94501391330?password=c2f4cfa9-d9f5-4156-9ab2-c141fcdf671f

Passcode: 209247

2024 TSC Recordings	2024 TSC Decisions	Anti-Trust Policy

Antitrust Policy Notice

We will start our meetings by mentioning the project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF.

Attended	Proxy (w/ @name)	Holiday	Did Not Attend

Attendance is taken purely upon #info in Zoom Chat

Andreas Geißler	DT	Keguang He	China Mobile
Byung-Woo Jun	Ericsson	N.K. Shankaranarayanan	Individual
Dan Timoney	AT&T	Paweł Pawlak	CloudLinux/TuxCare
Guanyu Zhu (zhuguanyu)	Huawei
Dong Wang	China Telecom

Antitrust Policy Notice

Agenda Items

Presented By

Presos/Notes/Links/

Strategy (45 minutes)

ONAP takeaways

We are encouraging ONAP consumers to share with us their feedback, so we could prioritize our activities and make ONAP better suited their needs and requirements.

LFN Quality and Security TAC

Byung-Woo Jun

Byung-Woo Jun is an LFN Quality and Security TAC member
Will update with input from the LFN Quality and Security TAC

LFN TAC Update

N.K. Shankaranarayanan

LFN Cross-Organization Updates

Byung-Woo Jun

LJ Illuzzi

Discussions between Arpit Joshipura, Byung-Woo Jun, Jill Lovato, Louis Illuzzi and Sunny Cai:

Highlight the value proposition of ONAP, including overall statistics (e.g., contributors, LOC, etc.) over its lifetime.
ONAP messaging 2025
Report the ONAP message 2025 to LFN TAC on March 19.

ONAP, Nephio and O-RAN WG11 Security Discussion topics, Nephio ONAP and O-RAN WG11 security-OpenSource..pdf

TCC / ONAP Liaison Updates

Task Force Updates

LFN Board Meeting Update - ONAP Evolution Proposal

Byung-Woo Jun

LJ Illuzzi

Ranny Haiby

Approved this proposal by LFN board
ONAP TSC, ARCCOM, OOM, PTLs and SECCOM need to formalize processes for making semi-standalone projects (architecture, CI/CD, Project Release Cycle, Normalized APIs, Security, documentation)

Our proposals (Byung discussed them with Arpit, Ranny):

ONAP Organization Chart.
The ONAP function will have a more descriptive namespace / prefix for external clients.
For the time being, the OOM provides a lot of useful services for the ONAP projects. Therefore, the common services and OOM would be included by default. However, the telecom operators could choose alternative integration options; for example, if telecom operators prefer to use their own security, secure communications and CD (ArgoCD, Flux), we do not preclude those integration choices. We plan to provide comprehensive documentation on this.
- Strimzi, Istio, Keycloak, ONAP CI/CD pipeline, ArgoCD and Flux)
- Current common helm chart repo needs to be separated per project
The ONAP TSC, ARCCOM and SECCOM oversee ONAP projects to ensure best practices, a uniform architecture, and security.
The ONAP Documentation team will continue to provide official ONAP documentation for the time being
Currently, ONAP project functions are decoupled from security, secure communication and deployment, giving operators flexibilities..
ONAP projects will be further modularized, meaning that sub-components can be selected during the build. This modularization will provide operators with greater integration flexibility based on their use cases.
ONAP projects need to minimize their dependencies to other projects.

Ranny Haiby,

The concept of elevating ONAP modules to semi-standalone entities was presented to the board and got positive feedback. One request that did come up was to clarify the evolution of the integration tests that are currently part of the ONAP-wide release process (will they still exist in some form to ensure interoperability between the independent modules?). The next step would be executing the necessary changes in the ONAP CI/CD system. I see that @Byung-Woo Jun already has a sessions planned for the ONAP DTF Day (https://lf-onap.atlassian.net/wiki/x/mICKBg) to discuss the next level of details. @LJ Illuzzi and I will of course support from the LF side.

Also, credits go to Ciaran Johnston and Christian Olrog
Byung-Woo Jun,

At the ONAP DTF days, I plan to present the ONAP TSC roadmap and Architecture evolution, covering this concept. Working with DT and other ONAP participating companies, I have outlined how ONAP will enable the individual build and deployment of ONAP components under the ONAP Streamlining evolution; i.e., ONAP already supports these capabilities.

The current OOM enhancements led by Andreas Geissler for ONAP CI/CD and ONAP architecture, leveraging Argo CD were tested during the Oslo release by DT and ARCCOM. Now, DT plans to contribute to ONAP CI/CD further by using both Argo CD and Flux during the Paris release. Additionally, China Telecom, China Mobile and DT have integrated several core ONAP components, referred to as Lightweight ONAP solutions, for their 5G and upcoming 6G.

Over the past couple of years, under the ONAP Streamlining evolution led by me (Byung), we have established a solid foundation, which has proven to be valuable.

Furthermore, ONAP TSC and ARCCOM have already discussed the possible integration solutions by leveraging individually built ONAP components. We are currently in the process of formalizing integration procedures and developing use cases for higher-level solutions. Additionally, I proposed the Runtime CI/CD for ONAP, and it will be part of my ONAP DTF Days presentations.

I fully agree with this direction, and we are proud of the foundational work achieved through this evolution. More to come… We have seen the future 😊

I plan to present the evolution to the ONAP DTF Days, and I look forward to collaborating with you all.

Kudos to all ONAP contributors!!! Thanks!
We need documentation for formalizing this new evolution. such as each each project documentation, API, security, release cycle, etc.

ONAP DTF Days 2025

Byung-Woo Jun

Byung-Woo Jun, created a page for ONAP DTF DAYs 2025; we plan to collect ONAP DTF session topics here before presenting them to LFN, and schedule for the event.
- Finalize the session topics and event schedule - TSC plans to decide today..
- LJ Illuzzi, TSC provides three potential dates. will set up for virtual meeting event, zoom, registration... next week meeting...

TSC Strategy

Byung-Woo Jun

TSC

From the Paris release, TSC needs to discuss ONAP focus areas and strategies / roadmaps

- TSC members to add thoughts

Let's discuss more this year for Paris +

Any questions or feedback?

Brainstorm:

Ensure ONAP core components are focused and operate independently, from build to runtime
- DT finishes Argo-CD and Flux based component independent deployment
  - optimizing code for Flux
  - DT is productizing some of the selected ONAP core components early next year in their TNAP production environment
- Declarative and Intent-based component operations by the Repository-based Network Automation : see the ideas from ONAP Architecture Evolution - 2025.pdf
Make ONAP core components more autonomous and ready for use by both ONAP, LF and other external users
- - During New Delhi and Oslo releases, CPS and Policy achieved the OpenSSF Gold Badging status. Kudos to the team!
  - Continue to promote/facilitate other ONAP core components for the Gold Badging status (e.g., UUI, SDNC) - Ramesh, Toine, Byung will invite Fiete to give him a list of work items for gold badging.
Incorporate more GenAI capabilities and use cases to the ONAP components, and promote the adoption of open-source LLM models and frameworks aligned with LF AI & Data and GenAI Commons
- Collaborate with LF AI & Data GenAI Commons and Nephio GenAI for 5G and 6G
- Open-source based models and controls
- AI-Based Control Loop
- AI Model-As-A-Service
- ETSI ISG NFV compliance for AI?
Foster inter-community collaboration with other LF communities, such as O-RAN and Nephio
- SDNC enhancements (which is used by O-RAN OAM as is)
- Resource-based Orchestration Pattern (leveraging CD and Operator)
- Energy saving / monitoring ; N.K. Shankaranarayanan, rAPP in SMO is monitoring energy; it is an industry trend.
Ensure the security of ONAP components and operations
- The latest security mechanism for communications (service mesh enhancements leveraging Istio and coming Ambient Mesh)
- Deprecate unused sub-components and mitigate security vulnerabilities
Define a secure LFN CI/CD pipeline by leveraging OpenSSF-associated reference tools

Operations (40 minutes)

TSC Activities and Deadlines

Paris Release Status

Byung-Woo Jun

The next Paris release schedule is TSC approved on 05 Dec 2024 , Release Planning: Paris
- TSC approved the current Paris release schedule on December 5th
- An ArgoCD and Flux deployment to provide an alternative the helm deployment
- RAN Simulator enhancement
- Policy-OPA-PDP
- MAAS
- SDC Ruby upgrade - will be removed
- Project package upgrade
- SDNC/CCSDK - need to upgrade Java 21 and Maven ; PTL, SECCOM and ARCCOM will handle this
- not only SDNC, may be other components too. SECCOM will discuss
- Portal-NG upgrade?
Release Planning: Paris
Project Status in Paris Release
Paris Release Key Updates
Long Term Release Roadmap

Software Package Upgrade

SO-4130	SO PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR PARIS RELEASE	Seshu Kumar Mudiganti	Open	Unresolved
SDC-4690	SDC PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR PARIS RELEASE	Fiete Ostkamp	Open	Unresolved
MULTICLOUD-1507	MULTICLOUD PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR PARIS RELEASE	Andreas Geißler	Open	Unresolved
DCAEGEN2-3414	DCAE PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR PARIS RELEASE	Andreas Geißler	Open	Unresolved

Note: Andreas Geißler is looking for resource for DCAEGEN2.

RelEng/Infrastructure

Paweł Pawlak

Byung-Woo Jun

We need to have a tool to analyse the code and provide information about certain type of cryptography used. Pawel - to open a ticket for that at LF IT.

https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27835 ,

Need to add scanning for ONAP repos to provide information about certain type of cryptography used

Eric Ball
Latest comment from IT Support from 03/07-
Still not a lot of detail here, but I took a look for things that would fulfill this general description. Mostly, there are plenty of ways to find outdated crypto, since that's a security risk that many static analyzers can pick up. But in terms of finding any instances of cryptography use, I haven't seen anything that would fit the bill.
Tony Hansen
02/28-
We've been talking about post-quantum cryptography support in ONAP. We will need to make sure that everywhere in ONAP there is something cryptographic used, it is already using a post-quantum algorithm or can be modified or reconfigured to use a post-quantum algorithm.
So this requires us to identify everywhere in ONAP that uses any sort of cryptography. This includes encrypting files or streams, using certificates, and using cryptographic hashes.
Pawel and Amy can comment more.
Asked Eric Ball to have a quick sync-up meeting with Pawel, Amy, Tony for a speedy resolution.
Paweł Pawlak informed: Amy Zwarico shared info for package update...

Paweł Pawlak, needs a help from LF IT. LJ Illuzzi,will check it later, maybe next week

RelEng/Infrastructure

Byung-Woo Jun

LJ Illuzzi

LJ Illuzzi, Byung-Woo Jun, will double check if the active member is accurate, 2024 TSC Election "Active Community Members"
LJ Illuzzi, Byung-Woo Jun, will double check the onap-tsc-private mailing list
On going

RelEng/Infrastructure

Matthew Watkins

FYI, we have a GitHub reusable workflow that implements OpenSSF scorecard badging here: https://github.com/lfit/releng-reusable-workflows/blob/main/.github/workflows/reuse-openssf-scorecard.yaml

…and results for our repo here: https://scorecard.dev/viewer/?uri=github.com/lfit/releng-reusable-workflows

Implementing it simply requires it to be added to gerrit-merge.yaml in your repository, so that it runs in GitHub when Gerrit changes are merged to the HEAD branch.

Raise a support ticket/request in JIRA SD if you would like this implemented for your repository: https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2

GoLang Job issues

murali parthasarathy k

Kevin Sandi

Deena Mukundan

- Deena Mukundan,
  - updated the ticket; Kevin Sandi, what is the current status?
  - Last TSC meeting we discussed on kafka issue and it was updated that still work is in progress. All updates are mentioned in the ticket. Thanks, it seems to be working now (edited) ; done
- IT-27801; Kevin Sandi, please take a look at this; working on it. will merge this morning and will test it.;
  - not showing coverage; Kevin Sandi is looking for a different option; raising a ticket to sonarQube
- murali parthasarathy k, NexusIQ license header issue - scanning; Paweł Pawlak, will take a look what kind of errors
  - Found licenses in the 'License not determined' license threat group ('Not Provided'); Paweł Pawlak, contact the code originator to add the license header; Byung-Woo Jun will check it with Murali.
  - Deena Mukundan, not working; Kevin Sandi, need more details; will check
- NexusIQ ticket, Deena Mukundan, please raise a new ticket for the problems.
  - IT-27927 Classification on vulnerabilities are not shown for policy-opa-pdp Nexus IQ
- https://gerrit.onap.org/r/c/policy/opa-pdp/+/140495, merged

Subcommittee Updates

Arch, Lab, Modeling, Seccom, Requirements

Byung-Woo Jun

Will work on architectural changes for the self-standalone projects
ARCCOM is working on the ONAP marketing catch points and architecture for the Paris release.
- https://docs.google.com/document/d/1_MTqJDP8QyJwYUyxzDsCoxbUlJsb3Ec_S3xE4Q97HP4/edit?tab=t.0
PTLs, please plan for the ARCCOM reviews for your new features, requirements and enhancements for Paris.
More ONAP Streamlining documentation, ONAP Streamlining Evolution and its sub-wiki pages.
Runtime CI/CD collaboration and discussions with participating companies.

SECCOM

LJ Illuzzi

Paweł Pawlak

- Upcoming presentation proposals from the 5G SBPs community:
  - QORE: Quantumized Core Solution- Beyond 5G core solution integrated with post quantum cryptography. Proposal to be present on the March 25 SECCOM meeting.
  - more work on quantumized core solution...
- Gold badging consultation to AAI?? aiming for AAI Silver for now
- Runtime CI/CD presentation by Lincoln Lavoie from UNH at the SECCOM meeting on March 4, 2025.
  - Byung-Woo Jun, This could be a good study/investigation for ONAP Runtime CI/CD
  - waiting for Lincoln's presentation slide deck
  - Paweł Pawlak, possible E2E testing scenarios; program tests;
- Byung-Woo Jun, Should we work on the secure ci/cd for LFN?

- Andreas provided the list of the Java versions per project. versions_reporting.html ONAP-Component-Java-Versions_Reporting..pdf
  - AP: Dan Timoney, try it with SDNC to build basic image automatically regularly and update Docker file as needed. He will try it and let us know.
    - Dan will share his testing results with us.
    - Dan Timoney - recreate new documents; presentation to PTLs, March 17th
  - We need to check other ONAP components with GUI, such as UUI, SDC-FE, SO-FE.
  - @Paweł Pawlak , will look at Kevin’s comments
  - Matthew will take a look at the Maven job.
    - call-sonatype-lifecycle:
      needs: [notify]
      # yamllint disable-line rule:line-length
      uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml@98e376a377e4622da10ce286a618343c733e41c2 # 2024-10-24
      secrets:
      NEXUS_IQ_PASSWORD: ${{ secrets.NEXUS_IQ_PASSWORD }}
    - gerrit-merge.yaml
    - releng-reusable-workflows/.github/actions/node-build-action/action.yaml at main · lfit/releng-reusable-workflows

LFN Cross-Community Collaboration

Byung-Woo Jun

- OpenSSF Badging work for Porch (Fiachra Corcoran)
  - BadgeApp

OOM Update

Andreas Geißler

ongoing

O-RAN Update

N.K. Shankaranarayanan

Any O-RAN Update?
ORAN F2F in Paris; O-RAN alliance focus group - more collaboration with OAI, OSC; try to make linkages between OSC and O-RAN Alliance (standardization body); ONAP is for SMO; SMO (FACOM and ...) and O-Cloud; ONAP needs to focus on intent-based and AI for SMO; AI-events for RAN and mobile?
Link to OSC sessions at O-RAN Paris Feb 2025 meeting: https://lf-o-ran-sc.atlassian.net/wiki/spaces/EV/pages/284327937/2025-02+O-RAN+F2F+Paris
(see demos on Nephi/OAI O-Cloud, OSC SMO plan, progress in O-RAN M-plane enablement)
LFN TAC, page status update; ONAP will check with the governing board what we need to do...

OpenSSF - Policy Gold badging

Ramesh Murugan Iyer

https://github.com/coreinfrastructure/best-practices-badge/issues/2181
Last November, the Policy team achieved OpenSSF gold badging, but they were unable to change one of the criteria in the openssf tool due to a lack of permission. We need to escalate this for a speedy resolution.
I will raise this issue at the SECCOM meeting next Tuesday.
Tony Hansen, I note this,
- https://lf-onap.atlassian.net/wiki/spaces/DW/pages/16230647/Policy+Framework+Project is missing Referrer-Policy and Permissions-Policy.
  Report is here:
  https://securityheaders.com/?q=https%3A%2F%2Flf-onap.atlassian.net%2Fwiki%2Fspaces%2FDW%2Fpages%2F16230647%2FPolicy%2BFramework%2BProject&followRedirects=on

Events & Meetings

(5 minutes)

Upcoming Events & Housekeeping

LJ Illuzzi

Byung-Woo Jun

KubeCon+CloudNativeCon, and Open Networking & Edge Summit, next April 2025 in London
Open Networking & Edge Summit Registration:https://events.linuxfoundation.org/open-networking-edge-summit-europe/register/

- LFN just issued a press release to announce the near-final speaker/session line-up for Open Networking & Edge Summit. Please take a look at both the PR and the updated agenda. This year's lineup is one of the best yet, with a broad representation of thought leaders from across the globe and across organizations (including many from this group - thank you!)
  Please spread the word about the event across your organizations and professional networks; here is a 20% Friends and Family discount code that you are welcome to share with your networks: ONE2520D

LFN's KubeCon + CloudNative Con EU sponsorship that enables us to host Cloud Native Telco Day. LFN will have a booth onsite at the main KC + CNC show floor, April 2-4.
Call to Action- LFN is looking for community members to help staff the booth, as well as project or collaborative demos that we can showcase in the booth.

Reach out to Jill Lovato if you want to volunteer at the LFN booth or have a project or

collaborative demo to showcase at the booth

jlovato@linuxfoundation.org

2025 LFN Events- as per the guidance of LFN Governing Board
- All projects can have a virtual dev event (with LF help) to focus on upcoming releases and strategy
- A series of virtual workshops around a specific topic (to be determined by the TAC) - eg Domain Specific AI, Security, etc
LF Member Summit: March 18-20, Napa, California;
Registration for the Linux Foundation Member Summit 2025 is now open!
- Click here to log in and start the registration process.
- Select the registration type "Invitation Acceptance".
- Enter the voucher code LFMS24AIDBOARD in the code field and click Next.
- Complete the required questions and click Submit on the Payment page to finalize your registration.
- We will have a Member Meetup the day before from 1-5pm for any members that are planning to join!

Zoom Chat Log

Zoom Meeting Recordings

Zoom auto-transcript service - These are often translated incorrectly and can be misleading. They are NOT Authoritative! Information as to why .
They are included here as a time stamp cross-reference for the recording only! The notes above this line and the actual recordings are authoritative.

Browser not supported