...
In Casablanca, MSB mainly focuses on the integration of Istio service mesh with ONAP to enhance OMSA, while keeping the Istio integration compatible with the existing MSB API Gateway approachesapproach.
- Integrate Istio with ONAP to provide a reliable, secure and flexible service communication layer (service discovery/retries/circuit breaker/route rule/policy)
- Integrate with CNCF projects jaeger to provide distributed tracing Prometheus and Grafana for metrics collection and display
- Add MSB Portal to control plane to provide service catalog, swagger UI of Restful API, service mesh configuration, etc
...
- Manage ONAP Microservices with Istio Service Mesh
- Manage ONAP Microservices with Istio Service Mesh-Mutual TLS Authentication Enabled
- Current issues with Istio integration with mTLS enabled
Proposed migration approach: Service Mesh Migration
S3P Updates
- Security
- CII CII passing Badge
- SONAR code coverage. Reach or surpass the 50% goal on all repos.
- Nexus IQ scans:
- All critical license issues are cleared
- Most of the critical security issues are cleared. The left one is Remote Code Execution (RCE) introduced by the jackson-bind, which is an indirect dependency of some fundamental 3-party libraries such as dropwizard, Hibernate and swagger . We are still looking for possible solution or mitigation.and it can't be simply replaced/removed. After analyzing these reports, It turns out all these issues are false positive, see this wiki page for detailed explanation.
- HTTPS endpoint at MSB API gateway has been provided for encrypted communicationProvides HTTPS endpoint at MSB API gateway to provide encrypted communication
- Scalability and Resiliency
No update- Scalability: MSB API Gateway and Discovery have been deployed in a cluster of two instances, and they can be horizontally scaled to more instances for large scale.
- Resiliency: K8s liveness probe is used to check the health status of MSB component.
- Performance and stability
- Test the API Gateway baseline performance
- Test the API Gateway baseline performance
- Manageability
- Integrate with logging enhancement project to provide central Logging
- Define performance metrics and set up a baseline
Jira server ONAP JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 425b2b0a-557c-3c0c-b515-579789cceedb key MSB-116
- Integrate with logging enhancement project to provide central Logging
Jira server ONAP JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 425b2b0a-557c-3c0c-b515-579789cceedb key MSB-145
Filebeat sidecar has been installed in MSB pod to collect the logs.
Could Logging project support the collection of Docker container logs(stdout/stderr) besides file log?
...