.. This work is licensed under a Creative Commons Attribution 4.0 International
.. License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2017 Bell Canada & Amdocs Intellectual Property.  All rights
.. reserved.
.. _release_notes_dublin:

:orphan:

ONAP Operations Manager Release Notes
=====================================

Version 4.0.0 (Dublin Release)
------------------------------

:Release Date: 2019-06-26

**Previous Release Notes**

- :ref:`Casablanca <release_notes_casablanca>`
- :ref:`Beijing <release_notes_beijing>`
- :ref:`Amsterdam <release_notes_amsterdam>`


Summary
-------

**Platform Resiliency**

* Documenation of a Highly-Available Kubernetes Cluster Deployment
* Availability of a Default Storage Class Provisioner for improved Persistent
  Storage resiliency
* Availability of a CNI reference integration for Multi-site support

  * applications can take advantage of multi-site by using POD and/or Node
    (anti)affinity, taints/tolerations, labels per application

**Footprint Optimization**

* Shared MariaDB-Galera Cluster - current clients in Dublin: SO, SDNC
* Shared Cassandra Cluster - current clients in Dublin: AAI, SDC
* Optional deployment of independent clusters (backward compatibility)

**Platform Upgradability**

* Introduction of an Upgrade Framework supporting:

  * Automated rolling upgrades for applications
  * In-place schema and data migrations
  * Blue-Green deployment environment migration (e.g. Pre-prod to Prod)
  * Upgrades from embedded database instance into shared database instance

* Release-to-release upgrade support delivered for the following projects

  * A&AI
  * SDNC
  * SO

**Security Notes**

*Fixed Security Issues*

*Known Security Issues*

* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]

*Known Vulnerabilities in Used Modules*

OOM code has been formally scanned during build time using NexusIQ and no
Critical vulnerability was found.

Quick Links:

  - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_

  - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_


**Known Issues**

End of Release Notes