2020-07-08 DCAE Meeting Notes

Owned by Vijay Kumar
Last updated: Jul 09, 2020 by Pawel Kasperkiewicz
4 min read

Bridge

[dcaegen2] Team ONAP11, Wed UTC 14:30

https://zoom.us/j/98967242523 
Meeting ID: 989 6724 2523
One tap mobile
+16465588656,,98967242523# US (New York)

Dial by your location
        +1 646 558 8656 US (New York)
        +1 669 900 6833 US (San Jose)
        877 369 0926 US Toll-free
        855 880 1246 US Toll-free
Meeting ID: 989 6724 2523
Find your local number: https://zoom.us/u/ad1U59khic

Recording:

DCAE_Weekly_07082020.mp4

Attendees:

Host: Vijay Kumar



Discussion Topics:



 Time (est) Topics Requester/Assignee Notes/Links




START RECORDING

PARTICIPANT LIST

1
Project Status & General updates

Vijay Kumar

Review any open items from discussion 




El-Alto Maintenance Candidates

Possible Doc updates (to revise TLS-init container version)

Any other changes to be included for maintenance release? NO




Frankfurt Maintenance Candidates

SON_Handler (Wipro)

  • Vijay Kumar  - To check if outstanding frankfurt branch commit pending.  No blueprint/bootstrap revision required; Frankfurt doc to be updated for version update.

Other DCAE components? NO

2
 Python 3.8 migration status

Michal.Jagiello@t-mobile.pl

DIscuss DCAE components 3.8 migration support (deferred)

3
VES Collector performance testing reportPawel Kasperkiewicz
  • VESCollector peformance test results  

Comments

  • Identify max RPS/EPS on ONAP recommended setup to determine when VESCollector instance must be scaled
  • Add current measurement report into Frankfurt/DCAE VES collector documentation as baseline result (can be used for comparison for Guilin/future release)
  • Include test with different type of events/domains to verify multiple topic distribution within VESCollector
  • Consolidate performance test framework components to avoid duplication across different repo and simplify maintenance/integration
  • Prometheus integration within ONAP and DCAE need further discussion
  • Link to presentation: VES Collector Performance Test#Presentation


Huawei support for RESTConf

Mukesh Paliwal





All remaining topics deferred to next week 
4
Impact assessment for other mandatory non-functional REQ

Vijay Kumar

REQ-374 ONAP shall use STDOUT for logs collection (PTL)  

REQ-373 ONAP must complete update of the Python language (from 2.7 -> 3.8) (MUST-HAVE)

  • Except Cloudify/Plugin + SNMP trap ,, all other components will be updated to 3.8

REQ-366 Containers must crash properly when a failure occurs (MUST-HAVE)

REQ-365 Containers must have no more than one main process (MUST-HAVE)

  • Cloudify - need exception. 
  • Other DCAE components complaint?


REQ-364 Replace NodePorts with ingress controller as a default deployment option (PTL)

  • Not committed from DCAE/platform impact perspective. OOM changes impacting DCAE will be supported/reviewed based on community support. CMPv2 will use design based on Nodeport (and support TLS/passthrough for Ingress)


DCAE Guilin Priorities

Guilin Release Requirements

Requirements from OOM team to be discussed with team

  • AAF integration must be configurable

DCAEGEN2-2015 (remove DMAAP MR http/3904 dependency) - Fiachra Corcoranwill confirm DMAAP team plans for Guilin

5

Recommended lib version by SECCOM -->

REQ-323 Each project will update the vulnerable direct dependencies in their code base (MUST-HAVE)

Vijay Kumar

https://lists.onap.org/g/onap-discuss/message/21345?p=,,,20,0,0,0::Created,,Updating+Vulnerable+Direct+Dependencies,20,2,0,74898235

Guilin vulnerability recommendations in all of the project tables.

  • Spring version: 5.2.7.RELEASE
  • Jetty-http: 9.4.23.v20200521
  • Guava: 29.0-jre
  • Tomcat-embed-core: 9.0.36
  • Bootstrap: 4.5.1
  • Jackson-core, jackson-databind: 2.11.0
  • Jackson-mapper-asl: replace with jackson-databind 2.11.0
  • Webjars jquery: 3.5.1
  • Apache.webcomponents httpclient: 4.5.12

Corresponding Oparent updates - https://wiki.onap.org/pages/viewpage.action?pageId=10783020

6
REQ-379 (ONAP projects must use only approved and verified base images for their containers)

Vijay Kumar

https://lf-onap.atlassian.net/wiki/display/DW/Database%2C+Java%2C+Python%2C+Docker%2C+Kubernetes%2C+and+Image+Versions

java is based on debian, for python it is based on alpine
Pending TSC approval for java

Docker files are here:
java: https://git.onap.org/integration/docker/onap-java11/tree/
python: https://git.onap.org/integration/docker/onap-python/tree/
and images are built though jjb

there are available on the nexus
https://nexus3.onap.org/#browse/search=keyword%3Donap%2Fintegration-java:c60bc6b9612f47d368c19be6ea730120
https://nexus3.onap.org/#browse/search=keyword%3Donap%2Fintegration-java:22b3686a9064fa3d02b9686c538dc15d


Releates to REQ-351 (java upgrade)


Boostrap/Cloudify Guilin new container released update

Jack Lucas

https://gerrit.onap.org/r/c/oom/+/109470

  • Plugin migration from CCSDK to DCAE (CCSDK-2325 & DCAEGEN2-2207 )
    • Plugin migration (completed)
    • bootstrap (in-progress)
    • blueprint-generator (in-progress)
    • Blueprint impacts (using pg/dmaap)
  • K8S plugin optimization   (DCAEGEN2-2215 - allow env support for docker_config, DCAEGEN2-1791 - Switch to containerizedServiceComponent nodetype); bpgen (DCAEGEN2-2144)
  • Plugin/type file import (DCAEGEN2-1789) 




Backlog from prev meeting  - will be discussed as time permits
8
AAF change impact

Fiachra Corcoran Jack Lucas

aaf_agent (2.1.20) generates cert as root; this prohibits making change to cert within container (as most of containers are running as non-root).

  • one option is for separate truststore for external (discussed under CMPv2)
  • resolve the ownership for current cert/truststore to non-root user (+ common onap usergroup + and add this usergroup into container)
    • change aaf_agent to default to non-root

DCAE change to be assessed based on CMPv2 proposal; generic onap/usergroup to be discsussed with AAF team 

AAF-1156 - Getting issue details... STATUS

06/10 - More details on next meeting with Pawel Baniewski ; AAF_agent change/support to be confirmed. 

9
DCAE Outstanding Jira & MED priority bugs (Guilin)

Vijay Kumar

DCAEGEN2-2308 PM-Mapper: Wrong 3GPP rel-16 schema format supported (28.550 instead of 28.532)

From prev meeting

DCAEGEN2-2218 - Blocked by AAF changes (AAF-1134)

DCAEGEN2-2219 - DFC's SFTP client doesn't protect from MITM attacks (Guilin)  

   06/10 - Nokia confirmed support; need to get exception from SECCOM team - Pawel Baniewski

   06/03 - Keep SFTP and necessary enhancement to be supported by Nokia. To be confirmed with Oskar/Damian 

DCAEGEN2-2136 - Getting issue details... STATUS  - Joseph O'Leary  - Will check if this Jira is required for Guilin or can wait until Cloudify 3.x upgrade is available (stretch goal for Guilin) 

Guilin

key summary type created updated due assignee reporter priority status resolution
Refresh

10
MOD OnboardingAPI  issue

Joseph O'Leary

  • DFC spec to be corrected and verify onboarding/distribution through MOD (manual deletion via PG DB can be done if required)  - Joseph O'Leary
  • Deven investigating with original DFC spec/recovery

Open question from prev meeting

  • To verify OnboardingAPI has delete option - Vijay Kumar
    • No delete api in OnboardingAPI
  • Bp-gen issue for DFC spec - Joseph O'Leary to verify with bp-gen 1.3.1 jar
    • Verified; not a bp-gen issue. 





Frankfurt Artifacts Release versions

Check "Artifacts released" section under RTD - https://docs.onap.org/en/latest/submodules/dcaegen2.git/docs/sections/release-notes.html

Open Action Items



Seeking Community support

Topic/JIRACurrent Status Planned Work
Docker build consistentency ( DCAEGEN2-1579)

JIRA cover broad aspect of standardizing DCAE component build process and docker tagging.

  1. Nokia team proposal identifies best practice for docker tagging optimized-dockers-jvm.pdf. 
    1. Following components migrated to new docker tagging best-practice
      1. PRH
      2. PM-Mapper
Need volunteer from community to support
  • Standardize pom/jjb template for all dcae component (java and python)
    • Plugin list alignment with oparent
    • Python build dependency on script to be reduced;