30 mins

Cross-project discussion

• This meeting is reduced to 30 minutes

• Rotating host

  • volunteer for this week: @Byung-Woo Jun 

ONAP and LFN Collaboration

@Byung-Woo Jun

Discussions between Arpit Joshipura, Byung-Woo Jun, Jill Lovato, Louis Illuzzi and Sunny Cai:

• Highlight the value proposition of ONAP, including overall statistics (e.g., contributors, LOC, etc.) over its lifetime.

• Provide deployment examples with links to DT, CMCC, Ericsson, AT&T and others

  • Byung-woo to do internal review 

  • DT plans to deploy selected components into production environment (TNAP) this year - discussed during D&TF last year and in several TSC meetings

    • Andreas Geißler, will summarize the DT input

  • China Mobile & GenAI, @Keguang He , please summarize how China Mobile uses ONAP

  • China Telecom - using fork of ONAP (?) (presentation from 2024), @Dong Wang , please summarize how China Telecom uses ONAP

  • AT&T use case; Dan Timoney, please summarize how AT&T uses ONAP

  • What is Ericsson doing and why? @Byung-Woo Jun , please summarize how Ericsson uses ONAP

  • Huawei, @zhuguanyu , please summarize how Huawei uses ONAP

• Emphasize the product integration of ONAP

• Use headlines like: "From Control loops and Intent-based to full AI Orchestration and Management." 

• Highlight security contributions, such as those provided during the OPS 5G project by US Government for Networking slicing

  • Byung-woo Jun plans to add details about ONAP's service mesh and Ingress architecture and implementation

  • Mitre, NSA might be able to provide some info 

• Address past criticisms of ONAP being too large and complex by emphasizing recent efforts, such as "streamlining microservices and modules, archiving legacy software, etc."

  • Byung-Woo Jun explained the ONAP Streamlining Evolution initiative to address these concerns

  • Has gone from a full “platform” to a collection of “network automation components”

• This is one shot we get. Let's make it BIG!

• Arpit's input:

Nephio GenAI Whitepaper

@Byung-Woo Jun

Sana Tariq from Telus is leading this effort, with Byung and other contributors also contributing to the paper. LF is preparing for the publication.

Link: https://docs.google.com/document/d/1oFeuTV3IsemsuikON2a1ldReySEBL36kBrHSTAJnjQI/edit?usp=sharing

LF GenAI Commons

@Byung-Woo Jun

• LF GenAI Commons, MOF presentation, https://docs.google.com/presentation/d/1dw7vP8qa1gojRu6hbvbu6zaBzNx-nWLgOnNPRr1b3No/edit?pli=1#slide=id.g2c86bc3133e_0_8

TSC Strategy

@Byung-Woo Jun

Byung-Woo Jun presented the brainstorm at the TSC meeting this week.

Brainstorm:

• Ensure ONAP core components are focused and operate independently, from build to runtime

  • DT finishes Argo-CD based component independent deployment

    • Argo-CD is a DT choice, but ONAP can allow other CDs, e.g., Flux (need contributors)

    • DT plans to productize some of the selected ONAP core components early next year in their TNAP production environment

  • Declarative and Intent-based component operations by the Repository-based Network Automation : see the ideas from ONAP Architecture Evolution - 2025.pdf

• Make ONAP core components more autonomous and ready for use by both ONAP, LF and other external users

  • During New Delhi and Oslo releases, CPS and Policy achieved the OpenSSF Gold Badging status. Kudos to the team!

  • Continue to promote/facilitate other ONAP core components for the Gold Badging status (e.g., UUI, SDNC)

• Incorporate more GenAI capabilities and use cases to the ONAP components, and promote the adoption of open-source LLM models and frameworks aligned with LF AI & Data and GenAI Commons

  • Collaborate with LF AI & Data GenAI Commons and Nephio GenAI for 5G and 6G

  • Open-source based models and controls

  • AI-Based Control Loop

  • AI Model-As-A-Service 

  • ETSI ISG NFV compliance for AI?

• Foster inter-community collaboration with other LF communities, such as O-RAN and Nephio

  • SDNC enhancements (which is used by O-RAN OAM as is)

  • Resource-based Orchestration Pattern (leveraging CD and Operator)

  • Energy saving / monitoring 

• Ensure the security of ONAP components and operations 

  • The latest security mechanism for communications (service mesh enhancements leveraging Istio and coming Ambient Mesh)

  • Deprecate unused sub-components and mitigate security vulnerabilities

• Define a secure LFN CI/CD pipeline by leveraging OpenSSF-associated reference tools

Security

• SECCOM will review the Java 21, Python, and Maven upgrades from the security perspective. 

  • Paweł Pawlak, will explore the current status of versions; will discuss this further at the SECCOM; scanner from the weekly pipelines may help?? Andreas Geißler, will check; Docker image is hard corded. 

  • Golang scanning: waiting for Nexus; Kevin Sandi, will raise a support ticket for Nexus golang support.

• How to deal with vulnerabilities. e.g., SDC, UUI - Angular dependency issues. Also, MPM

• SECCOM plans to discuss these issues with PTLs at the next SECCOM meeting (next SECCOM meeting 2/4/2025)

Paris Release Update

@Byung-Woo Jun

@Marek Szwałkiewicz

@Andreas Geißler

@Ramesh Murugan Iyer

@Vishal Varvate

• The next Paris release schedule is TSC approved on 05 Dec 2024 , Release Planning: Paris 

  • TSC approved the current Paris release schedule on December 5th

  • An ArgoCD deployment to provide an alternative the helm deployment

  • RAN Simulator enhancement

  • Policy-OPA-PDP

  • MAAS

  • SDC Ruby upgrade

  • Project package upgrade

  • Portal-NG Angular 17 update, a new page for viewing AAI inventory; will be added to the key update page.

• PTLs, if you have any feature update, please add to the Paris key update wiki page and review the feature update with ARCCOM.

• Long Term Release Roadmap

• Release Planning: Paris

• Paris Release Key Updates

• Paris Milestone Status

GoLang Job Issues

@murali parthasarathy k

@Deena Mukundan

@Ramesh Murugan Iyer

@Kevin Sandi

• https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27520 - waiting for Murali - on hold

• Error in Creating Releng Go Jobs as per guide

• Kevin Sandi, is working on it and waiting for Murali's input

• What is the current status? almost done by Kevin Sandi. Deena, Murali and Kevin need to work together to finalize it.

• Requesting guidance on adding goLang based project to Nexus IQ - Project Services Support - Service Project
  (IT-27561) - In Progress, https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27561

  • @Kevin Sandi , is working on it, https://support.sonatype.com/hc/en-us/requests/101113?page=1

• Kevin Sandi, New JJB template for Golang CLM scan is ready for review and approval => https://gerrit.linuxfoundation.org/infra/c/releng/global-jjb/+/73372 , once that change is approved and merged by LF we can proceed to upgrade the GlobalJJB version at ONAP and then merge following change

• IT-27720; Kevin Sandi, will check; @kevin sandi, will work on it. please discuss this with Deena; when? please report back to TSC when it is ready; will use another ticket.

• IT-27561 is the new ticket that Kevin is working.

• https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27696 , Kevin will check

• https://gerrit.onap.org/r/c/ci-management/+/139794

• Ramesh Murugan Iyer, Policy team will check vulnerabilities on direct dependencies; may need to open a ticket for the product (Sonatype) company; Kevin Sandi, asked Murali to send the test results before raising tickets; CycloneDX-based SBOM; may need a conversion between CycloneDX and SPDX;

• So far, LFN supports SPDX only for their pipeline SBOM. SECCOM will discuss it further with the LF team. We need a conversion between CycloneDX and SPDX.

• Deena Mukundan, 

• Policy Staging job for imaging - will discuss more at the PTL next week

  • @Andreas Geißler , done; deena, fieta worked on it. any more to do??? It is working now.; done.

• @Fiete Ostkamp , https://gerrit.linuxfoundation.org/infra/c/releng/global-jjb/+/73395 pipeline issues: history pipeline failure; @Kevin Sandi will work on it.

Update Jiras

Paris Package

@Amy Zwarico 

@Paweł Pawlak 

@Toine Siebelink

• For the Paris release features, we need to discuss the package updates; who is doing what?

• Note: PTLs, thank you very much for closing the package update. 

  Note: SO, SDC, MultiCloud and DCAE (without PTLs) are open; DT offered their help on  SDC, MultiCloud and DCAE. Thank you very much!!! @Andreas Geißler , any update / plan? Thanks.

  Note: I will contact Seshu for the SO.

RelEng/Infrastructure

@Kevin Sandi

For Paris

@Toine Siebelink , created a new ticket, https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-27475 .

• Any update? @Kevin Sandi will work on it later; backlog; Postponed to Paris

• make a job build more intelligent - still ongoing

Releng/Infrastrcutre

Matthew Waltkins

• Jenkens and GitHub jobs automation - Matt is working on it.

• Sona jobs - Kevin sandi

OOM Update & MSB Dependencies

@Fiete Ostkamp

• Fiete Ostkamp, reported that UUI still depends on MSB; Byung-Woo Jun, sent email to Keguang He for their plans to resolve the issues.

  • Fiete Ostkamp, fixed UUI (frontend), working on the backend.  

  • Andreas Geißler, may need to clean up OOM for this after UUI update.

  • @Andreas Geißler , will check it again after gating…

  • Done

• Fiete Ostkamp, also reported some parts of AAI charts still use MSB. 

  • Only OOM chart itself; Andreas Geißler, will check it

    • We will have some patches…

• MR removal from DFC in DCAE (vresh navalli),

  • https://gerrit.onap.org/r/c/dcaegen2/collectors/datafile/+/139981; waiting for Tony Hansen's review

• DB-operator use  issue (shrikant dhakalu tarale); some parts were fixed

• Tata is testing Docker Image handling implemented by the Integration team; some issues on testing; Andreas Geißler is investing this; will give some updates

@Fiete Ostkamp

• Sonatype scanning reports from netxus-iq: some of the applications have not been scanned; need to clean up deprecated ones from the reports. @Fiete Ostkamp will issue a ticket to Matt.

Testing Environment

Testing Improvement

CSIT Review

ToolChain Improvement

Documentation

Other Improvement suggestion

Sharing Best Practices

IF TIME ALLOWS ....

15 mins

Release status

5 mins

Upcoming Events

@LJ Illuzzi

• KubeCon+CloudNativeCon, and Open Networking & Edge Summit, next April 2025 in London

• Open Networking & Edge Summit Registration: Register | LF Events

  • There are no community sessions for this event. It’s a 100% curated agenda. There will be keynotes by LFN and LFE, and strategy sessions.

• 2025 LFN Events- as per the guidance of LFN Governing Board

  • All projects can have a virtual dev event (with LF help) to focus on upcoming releases and strategy

  • A series of virtual workshops around a specific topic (to be determined by the TAC) - eg Domain Specific AI, Security, etc

10 mins

Remaining Action Items