Attendee-List:

• @Andreas Geißler 

• @Jack Lucas 

• @Byung-Woo Jun 

• Vladimir Turok

• Marek Szwalkiewicz

Agenda

Main Topic today:

• "New" ONAP streamlining (ONAP Streamlining - The Process (Link))

• OOM Issues:

  • Helm versioning

  • Helm dependencies

  • Deployment dependencies

    • → working to test role creation vie ServiceAvvount template

Current activities:

• Montreal plans:
  
  

  • OOM Montreal Release

  • Create Montreal Epics

    • Move Tasks/Tickets to new M Epics

• Release schedule for Montreal (Release Planning: Montreal)

  • Under discussion, if and how a release should look like in the new "ONAP"

• S2S Authorization (OOM-3191: Service 2 Service Authorization with Service MeshOpen):

  • SO, AAI analyzed and discussions will be started

  • Presentation: https://lf-onap.atlassian.net/wiki/download/attachments/16521422/Service_Mesh_Basic_Auth_Elimination_Analysis.pdf?api=v2 

  • Seshu will be contacted to discuss the SO changes (roles/users,,...)

  • SDC will be contacted by @Andreas Geißler and Portal Team

  • Jira tasks are created under OOM-3191: Service 2 Service Authorization with Service MeshOpen

• External ONAP Access using Authentication OOM-3192: External ONAP Access using AuthenticationClosed

  • Patch for _ingress.tpl to add "AuthorizationPolicy"

  • Test it with SDC FE

• DB Update (Cassandra, MariaDB,...) OOM-3183: Update the Cassandra, MariaDB, Postgres chartsClosed

  • Cassandra Operator patch OOM-3226: Update shared cassandra to 4.0.1 using k8ssandra-operatorClosed merged

• Helm Chart Updates OOM-3082: Helmchart updatesOpen

  • Added some tasks 

    • OOM-3208: Improve Helm Chart VerifiicationOpen Improve Helm Chart Verification

    • OOM-3227: Make charts ready for a Namespace changeOpen Make charts ready for a Namespace change

• Create and implement a helm chart versioning concept OOM-3079: Create and implement a helm chart versioning conceptClosed

  • Check with @Florian Bachmann 

• Extend the Ingress template and add Component ingress configuration OOM-3075: Extend the Ingress template and add Component ingress configurationClosed

  • Patch planned soon to support Gateway-API OOM-3108: Investigate to change to K8S Gateway-APIClosed

• Others:

  • Resource Limits correction planned @vladimir turok 

  • ServiceAccount setting for Jobs are missing

  • MessageRouter removal (to be checked with @Fiachra Corcoran 
    
    
    

Open Jira issues:

Showing 20 out of 103 issues Refresh

Backlog from older meetings (to be cleaned up)

Pending component fixes:

(2023-05-03: No update)

• CDS-UI CCSDK-3814 - CDS-UI must be able to listen on HTTP Open → DT /TM has a look

  • maybe postpone to M

• SO Monitor SO-4027 - Make SO-Service-Monitor ServiceMesh compatible Open → Byung mentioned, that E/// team try to resolve the issue (Byung's note: It was assigned to Viresh Navalli, Capgemini. E/// plans to assist Viresh as needed.)
  → postpone to Montreal

• CLI will not work without fix... ( OOM-3096 - [CLI] Remove AAF dependency Delivered )

• UUI - not clear if working

  • MSB issue reported: MSB-755 - The route from the MSB module to the usecase-ui module does not support HTTP Closed (helong <hwx171157@163.com>)

Helm chart cleanup: OOM-2975 - Remove dependencies on AAF Open

(2023-05-10: No update)

• Common → Andreas

• Platform

• MSB

• VFC

Ingress enhancements for non-HTTP interfaces:

• External Kafka access → https://gerrit.onap.org/r/c/oom/+/133767

  • Doc: Test external Kafka access in London

• SDNC CallHome (SSH) → part of https://gerrit.onap.org/r/c/oom/+/133861

• Plan to update _ingress.tpl for Gateway-API support and AuthorizationPolicy

Oauth2-proxy setup (Andreas):

(2023-05-03: No update)

• Documentation: Oauth2-Proxy implementation and configuration

• Oauth2-Proxy: https://gerrit.onap.org/r/c/oom/+/130445

• Adding Oauth2-proxy client to ONAP realm: https://gerrit.onap.org/r/c/oom/+/133699

To be started:

(2023-05-03: No update)

• Ingress template improvements:

  • OOM-3108 - Investigate to change to K8S Gateway-API Open

  • OOM-3075 - Extend the Ingress template and add Component ingress configuration Open

• Remove unused components:

  • OOM-3074 - Remove components and options from charts Open

• MariaDB:

  • OOM-3072 - Resolve and improve the existing MariaDB-Galera templates Open → DT (with TM) to investigate

• Remove NodePort in Ingress environments:

  • OOM-3012 - Remove NodePort in Service definitions under ServiceMesh In Progress → will be automatically fixed with cleanups

• UDP Ingress support:

  • UDP Nodeport support in _service-tpl OOM-3107 - Allow NodePorts for UDP services Open → can be closed

  • Possible solution: UDPRoute support in Gatway-API

Others:

(2023-05-03: No update)

• SDC Listener HTTP issue SDC-4233 - SDC Distribution Client should work with lower-case Header entries Closed → Marek provided patch → merged, need to be released and can be used in the clients

  • When released, all clients need to be updated (CDS, AAI, Policy, SO, ...)

  • Create tickets for all clients....

2023-05-31:  Discussed presentation to TSC/PTL meeting proposing a new global requirement to rely (exclusively) on service mesh mechanisms for intra-ONAP authentication and authorization (get rid of HTTP basic auth).  To be presented to TSC on 2023-06-01.