2022-01-25 DCAE Meeting Notes

S.NO

 Time (est)

 Topics

 Requester/Assignee

 Notes/Links

Note to Moderator

START RECORDING

PARTICIPANT LIST

Network Slicing Use Case - DCAE impacts in Jakarta release

+ IBN/CCVPN Closedloop Support

@Ahila P @Henry Yu @Dong Wang 

Finalize design/impact for DCAE for Jakarta for both E2E Slicing/CCVPN/IBN; current scope 

E2E Slicing : DCAEGEN2-3021 - E2E_Network_Slicing_DCAE impacts -v2.pdf

• SliceAnalysis 

CCVPN / IBN : (DCAE JIRA TBC)

CCVPN CL flow

•  

  •  

    • Triggered via VES event flow (how to handle the event); data collector is SDNC (perf with bandwidth event), SliceAnalysis will monitor and trigger CL

IBN CL flow

•  

  •  

    • Triggered via bandwidth cl via AAI notification

• SliceAnalysis  (Huawei)

• ML MS will be handled as POC (Wipro team)

  • Plan on training MS will be documented 

** Outstanding **

• Create DCAE impact EPIC/stories  - @Ahila P @Henry Yu 

  • ML/MS (POC)

    • ML -Traing model reference to be provided and doc reference

  • SliceAnalysis 

    • Include data samples and mapping

    • CSIT updates
          

Istanbul Maintenance release

@Vijay Kumar 

DCAEGEN2-3022 - Log4j vulnerability (2.0-beta9 to 2.14.1)

• https://www.helpnetsecurity.com/2021/12/13/log4shell-update-cve-2021-44228/

• https://www.kaspersky.com/blog/log4shell-critical-vulnerability-in-apache-log4j/43124/

• https://logging.apache.org/log4j/2.x/security.html

Recommendation from SECCOM was 2.16.0 in December; new CVE has been identified and  2.17.1 is the new target recommended version for now*

01/25/22 - OOM merge pending ; cherry-pick oom/istanbul. Doc for maintenance rls will be done this week (will include log4j & son-handler)

01/20/22 - All impacted component updated to 2.17.1 and released; OOM update pending

01/04/22 - Upgrade impacted DCAE components to 2.17.1 once SECCOM/TSC confirms 

12/17/21 - VESCollector, RESTConf, VES-Mapper impacted; new containers released using 2.16.0

Jakarata Release Updates

@Vijay Kumar 

Completed

• Release Planning: Jakarta

• R10 M1 -DCAEGEN2-2979 -  Rescheduled to 12/09/2021 

Ongoing

• ARC - ONAPARC-724 (Scheduled for 01/25/2022)

• R10 M2 - DCAEGEN2-3009(01/27/2022) 

• DCAE R10 Jakarta M2 Release Planning   

• Jakarta Impact View per Component

Jakarta -  Mandatory Tasks

@Vijay Kumar 

Review GR and BP approved for Jakarta & DCAE impact

1. Global Requirement

   1.  REQ-441/REQ-1070 - Log to std out/err  - No new impact (healthcheck and SNMPtrap collector addressed for J release).  SNMPTRap container pending to be released. 

2. Best-Practice

   1. REQ-1073 - Integration base image   - Impact for VESCollector/RestConf/SliceAnalysis

   2. REQ-1072 - Standardized log fields  - Jakarta Best Practice Proposal for Standardized Logging Fields - v2 

      1. Need to be assessed for any DCAE MS impact (for future release compliance)

3. Vulnerabilities identified by SECCOM needing version upgrades : DCAEGEN2-3006 - DCAE R10 Vulnerability - SECCOM Report

@Former user (Deleted) @Former user (Deleted)  @Former user (Deleted) 
  DCAEGEN2-3041 (DFC), DCAEGEN2-3049 (pm-mapper), DCAEGEN2-3050 (prh), DCAEGEN2-3051 (sdk), DCAEGEN2-3044 (hv-ves),

@Pawel Kasperkiewicz 
    DCAEGEN2-3045 (ves) 
@Niranjana Y 
    DCAEGEN2-3042  (Tcagen2), DCAEGEN2-3047 (kpi-ms),  DCAEGEN2-3053 (son-handler),  DCAEGEN2-3054  (slice)
@Vijay Kumar 
     DCAEGEN2-3043 (restconf), DCAEGEN2-3046 (mod-genproc), DCAEGEN2-3048  (ves-mapper), DCAEGEN2-3052 (mod2/helm)

Jakarata - Helm migration 

@Vijay Kumar 

Discuss DCAE transformation planned items for J release - DCAEGEN2-2773

Priorities

• Switch components to latest SDK version (DCAEGEN2-2890) blocks DCAEGEN2-2968/DCAEGEN2-3002 (CBS removal) 

  •  Holmes completed; RESTConf in-progress, PM-Mapper - in-progress   

• OOM charts updates to disable Cloudify/handlers (CBS may be exception depending on above item)

  • Iteration 1 (once OOM branching is done)- Disable all cloudify/handlers under dcaegen2 

  • Iteration 2 (M3/Jakarta)- Move VESOpenAPI to dcaegen2-services 

  • Iteration 3 - Remove/move CBS 

• Integration testsuite migration

  • @Krzysztof Kuzmicki  update as of 1/18 

    • Bulk-PM testsuite almost ready for re-enabled in gating (to be worked with Morgan/Michal)

    • CMPv2 will be next followed by DCAE-MOD

• Helm flow support through MOD 

• DMaap Provisioning optimization

  • DR Pub/sub credential handling alignment - OKAY to proceed 

  • Topic/Feed cleanup on undeploy

    • Topic cleanup to be split into separate Jira and assessed later ; Feed cleanup OKAY to proceed. (Impacted by AAF removal, Strimzi Operator introduction)

• Configuration update through Configmap 

  • @Jack Lucas  will review the solution options for  DCAEGEN2-2935

    • Solution options discussed (as documented in jira); will be reviewed with OOM team and option narrowed down for implementation by next week

To Do 

• dcaegen2/deployment - updated to remove CM container build  - DONE

• BBS-Eventprocessor (dcaegen2/services) - Builds and sub-component repo will be removed post ARC meeting/review (M2). 

  • Once approved by ARC - need buld jobs and corresponding helm-charts removed/disabled.

• Documentation update for DCAE deployment and MOD setup

DIscuss PM-Mapper switch to use unauthenticated topic for below items.

• Multiple subscriber issue (DCAEGEN2-2937)

• Dmaap/Strimzi migration

• Servicemesh compliancy

@Vijay Kumar 

EPIC DCAEGEN2-3031 created to track this update for J release

Dependent on DCAEGEN2-3032 (PM-Mapper) -  @Former user (Deleted) / @Former user (Deleted)/Nokia Team (Commitment : WIP (Strectch-goal)

Once delivered, KPI-MS/Slice-Analysis/SON-handler to be updated 

DCAE SDK standardization

EPIC  DCAEGEN2-3030 created to track necessary update

This will be targetted for Kohn release due to on-going work in DMAAP team for Strimzi migration

Notes from last meeting

• @Fiachra Corcoran  indicated DMAAP team looking to build a standardized library for Strimzi/Kakfa migration across ONAP components-  to be confirmed in few weeks. Will hold on DCAE SDK standardization efforts across DCAE MS for time-being.

Open items to be followed-up with @Fiachra Corcoran /DMAAP team

• Any solution to provision unauthenticated  topic/client in DMAAP MR currently part of ONAP deployment?

Currently most of unauthenticated topics (used by DCAE MS) are created on the fly (i.e during first event published). However this causes an issue for MS Client/consumer as they miss the first event (as client gets registered in kafka only after topic is created). This may be required for BulkPM Testsuite/SliceAnalysis/KPI-MS when PM_Mapper is switched to unauthenticated topic.

Preprovision of topic supported under DMAAP-MR but may be phased out with Strimzi migration; workaround could be to send dummy "first" msg before actual event flow. Strimzi auth topic could be option to mitigate (to be checked)

• Assess if DMAAP SDK client lib can be adapted to support Strimzi/Kafka and used as common target library

• HV_VES currently uses direct kafka interfaces; suggestion on how this should be handled part of Strimizi/Kafka migration.  Any recommendation on the library to be used or change HV_VES kafka api's directly? Current kafka client implementation shld work for Strimzi - no new lib proposed.

Servicemesh Compatibility for DCAE MS

@Vijay Kumar 

-- Discussion deferred to next meeting --

EPIC DCAEGEN2-3037 created for tracking DCAE impact; currently marked as "Stretch-Goal" for J (TBC)

Analysis for all DCAE services captured here - DCAE Services Component - Service Mesh Compatibility

• Component owners to review findings and support non-TLS mode as config + startup without dependency on AAF cert

Need volunteers to support 

General discussion

• Servicemesh support - DCAE component impact on below 

1.  

   1. Allow http support (early J release) - DCAE components that rely only on HTTPS will be impacted

      1. Partial analysis completed; impact limited to 1-2 MS currently - will share the report into WIKi/next meeting - @Vijay Kumar 

   2. Components dependent on AAF cert 

      1. DR depenency on AAF is primarily on cert (auth is done local)

      2. Share the current findings and create wiki to capture the dependencies for DCAE components - @Vijay Kumar 

   3. Secure topic/feed dependency - DFC, PM-Mapper, PNF-Reg, SliceAnalysis, BBS-Ep

• Impact from DMAAP-MR → Strimzi/Kafka

  • Pub/sub API change - may need to integrate with new SDK provided by DMAAP team; all DCAE MS will have impact to align with new SDK.

    • SDK client lib need to have backward compatibility with MR (controlled via ENV/deployment property)

  • Mapping service - Alternate solution proposed by @Fiachra Corcoran /DMAAP team could be candidate solution; avoid technology dependency and can be handled generic across all MS without much impact

  • Provisioning API will change - DCAE helm template job MR provisioning template/scripts to be revisited under Strimzi/Operator

Topics/Demos' for future meetings

<Topics can be added below by presenters as they are ready>

TBD - Demo for DCAE MOD Helm flow support - @Vijay Kumar 

@Vijay Kumar

NA

@Tony Hansen

NA

@Jack Lucas

NA

@Former user (Deleted)

NA

@Former user (Deleted)

NA

@Former user (Deleted)

NA

@Niranjana Y 

NA