Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

DRAFT PROPOSAL FOR COMMENTS

The content of this template is expected to be fill out for M1 Release Planning Milestone.

Info
titleInfo

Use the "Copy" and "Move" options (available under the ..., top right of this page) to duplicate this template into your project wiki.
Use the Wiki to document the release plan. Don't provide PowerPoint.
Use as much diagrams and flow charts as you need, directly in the wiki, to convey your message.

Table of Contents
outlinetrue


Overview

Project NameEnter the name of the projectApplication Authorization Framework
Target Release NameEnter the name of the release you are targeting to deliverBeijing  Release
Project Lifecycle StateEither Incubation, Core, Mature. Refer to ONAP Charter, section 3.3 Project Lifecycle for further information
Participating Company List the company participating in this release. At least 3-4 organizations, including an operator are recommended.AT&T, Intel, Tech Mahindra

Scope

What is this release trying to address?

Describe the problem being solved by this releaseAAF trying to address the secured communication threw certificate management & token based Authentication,Authorization

Use Cases

Describe the use case this release is targeted for (better if reference to customer use case).The existing Amsterdam use cases are still going to be supported and additional use cases related to the will be supported for the Beijing Release

Minimum Viable Product

Describe the MVP for this releaseFor Beijing release, the minimum viable product we are targeting is  integrating AAF  with multiple ONAP applications and perform secured transactions.

Functionalities

List the functionalities that this release is committing to deliver by providing a link to JIRA Epics and Stories. In the JIRA Priority field, specify the priority (either High, Medium, Low). The priority will be used in case de-scoping is required. Don't assign High priority to all functionalities.

...

Jira Legacy
serverSystem Jira
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
maximumIssues20
jqlQuerykey in (AAF-14,AAF-12,AAF-9,AAF-8,AAF-7,AAF-6,AAF-5,AAF-4,AAF-3,AAF-2,AAF-1,AAF-92,AAF-93,AAF-94)
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176

...

Jira Legacy
serverSystem Jira
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
maximumIssues20
jqlQueryproject=AAF and status = "To Do" and issuetype in (story)
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176

Longer term roadmap

Indicate at a high level the longer term roadmap. This is to put things into the big perspective.

...

 AAF is to organize software authorizations so that applications, tools and services can match the access needed to perform job functions.  This is a critical function for Cloud environments, as Services need to be able to be installed and running in a very short time, and should not be encumbered with local configurations of Users, Permissions and Passwords.To be effective during a computer transaction, Security must not only be secure, but very fast. Given that each transaction must be checked and validated for Authorization and Authentication, it is critical that all elements on this path perform optimally.

Indicate the outcome (Executable, Source Code, Library, API description, Tool, Documentation, Release Note...) of this release.

Deliverable Name

Deliverable Description

To fill outTo fill out

AAF integration with Appc

AAF Git repository
AAF source codeAAF Git repository
AAF libraryONAP Nexus repository
AAF API descriptionONAP wiki
AAF Release NotesONAP wiki
AAF DocumentationAAF Git repository

Sub-Components

List all sub-components As part of this release.
Activities related to sub-components must be in sync with the overall release.Sub-components are repositories and are consolidated in a single centralized place. Edit the Release Components name for your project in the centralized page.the Beijing release,Certificate Management will be added to the AAF

Architecture


Architecture

High level architecture diagram

At that stage within the Release, the team is expected to provide more Architecture details describing how the functional modules are interacting.

Indicate where your project fit within the ONAP Archiecture diagram.

Block and sequence diagrams showing relation within the project as well as relation with external components are expected.

Anyone reading this section should have a good understanding of all the interacting modules.

Image Added


Image Added

Platform Maturity

Refering to CII Badging Security Program and Platform Maturity Requirements, fill out the table below by indicating the actual level , the targeted level for the current release and the evidences on how you plan to achieve the targeted level.

AreaActual LevelTargeted Level for current ReleaseHow, EvidencesComments
Performance01Run performance basic test, depends on performance criteria availability for level 1
  • 0 -- none
  • 1 – baseline performance criteria identified and measured
  • 2 & 3 – performance improvement plans created & implemented
Stability01Participate to Stability runs Level 1
  • 0 – none
  • 1 – 72 hours component level soak w/random transactions
  • 2 – 72 hours platform level soak w/random transactions
  • 3 – 6 months track record of reduced defect rate
Resiliency121
  • 0 – none
  • 1 – manual failure and recovery (< 30 minutes)
  • 2 – automated detection and recovery (single site)
  • 3 – automated detection and recovery (geo redundancy)
Security01Reach CII passing badge, increasing test coverage as remaining item
  • 0 – none
  • 1 – CII Passing badge + 50% Test Coverage
  • 2 – CII Silver badge; internal communication encrypted; role-based access control and authorization for all calls
  • 3 – CII Gold
Scalability01Reach Level 1 single site horizontal scaling
  • 0 – no ability to scale
  • 1 – single site horizontal scaling
  • 2 – geographic scaling
  • 3 – scaling across multiple ONAP instances
Manageability11Using LOG4J common framework for logging
  • 1 – single logging system across components; instantiation in < 1 hour
  • 2 – ability to upgrade a single component; tracing across components; externalized configuration management
Usability11API documentation provided
  • 1 – user guide; deployment documentation; API documentation
  • 2 – UI consistency; usability testing; tutorial documentation


...

    • API Incoming Dependencies

  • List the API this project is expecting from other projects.
    Prior to Release Planning review, Team Leads must agreed on the date by which the API will be fully defined. The API Delivery date must not be later than the release API Freeze date.

    Prior to the delivery date, it is a good practice to organize an API review with the API consumers.

    API Name

    API Description

    API Definition Date

    API Delivery date

    API Definition link (i.e.swagger)

...

  • NoneNoneNoneNoneNone


    • API Outgoing Dependencies

    API this project is delivering to other projects.

    API Name

    API Description

    API Definition Date

    API Delivery date

    API Definition link (i.e.swagger)

...

  • ProvisiningAPI for creating,deleting and listing the administrative objectsAug 02 2017March 08 2018AAF API
    Admin APIAPI for the admin accessAug 02 2017March 08 2018AAF API
    CADICADI ( CODE ACCESS DATA IDENTITY)Aug 02 2017March 08 2018AAF API





    Third Party Products Dependencies

    Third Party Products mean products that are mandatory to provide services for your components. Development of new functionality in third party product may or not be expected.
    List the Third Party Products (OpenStack, ODL, RabbitMQ, ElasticSearch,Crystal Reports, ...).

    Name

    Description

    Version

...




  • DockerContainer engine1.12
    Cassandradatabase container2.1.16



    In case there are specific dependencies  (Centos 7 vs Ubuntu 16. Etc.) list them as well.

    Testing and Integration Plans

    Provide a description of the testing activities (unit test, functional test, automation,...) that will be performed by the team within the scope of this release.

    Describe the plan to integrate and test the release deliverables within the overall ONAP system.
    Confirm that resources have been allocated to perform such activities.

    AAF will invest in CSIT tests to allow further integration testing, AAF already provided some tests as part of R1.

    Gaps

    This section is used to document a limitation on a functionality or platform support. We are currently aware of this limitation and it will be delivered in a future Release.
    List identified release gaps (if any), and its impact.

    Gaps identified

    Impact

...

  • Testing/Integrationlimited testing of final product
  • Known Defects and Issues

Provide a link toward the list of all known project bugs.

Jira Legacy
serverSystem Jira
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
maximumIssues20
jqlQueryproject=sanbox aaf and issuetype in (bug)
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176

  • Risks

List the risks identified for this release along with the plan to prevent the risk to occur (mitigation) and the plan of action in the case the risk would materialized (contingency).

...

  • No known risks so far.

Resources

Fill out the Resources Committed to the Release centralized page.

  • Release Milestone

The milestones are defined at the Release Level and all the supporting project agreed to comply with these dates.

  • Team Internal Milestone

  • This section

...

  • may be used to document internal milestones

...

  • that the team agreed on.

    Also, in the case the team has made agreement with other team to deliver some artifacts on a certain date that are not in the release milestone,

...

  • provide these agreements and dates in this section.

    It is not expected to have a detailed project plan.

    Date

    Project

    Deliverable

    To fill out

...

  • AAFAAF - CertMan,oAuth

    Documentation, Training

  • Highlight the team contributions to the specific document related to he project (Config guide, installation guide...).
  • Highlight the team contributions to the overall Release Documentation and training asset
  • High level list of documentation, training and tutorials necessary to understand the release capabilities, configuration and operation.
  • Documentation includes items such as:
  • Installation instructions
  • Configuration instructions
  • Developer guide
  • End User guide
  • Admin guide
  • ...

http://onap.readthedocs.io/en/latest/submodules/aaf/authz.git/docs/index.html


Note
titleNote

The Documentation project will provide the Documentation Tool Chain to edit, configure, store and publish all Documentation asset.

...