Page History

...

Proposed migration approach:  Service Mesh Migration

S3P Updates

1. Security
   1. CII CII passing Badge

      

   2. SONAR code coverage.  Reach or surpass the 50% goal on all repos.
   3. Nexus IQ scans: 
      1. All critical license issues are cleared
      2. Most of the critical security issues are cleared. The left one is Remote Code Execution (RCE) introduced by the jackson-bind, which is an indirect dependency of some fundamental 3-party libraries such as dropwizard, Hibernate and swagger . We are still looking for possible solution or mitigation.and it can't be simply replaced/removed. After analyzing these reports, It turns out all these issues are false positive, see this wiki page for detailed explanation.
   4. HTTPS endpoint at MSB API gateway has been provided for encrypted communicationProvides HTTPS endpoint at MSB API gateway to provide encrypted communication
      
      
2. Scalability and Resiliency
   No update
   1. Scalability: MSB API Gateway and Discovery have been deployed in a cluster of two instances, and they can be horizontally scaled to more instances for large scale.
   2. Resiliency: K8s liveness probe is used to check the health status of MSB component. 
      
      
3. Performance and stability
   
   1. Test the API Gateway baseline performance Define performance metrics and set up a baseline
      JiraserverONAP JIRAcolumnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolutionserverId425b2b0a-557c-3c0c-b515-579789cceedbkeyMSB-116
      
      
4. Manageability
   1. Integrate with logging enhancement project to provide central Logging
      JiraserverONAP JIRAcolumnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolutionserverId425b2b0a-557c-3c0c-b515-579789cceedbkeyMSB-145
      Filebeat sidecar has been installed in MSB pod to collect the logs.  
      Could Logging project support the collection of Docker container logs(stdout/stderr) besides file log?
        

...