30 mins

Cross-project discussion

• This meeting is reduced to 30 minutes

• host: @Byung-Woo Jun 

ONAP and LFN Collaboration

@Byung-Woo Jun

Discussions between Arpit Joshipura, Byung-Woo Jun, Jill Lovato, Louis Illuzzi and Sunny Cai:

• Highlight the value proposition of ONAP, including overall statistics (e.g., contributors, LOC, etc.) over its lifetime.

• ONAP messaging 2025

ONAP DTF Days 2025

@Byung-Woo Jun

• Byung-Woo Jun, created a page for ONAP DTF DAYs 2025; we plan to collect ONAP DTF session topics here before presenting them to LFN, and schedule for the event.

TSC Strategy

@Byung-Woo Jun

PTL input?

Byung-Woo Jun presented the brainstorm at the TSC meeting this week.

Brainstorm:

• Ensure ONAP core components are focused and operate independently, from build to runtime

  • DT finishes Argo-CD based component independent deployment: @Andreas Geißler

    • Argo-CD /Flux are a DT choice, but ONAP can allow other CDs,

    • DT plans to productize some of the selected ONAP core components early next year in their TNAP production environment

  • Declarative and Intent-based component operations by the Repository-based Network Automation : see the ideas from ONAP Architecture Evolution - 2025.pdf

• Make ONAP core components more autonomous and ready for use by both ONAP, LF and other external users

  • During New Delhi and Oslo releases, CPS and Policy achieved the OpenSSF Gold Badging status. Kudos to the team!

  • Continue to promote/facilitate other ONAP core components for the Gold Badging status (e.g., UUI, SDNC, A&AI, Portal-NG)

    • @Dan Timoney , @Keguang He @Fiete Ostkamp : are you interested in this Gold Badging? aiming silver badge for AAI

• Incorporate more GenAI capabilities and use cases to the ONAP components, and promote the adoption of open-source LLM models and frameworks aligned with LF AI & Data and GenAI Commons

  • Collaborate with LF AI & Data GenAI Commons and Nephio GenAI for 5G and 6G

  • Open-source based models and controls

  • AI-Based Control Loop: @Dong Wang

  • AI Model-As-A-Service : @Keguang He

  • ETSI ISG NFV compliance for AI?

• Foster inter-community collaboration with other LF communities, such as O-RAN and Nephio

  • SDNC enhancements (which is used by O-RAN OAM as is): @Dan Timoney

  • Resource-based Orchestration Pattern (leveraging CD and Operator)

  • Energy saving / monitoring : @N.K. Shankaranarayanan

• Ensure the security of ONAP components and operations : @SECCOM

  • The latest security mechanism for communications (service mesh enhancements leveraging Istio and coming Ambient Mesh)

  • Deprecate unused sub-components and mitigate security vulnerabilities

• Define a secure LFN CI/CD pipeline by leveraging OpenSSF-associated reference tools : @SECCOM

Paris Release Update

@Byung-Woo Jun

PTLs

• The next Paris release schedule is TSC approved on 05 Dec 2024 , Release Planning: Paris 

  • TSC approved the current Paris release schedule on December 5th

  • An ArgoCD deployment to provide an alternative the helm deployment

  • RAN Simulator enhancement

  • Policy-OPA-PDP

  • MAAS

  • SDC Ruby upgrade

  • Project package upgrade

  • Portal-NG Angular 17 update, a new page for viewing AAI inventory; will be added to the key update page.

• PTLs, if you have any feature update, please add to the Paris key update wiki page and review the feature update with ARCCOM.

• Long Term Release Roadmap

• Release Planning: Paris

• Paris Release Key Updates

• Paris Milestone Status

• Software Package Upgrade

  • SDC, MultiCloud and DCAE (without PTLs) are open; DT offered their help on  SDC, MultiCloud and DCAE.

  • Seshu and Sanket will check the SO package upgrade.

Paris Architedcture

• Paris Architecture place holders, Paris-R16 Architecture/ArchCom Wiki Page

• PTLs, please update your project contents for Paris

Security

• Byung-Woo Jun, Possible new work item: Consultation on OpenSSF badging and CVE reduction for Nephio.

  • Nephio SIG Security team is looking for a solution for OpenSSF badging and CVE reduction for Nephio. ONAP SECCOM could share their insights with the Nephio team.

  • Byung-Woo Jun, plan to coordinate the collaboration between ONAP SECCOM and Nephio SIG Security.

• Gold badging consultation to AAI?? For now, aiming for Silver badging first

• Runtime CI/CD presentation by Lincoln Lavoie from UNH at the SECCOM meeting on March 4, 2025.

  • Byung-Woo Jun, This could be a good study/investigation for ONAP Runtime CI/CD

• Byung-Woo Jun, Should we work on the secure ci/cd for LFN?

• Andreas provided the list of the Java versions per project. versions_reporting.html ONAP-Component-Java-Versions_Reporting..pdf

  • AP: Dan Timoney, try it with SDNC to build basic image automatically regularly and update Docker file as needed. He will try it and let us know. 

    • Dan will share his testing results with us. 

  • Nexus-IQ scan for Node.js and Angular in ONAP: Paweł Pawlak, opened a LF IT ticket, https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27757 

    • Kevin Sandi,  will check with Matt and estimate the effort; already provide info; github action can support; we can close this ticket.

    • @Paweł Pawlak , will look at Kevin’s comments

    • Matthew will take a look at the Maven job.

      • call-sonatype-lifecycle:

            needs: [notify]

            # yamllint disable-line rule:line-length

            uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml@98e376a377e4622da10ce286a618343c733e41c2 # 2024-10-24

            secrets:

              NEXUS_IQ_PASSWORD: ${{ secrets.NEXUS_IQ_PASSWORD }}

      • gerrit-merge.yaml

      • releng-reusable-workflows/.github/actions/node-build-action/action.yaml at main · lfit/releng-reusable-workflows

GoLang Job Issues

@murali parthasarathy k

@Deena Mukundan

@Ramesh Murugan Iyer

@Kevin Sandi

• Kevin Sandi, any update?

• Deena Mukundan, 

  • Last TSC meeting we discussed on kafka issue and it was updated that still work is in progress. All updates are mentioned in the ticket. Thanks, it seems to be working now (edited) 

• IT-27801; Kevin Sandi, please take a look at this. 

• murali parthasarathy k, NexusIQ license header issue - scanning; Paweł Pawlak, will take a look what kind of errors

  • Found licenses in the 'License not determined' license threat group ('Not Provided'); Paweł Pawlak, contact the code originator to add the license header

RelEng/Infrastructure

@Kevin Sandi

For Paris

@Toine Siebelink , created a new ticket, https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27475 .

• Any update? @Kevin Sandi will work on it later; backlog

• make a job build more intelligent - still ongoing

OOM Update & MSB Dependencies

@Andreas Geißler

• OOM Update?

• @Andreas Geißler , @Fiete Ostkamp - Working on patches to improve timing and performance on startup

• Argo and Flux ready

• AAI, SDC…

@Fiete Ostkamp

• Sonatype scanning reports from netxus-iq: some of the applications have not been scanned; need to clean up deprecated ones from the reports. @Fiete Ostkamp will issue a ticket to Matt. matt cleaned up all the old (anything older than 20 months; read-only) projects; done? Matt will check…

  • @Fiete Ostkamp https://gerrit.onap.org/r/q/project:dcaegen2%252Fplatform%252Fcdapbroker

• Done;

NexusIQ V Spreadsheet

@Amy Zwarico

• Amy’s presentation the NexusIQ vulnerability spreadsheet management to PTLs - next time

Testing Environment

Testing Improvement

CSIT Review

ToolChain Improvement

Documentation

Other Improvement suggestion

Sharing Best Practices

IF TIME ALLOWS ....

15 mins

Release status

5 mins

Upcoming Events

@LJ Illuzzi

@Byung-Woo Jun

• KubeCon+CloudNativeCon, and Open Networking & Edge Summit, next April 2025 in London

• Open Networking & Edge Summit Registration: Register | LF Events

  • There are no community sessions for this event. It’s a 100% curated agenda. There will be keynotes by LFN and LFE, and strategy sessions.

  • Take the 2025 Networking & Open Source Survey. Take the survey and get 30% off registration for Open Networking & Edge Summit LF Networking on LinkedIn: 📶 CALLING ALL NETWORKING PROFESSIONALS! We want to hear from YOU. 📍…

    • Whats the survey about? LFN is partnering with Linux Foundation Research to explore trends and priorities in open source networking. We're looking for insights from industry professionals to get a better picture of open source use, opportunities, and challenges in the telecom industry.

• LFN's KubeCon + CloudNative Con EU sponsorship that enables us to host Cloud Native Telco Day. LFN will have a booth onsite at the main KC + CNC show floor,  April 2-4. 

  Call to Action- LFN is looking for community members to help staff the booth, as well as project or collaborative demos that we can showcase in the booth.

Reach out to Jill Lovato if you want to volunteer at the LFN booth or have a project or

collaborative demo to showcase at the booth

jlovato@linuxfoundation.org

• 2025 LFN Events- as per the guidance of LFN Governing Board

  • All projects can have a virtual dev event (with LF help) to focus on upcoming releases and strategy

  • A series of virtual workshops around a specific topic (to be determined by the TAC) - eg Domain Specific AI, Security, etc

• LF Member Summit: March 18-20, Napa, California;

  Registration for the Linux Foundation Member Summit 2025 is now open!  

  • Click here to log in and start the registration process.

  • Select the registration type "Invitation Acceptance".

  • Enter the voucher code LFMS24AIDBOARD in the code field and click Next.

  • Complete the required questions and click Submit on the Payment page to finalize your registration.

  • We will have a Member Meetup the day before from 1-5pm for any members that are planning to join!

10 mins

Remaining Action Items