2020-07-01 DCAE Meeting Notes

Owned by Vijay Kumar
Last updated: Jul 01, 2020
4 min read

Bridge

[dcaegen2] Team ONAP11, Wed UTC 14:30

https://zoom.us/j/98967242523 
Meeting ID: 989 6724 2523
One tap mobile
+16465588656,,98967242523# US (New York)

Dial by your location
        +1 646 558 8656 US (New York)
        +1 669 900 6833 US (San Jose)
        877 369 0926 US Toll-free
        855 880 1246 US Toll-free
Meeting ID: 989 6724 2523
Find your local number: https://zoom.us/u/ad1U59khic

Recording:

DCAE_Weekly_07012020.mp4

Attendees:

Host: Vijay Kumar


Discussion Topics:



 Time (est) Topics Requester/Assignee Notes/Links




START RECORDING

PARTICIPANT LIST

1
Project Status & General updates

Vijay Kumar

Review any open items from discussion 





El-Alto Maintenance Candidates

Possible Doc updates (to revise TLS-init container version)

Any other changes to be included for maintenance release? NO




Frankfurt Maintenance Candidates

?

SON_Handler (Wipro)

2
 Python 3.8 migration

Michal.Jagiello@t-mobile.pl

DIscuss DCAE components 3.8 migration support

3
VES Collector performance testing reportPawel Kasperkiewicz
  • VESCollector peformance test results  (deferred to next week)
4
stndDefined added to vesEventListener spec

damian.nowak

Review open items/question around dynamic schema handling (using config-map)
5
Impact assessment for other mandatory non-functional REQ

Vijay Kumar

REQ-374 ONAP shall use STDOUT for logs collection (PTL)  


REQ-373 ONAP must complete update of the Python language (from 2.7 -> 3.8) (MUST-HAVE)

  • Except Cloudify/Plugin + SNMP trap ,, all other components will be updated to 3.8

REQ-366 Containers must crash properly when a failure occurs (MUST-HAVE)

REQ-365 Containers must have no more than one main process (MUST-HAVE)

  • Cloudify - need exception. 
  • Other DCAE components complaint?


REQ-364 Replace NodePorts with ingress controller as a default deployment option (PTL)

  • Not committed from DCAE/platform impact perspective. OOM changes impacting DCAE will be supported/reviewed based on community support. CMPv2 will use design based on Nodeport (and support TLS/passthrough for Ingress)


Recommended lib version by SECCOM -->

REQ-323 Each project will update the vulnerable direct dependencies in their code base (MUST-HAVE)


(deferred to next week)

https://lists.onap.org/g/onap-discuss/message/21345?p=,,,20,0,0,0::Created,,Updating+Vulnerable+Direct+Dependencies,20,2,0,74898235

Guilin vulnerability recommendations in all of the project tables.

  • Spring version: 5.2.7.RELEASE
  • Jetty-http: 9.4.23.v20200521
  • Guava: 29.0-jre
  • Tomcat-embed-core: 9.0.36
  • Bootstrap: 4.5.1
  • Jackson-core, jackson-databind: 2.11.0
  • Jackson-mapper-asl: replace with jackson-databind 2.11.0
  • Webjars jquery: 3.5.1
  • Apache.webcomponents httpclient: 4.5.12

Corresponding Oparent updates - https://wiki.onap.org/pages/viewpage.action?pageId=10783020



REQ-379 (ONAP projects must use only approved and verified base images for their containers)

(deferred to next week)

https://lf-onap.atlassian.net/wiki/display/DW/Database%2C+Java%2C+Python%2C+Docker%2C+Kubernetes%2C+and+Image+Versions

java is based on debian, for python it is based on alpine
Pending TSC approval for java

Docker files are here:
java: https://git.onap.org/integration/docker/onap-java11/tree/
python: https://git.onap.org/integration/docker/onap-python/tree/
and images are built though jjb

there are available on the nexus
https://nexus3.onap.org/#browse/search=keyword%3Donap%2Fintegration-java:c60bc6b9612f47d368c19be6ea730120
https://nexus3.onap.org/#browse/search=keyword%3Donap%2Fintegration-java:22b3686a9064fa3d02b9686c538dc15d


Releates to REQ-351 (java upgrade)



CMPv2 DCAE Integration

Pawel Baniewski

Discuss open question

  • Review open submission
  • Dependency on ContainerizedPlatformComponent→ ContaineredServiceComponent
  • Dedicated meeting for blueprint gen & k8s (target next week)









Backlog from prev meeting  - will be discussed as time permits
6
AAF change impact

Fiachra Corcoran Jack Lucas

aaf_agent (2.1.20) generates cert as root; this prohibits making change to cert within container (as most of containers are running as non-root).

  • one option is for separate truststore for external (discussed under CMPv2)
  • resolve the ownership for current cert/truststore to non-root user (+ common onap usergroup + and add this usergroup into container)
    • change aaf_agent to default to non-root

DCAE change to be assessed based on CMPv2 proposal; generic onap/usergroup to be discsussed with AAF team 

AAF-1156 - Getting issue details... STATUS

06/10 - More details on next meeting with Pawel Baniewski ; AAF_agent change/support to be confirmed. 

7
Guilin 

Vijay Kumar

DCAE Guilin Priorities

Platform 

  • Plugin migration from CCSDK to DCAE (CCSDK-2325 & DCAEGEN2-2207 )
    • Plugin migration (completed)
    • bootstrap (in-progress)
    • blueprint-generator (in-progress)
    • Blueprint impacts (using pg/dmaap)
  • K8S plugin optimization   (DCAEGEN2-2215 - allow env support for docker_config, DCAEGEN2-1791 - Switch to containerizedServiceComponent nodetype); bpgen (Jira to be ref)
  • Plugin/type file import (DCAEGEN2-1789) (Submitted/WIP)


Requirements from OOM team to be discussed with team

  • AAF integration must be configurable

Review backlog Jira/commitment for Guilin

Guilin Release Requirements

DCAEGEN2-2015 (remove DMAAP MR http/3904 dependency) - Fiachra Corcoranwill confirm DMAAP team plans for Guilin

6
DCAE Outstanding Jira & MED priority bugs (Guilin)

Vijay Kumar

DCAEGEN2-2308 PM-Mapper: Wrong 3GPP rel-16 schema format supported (28.550 instead of 28.532)

From prev meeting

DCAEGEN2-2218 - Blocked by AAF changes (AAF-1134)

DCAEGEN2-2219 - DFC's SFTP client doesn't protect from MITM attacks (Guilin)  

   06/10 - Nokia confirmed support; need to get exception from SECCOM team - Pawel Baniewski

   06/03 - Keep SFTP and necessary enhancement to be supported by Nokia. To be confirmed with Oskar/Damian 

DCAEGEN2-2136 - Getting issue details... STATUS  - Joseph O'Leary  - Will check if this Jira is required for Guilin or can wait until Cloudify 3.x upgrade is available (stretch goal for Guilin) 

Guilin

key summary type created updated due assignee reporter priority status resolution
Refresh

8
MOD OnboardingAPI  issue

Joseph O'Leary

  • DFC spec to be corrected and verify onboarding/distribution through MOD (manual deletion via PG DB can be done if required)  - Joseph O'Leary
  • Deven investigating with original DFC spec/recovery

Open question from prev meeting

  • To verify OnboardingAPI has delete option - Vijay Kumar
    • No delete api in OnboardingAPI
  • Bp-gen issue for DFC spec - Joseph O'Leary to verify with bp-gen 1.3.1 jar
    • Verified; not a bp-gen issue. 





Frankfurt Artifacts Release versions

Check "Artifacts released" section under RTD - https://docs.onap.org/en/latest/submodules/dcaegen2.git/docs/sections/release-notes.html

Open Action Items



Seeking Community support

Topic/JIRACurrent Status Planned Work
Docker build consistentency ( DCAEGEN2-1579)

JIRA cover broad aspect of standardizing DCAE component build process and docker tagging.

  1. Nokia team proposal identifies best practice for docker tagging optimized-dockers-jvm.pdf. 
    1. Following components migrated to new docker tagging best-practice
      1. PRH
      2. PM-Mapper
Need volunteer from community to support
  • Standardize pom/jjb template for all dcae component (java and python)
    • Plugin list alignment with oparent
    • Python build dependency on script to be reduced;