Goal:
- Avoid node ports (use ingress gateways)
- Load balancer as it is done in public clouds (such as MetalLB)
- Secure communication to outside entities
- Secure communication among the micro services
- User authentication via tokens
...
Once proven come back to ONAP wider community on the need for separating the security from the applications.
Current challenges with ONAP
We feel that user management, creating roles, RBAC of resources with roles is basic for any project. ONAP is not very well secured on this aspect.
Proposal:
Since Multi-Cloud project did not implement any security aspects yet, it was felt that this could be a POC project for ISTIO.
...