - but there are no init containers referencing AAI so any module can deploy without AAI - but functionality will be limited.
Proposal:
Follow - as usual - AAI example - where they put in a conditional on the --set enabled flag - and don't enforce the dependency - not blocking bringing up just a single module. However if the dependency is enabled in dev/values.yaml then the dependency is checked.
https://git.onap.org/oom/tree/kubernetes/aai/charts/aai-traversal/templates/job.yaml#n42
Code Block | ||
---|---|---|
| ||
spec: initContainers:
{{ if eq .Values.global.aafEnabled true }}
- --container-name
- aaf-locate
{{ end }} |
The deployment profile is useful for module-level deployments, consistent sequential deployments, CD and dev environments
current state
or higher level
Jira Legacy | ||||||
---|---|---|---|---|---|---|
|
Committer, Calendar, etc?
#1 DmaaP zoom bridge issue
#2 AAF - Add Sai committer's rights
#3 Remove inactive Modeling committers - https://lists.onap.org/g/onap-tsc/message/4450
Notes
Action items
...
15min | Integration team CI demo | Integration team had developed integration CI during Casablanca, and it had been used by release manager to report progress. We will demonstrate its basic features in this meeting to collect feedback. | |
Offline Review | WindRiver Lab Management | Please review the Windriver information sent by Stephen Gooch Rules:
Lab Strategy to be established Please provide feedback to Stephen Gooch no later than January 31st, 2019 if you need to keep your tenant space, VMs: user-usage.txt | |
Offline Review | Any Help-desk ticket in the queue? | Committer, Calendar, etc? #1 DmaaP zoom bridge issue => Need to identify 1 slot from DMaaP Team #2 AAF - Add Sai committer's rights #3 Remove inactive Modeling committers - https://lists.onap.org/g/onap-tsc/message/4450 #4 CCSDK zoom bridge | |
Offline Review | ticket in from 11/30 to change meeting time | Steven wright | I've been trying to change meeting time for VNFRQTS call since Nov last year. Process on website says to create ticket on helpdesk. I've have no response on this. If that's not the process can we get the instructions updated. Helpdesk #'s #66481 #65633 #64787 |
...
Action Items:
- Casablanca Release Maintenance
Action to be completed no later than January 16th, End of your Day:
- OOM Team to work with AAI, DCAE Teams in order to release the Docker Image
ExtAPI, OOF, SO, VFC, UseCaseUI, Integration – Finalize their Docker images and update the Manifest accordingly
- Dublin Release:
- 1/17: M1 review for all the projects except Integration. Final checklist submitted no later than Thursday Jan. 17th, 9am CET/10am Israel Time/4pm China Time/3am EST
- 1/24: M1 review for Integration.Final checklist submitted no later than Thursday Jan. 24th, 9am CET/10am Israel Time/4pm China Time/3am EST
As part of your M1 activities, - Please review your M1 S3P Actual and provide your S3P M1 target: https://lf-onap.atlassian.net/wiki/display/DW/Dublin+Release+Platform+Maturity
- Please update any risk/issue (if any): https://lf-onap.atlassian.net/wiki/display/DW/Dublin+Risks
- Please provide your commitments on the centralized wiki: https://lf-onap.atlassian.net/wiki/display/DW/Dublin+Release+Requirements
WindRiver Lab Management
Action to be completed no later than January 31st, End of your DayReply to Stephen Gooch concerning current usage.
If no response then
- any tenant space, VM not used over the last 3 months will be deleted.
- Any person not log to Windriver over the last 6 months then account will be deleted
- Committer(s)/Calendar Requests
Kenny & Jim will review the following items and will provide feedback no later than our next TSC Call (1/17):
#1 DmaaP zoom bridge issue => Need to identify 1 slot from DMaaP Team
#2 AAF - Add Sai committer's rights
#3 Remove inactive Modeling committers - https://lists.onap.org/g/onap-tsc/message/4450
#4 CCSDK zoom bridge
#5 VNFREQ - Helpdesk #'s #66481, #65633 and #64787
...
Zoom Chat Log
Anchor | ||||
---|---|---|---|---|
|
06:15:46 From Michael O'Brien(LOG,Amdocs) : https://gerrit.onap.org/r/#/c/75705/
06:18:58 From Michael O'Brien(LOG,Amdocs) : https://jira.onap.org/browse/PORTAL-399
06:19:22 From Michael O'Brien(LOG,Amdocs) : https://gerrit.onap.org/r/#/c/75641
06:19:28 From Michael O'Brien(LOG,Amdocs) : 4 days ago
06:21:26 From Vijay VK : Hi Mike- This is for DCAE - casablanca updates. https://gerrit.onap.org/r/#/c/75456/, pls review/merge when u get a chance.
06:24:14 From Michael O'Brien(LOG,Amdocs) : very nice
06:27:35 From Keong Lim k00759777 : if istio service mesh is a no-go, is there a replacement for secure onap communications?
06:30:18 From Keong Lim k00759777 : is backup/restore/upgradability included in s3p?
06:37:46 From Mike Elliott (Amdocs) : @Keong Lim, a reference tool set for backup and restore was introduced in Casablanca: https://lf-onap.atlassian.net/wiki/display/DW/Backup+and+Restore+Solution%3A+ONAP-OOM
06:39:41 From Keong Lim k00759777 : @mike elliot, did you see @brian freeman's comments at the bottom of that page?
06:39:54 From Mike Elliott (Amdocs) : @Keong Lim, with the use of Network Policies + CNI (Cillium) we do gain a level of security between pods. But there are currently no resources to take on istio to provide transparent TLS communication.
06:41:16 From Michael O'Brien(LOG,Amdocs) : good point on maturity of the os project
06:42:19 From Mike Elliott (Amdocs) : @Keong Lim, I see the comment. I will forward to the team that did the work to respond.
06:53:26 From Catherine Lefevre : @Linda, can you add your presentation to the PTL call - https://lf-onap.atlassian.net/wiki/display/DW/PTL+2019-01-14? thank you
06:58:20 From Catherine Lefevre : Team - not sure we will be able to present all
06:58:40 From Catherine Lefevre : for ticket/helpdesk; jim and I we will follow-up offline with kenny/jessica
06:58:54 From Catherine Lefevre : please check if I have all the ticket references
06:59:13 From Catherine Lefevre : topics not covered today then please shift them for 1/21 PTL call
06:59:31 From Catherine Lefevre : something we need to cover today then will be discussed right not after this item
07:00:10 From Leimeng Shi (ATT-Portal) : @Catherine, confirmed with @Michael Portal is good to go, no more issues/questions.
07:00:14 From Taka Cho : Can we resume the ZOOM mtg admin access to PTL? so that we can do recoding.
07:00:16 From Keong Lim k00759777 : if this security is optional, is there way to force a downgrade? that would break security
07:00:54 From Kenny Paul (LFN) : @Taka Yes
07:01:01 From Taka Cho : thanks!
07:01:46 From Catherine Lefevre : @Leimeng - wiki updated - thnaks
07:01:48 From Kenny Paul (LFN) : @Catherine are you looking for a summary of open ticket status.
07:02:00 From Catherine Lefevre : yes kenny but offline
07:02:04 From Kenny Paul (LFN) : k
07:02:41 From Samuli Kuusela (Ericsson) : @Keong: this TLS is not optional, so there is no fallback to SSH (at least in cases that I am familiar with, from XNF side)
07:03:04 From Samuli Kuusela (Ericsson) : though, even if falling back to SSH, there would still be good level of security
07:05:49 From Michael O'Brien(LOG,Amdocs) : http://onapci.org/grafana/d/8cGRqBOmz/daily-summary?orgId=1
07:16:15 From Catherine Lefevre : @Michael o'brien - i have shifted your topics to 1/21
07:17:14 From Catherine Lefevre : @PTLs - I have marked "Offline Review" - topics that we will pursue offline - please check if we have tracked all your open requests (calendar, committer inactive/active, etc)
07:21:53 From Catherine Lefevre : I need to drop for now
07:22:30 From Keong Lim k00759777 : is one of those pods AAF locator?
07:23:19 From Keong Lim k00759777 : does it include jobs like graphadmin-create-db-schema?
07:26:12 From Aaron : Gary, are the OOM robot test cases stored in a different location in the CSIT integration project than the HEAT based CSIT robot test cases?
07:26:39 From Michael O'Brien(LOG,Amdocs) : AAI has a conditional check on aaf in aai jobs
07:26:46 From Michael O'Brien(LOG,Amdocs) : spec:
initContainers:
- command:
- /root/ready.py
args:
- --container-name
- aai
{{ if eq .Values.global.aafEnabled true }}
- --container-name
- aaf-locate
{{ end }}
07:29:03 From Michael O'Brien(LOG,Amdocs) : dependencies
07:29:04 From Michael O'Brien(LOG,Amdocs) : https://jira.onap.org/browse/LOG-924
07:30:41 From Michael O'Brien(LOG,Amdocs) : Gary is also on https://jira.onap.org/browse/TSC-25
07:31:11 From Michael O'Brien(LOG,Amdocs) : manual magic word "run-helm-deploy" will kick in a helm-deploy jjb job that deploys robot and the particular pod to a 16-32g VM (preconfigured with rancher as a single node) - how? jenkins will run a remote ssh shell to a server using a cached key - a cd.sh script will need to be written - see the 2 pocs below already running
07:31:26 From Michael O'Brien(LOG,Amdocs) : The grafana page is very nice
07:31:32 From Michael O'Brien(LOG,Amdocs) : http://onapci.org/grafana/d/8cGRqBOmz/daily-summary?orgId=1