OOM Meeting Notes - 2023-08-23
Attendee-List:
@Andreas Geißler
@Jack Lucas
@Byung-Woo Jun
@Andrew Lamb
Vladimir Turok
Marek Szwalkiewicz
Agenda
Video:
Current activities:
Request to add RAN simulator chart to OOM (@Vishal Varvate )
Question:
Should we separate the ONAP testing component charts ? (OOM-3085: [TEST] Move test components out of main chartReopened)
→ Proposed to add the charts to Integration repo → reply from Vishal
Thank you Marek and Andreas for your reply.
Yes, I see integration repo is having all the simulator charts ,so for consistency purpose, we can add the ran sim chart on the integration repo ,that’s also ok for us.
@N. K. Shankar, Any comment if you want to add.
DB Update (Cassandra, MariaDB,...) OOM-3183: Update the Cassandra, MariaDB, Postgres chartsClosed
MariaDB-Operator in progress (https://gerrit.onap.org/r/c/oom/+/135759)
→ Issue found regarding Readiness probe (https://git.onap.org/oom/readiness/tree/ready.py)
Probe checking the container name for the mariadb instance name, which does not work for mariadb-operator nor k8ssandra-operator instances
option "-pod" needs to be added to check the pod name
S2S Authorization (OOM-3191: Service 2 Service Authorization with Service MeshOpen):
InfoSys support (check with @Girish Kumar )
SO, AAI analyzed and discussions will be started
Presentation: https://lf-onap.atlassian.net/wiki/download/attachments/16521422/Service_Mesh_Basic_Auth_Elimination_Analysis.pdf?api=v2
Seshu will be contacted to discuss the SO changes (roles/users,,...)
SDC will be contacted by @Andreas Geißler and Portal Team
Jira tasks are created under OOM-3191: Service 2 Service Authorization with Service MeshOpen
Urgent issue with AAF certificate expire:
AAF-1217: AAF cert service failed to start (expired certificate)In Progress
Problem:
no description available to re-generate the CA certitficate or how to extend its expiry date
Files:
@Jack Lucas DMaaP BC controller will be removed (https://gerrit.onap.org/r/c/oom/+/135794?usp=search)
Healthchecks will be removed from tesuite
ONAP streamlining
new charts: https://jira.onap.org/secure/attachment/18952/ONAPStreamliningWorkItems-2023-8-22.pptx
Jira tickets will be added to the different components
need to check with @Thomas Kulik about documentation versioning
External ONAP Access using Authentication OOM-3192: External ONAP Access using AuthenticationClosed
Patch for _ingress.tpl to add "AuthorizationPolicy"
Test it with SDC FE
Adding charts for portal-ng
Planned for the next week (@Fiete Ostkamp )
Helm Chart Updates OOM-3082: Helmchart updatesOpen
Added some tasks
OOM-3208: Improve Helm Chart VerifiicationOpen Improve Helm Chart Verification
OOM-3227: Make charts ready for a Namespace changeOpen Make charts ready for a Namespace change
Others:
Should we separate the ONAP testing component charts ?
Resource Limits correction @vladimir turok
to be checked, whether CPU limits should be used again (https://gerrit.onap.org/r/c/oom/+/135433)
MessageRouter removal (to be checked with @Fiachra Corcoran
Should we add charts for ONAP-Base (strimzi, keycloak,...) ?
Open Jira issues:
T | Key | Summary | Assignee | Reporter | P | Status | Resolution | Created | Updated | Due |
---|---|---|---|---|---|---|---|---|---|---|
Alexander Dehn | Alexander Dehn | In Progress | Unresolved | Apr 27, 2023 | Apr 27, 2023 |
| ||||
service-mesh-wait-for-job-container fails, when no sidecar exists | Andreas Geissler | Andreas Geissler | Open | Unresolved | Apr 27, 2023 | Apr 27, 2023 |
| |||
Alexander Dehn | Alexander Dehn | In Progress | Unresolved | Apr 25, 2023 | Apr 26, 2023 |
| ||||
Alexander Dehn | Herbert Eiselt | In Progress | Unresolved | Apr 24, 2023 | Apr 27, 2023 |
| ||||
Andreas Geissler | Andreas Geissler | Open | Unresolved | Apr 24, 2023 | Apr 24, 2023 |
| ||||
Marek Szwałkiewicz | Marek Szwałkiewicz | Open | Unresolved | Apr 24, 2023 | Apr 24, 2023 |
| ||||
Kiali Validation - KIA0601 - Port name must follow [-suffix] form | Fiete Ostkamp | Fiete Ostkamp | In Progress | Unresolved | Apr 19, 2023 | Apr 19, 2023 |
| |||
Andreas Geissler | Andreas Geissler | Open | Unresolved | Apr 19, 2023 | Apr 19, 2023 |
| ||||
Fiachra Corcoran | Andreas Geissler | Open | Unresolved | Apr 13, 2023 | Apr 13, 2023 |
| ||||
Miroslav Masaryk | Miroslav Masaryk | Open | Unresolved | Apr 12, 2023 | Apr 13, 2023 |
| ||||
Andreas Geissler | Andreas Geissler | Open | Unresolved | Mar 31, 2023 | Apr 13, 2023 |
| ||||
Andreas Geissler | David McBride | In Progress | Unresolved | Mar 30, 2023 | Apr 26, 2023 |
| ||||
Andreas Geissler | David McBride | Open | Unresolved | Mar 30, 2023 | Mar 30, 2023 | Mar 23, 2023 | ||||
Andreas Geissler | Andreas Geissler | Open | Unresolved | Mar 21, 2023 | Mar 21, 2023 |
| ||||
The chartmuseum binary download URL not working in OOM deployment | Andreas Geissler | Sankar Palanivel | Open | Unresolved | Mar 09, 2023 | Apr 13, 2023 |
| |||
Unassigned | Andrew Lamb | Open | Unresolved | Mar 06, 2023 | Mar 08, 2023 |
| ||||
Unassigned | Andrew Lamb | Open | Unresolved | Mar 06, 2023 | Mar 08, 2023 |
| ||||
Unassigned | Andrew Lamb | Open | Unresolved | Mar 06, 2023 | Mar 08, 2023 |
| ||||
Unassigned | Andrew Lamb | Open | Unresolved | Mar 06, 2023 | Mar 08, 2023 |
| ||||
Unassigned | Andrew Lamb | Open | Unresolved | Mar 06, 2023 | Mar 08, 2023 |
|
Showing 20 out of 103 issues Refresh
Backlog from older meetings (to be cleaned up)
Pending component fixes:
(2023-05-03: No update)
CDS-UI CCSDK-3814 - CDS-UI must be able to listen on HTTP Open → DT /TM has a look
maybe postpone to M
SO Monitor SO-4027 - Make SO-Service-Monitor ServiceMesh compatible Open → Byung mentioned, that E/// team try to resolve the issue (Byung's note: It was assigned to Viresh Navalli, Capgemini. E/// plans to assist Viresh as needed.)
→ postpone to MontrealCLI will not work without fix... ( OOM-3096 - [CLI] Remove AAF dependency Delivered )
UUI - not clear if working
Helm chart cleanup: OOM-2975 - Remove dependencies on AAF Open
(2023-05-10: No update)
Common → Andreas
Platform
MSB
VFC
Ingress enhancements for non-HTTP interfaces:
External Kafka access → https://gerrit.onap.org/r/c/oom/+/133767
SDNC CallHome (SSH) → part of https://gerrit.onap.org/r/c/oom/+/133861
Plan to update _ingress.tpl for Gateway-API support and AuthorizationPolicy
Oauth2-proxy setup (Andreas):
(2023-05-03: No update)
Documentation: Oauth2-Proxy implementation and configuration
Oauth2-Proxy: https://gerrit.onap.org/r/c/oom/+/130445
Adding Oauth2-proxy client to ONAP realm: https://gerrit.onap.org/r/c/oom/+/133699
To be started:
(2023-05-03: No update)
Ingress template improvements:
Remove unused components:
OOM-3074 - Remove components and options from charts Open
MariaDB:
OOM-3072 - Resolve and improve the existing MariaDB-Galera templates Open → DT (with TM) to investigate
Remove NodePort in Ingress environments:
OOM-3012 - Remove NodePort in Service definitions under ServiceMesh In Progress → will be automatically fixed with cleanups
UDP Ingress support:
UDP Nodeport support in _service-tpl OOM-3107 - Allow NodePorts for UDP services Open → can be closed
Possible solution: UDPRoute support in Gatway-API
Others:
(2023-05-03: No update)
SDC Listener HTTP issue SDC-4233 - SDC Distribution Client should work with lower-case Header entries Closed → Marek provided patch → merged, need to be released and can be used in the clients
When released, all clients need to be updated (CDS, AAI, Policy, SO, ...)
Create tickets for all clients....
2023-05-31: Discussed presentation to TSC/PTL meeting proposing a new global requirement to rely (exclusively) on service mesh mechanisms for intra-ONAP authentication and authorization (get rid of HTTP basic auth). To be presented to TSC on 2023-06-01.