blob: 1974756ea352c6c3ed002abb6d089df0c34451e1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
.. This work is licensed under a Creative Commons Attribution 4.0 International
.. License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
.. reserved.
.. _release_notes_dublin:
:orphan:
ONAP Operations Manager Release Notes
=====================================
Version 4.0.0 (Dublin Release)
------------------------------
:Release Date: 2019-06-26
**Previous Release Notes**
- :ref:`Casablanca <release_notes_casablanca>`
- :ref:`Beijing <release_notes_beijing>`
- :ref:`Amsterdam <release_notes_amsterdam>`
Summary
-------
**Platform Resiliency**
* Documenation of a Highly-Available Kubernetes Cluster Deployment
* Availability of a Default Storage Class Provisioner for improved Persistent
Storage resiliency
* Availability of a CNI reference integration for Multi-site support
* applications can take advantage of multi-site by using POD and/or Node
(anti)affinity, taints/tolerations, labels per application
**Footprint Optimization**
* Shared MariaDB-Galera Cluster - current clients in Dublin: SO, SDNC
* Shared Cassandra Cluster - current clients in Dublin: AAI, SDC
* Optional deployment of independent clusters (backward compatibility)
**Platform Upgradability**
* Introduction of an Upgrade Framework supporting:
* Automated rolling upgrades for applications
* In-place schema and data migrations
* Blue-Green deployment environment migration (e.g. Pre-prod to Prod)
* Upgrades from embedded database instance into shared database instance
* Release-to-release upgrade support delivered for the following projects
* A&AI
* SDNC
* SO
**Security Notes**
*Fixed Security Issues*
*Known Security Issues*
* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
*Known Vulnerabilities in Used Modules*
OOM code has been formally scanned during build time using NexusIQ and no
Critical vulnerability was found.
Quick Links:
- `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
- `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
**Known Issues**
End of Release Notes
|
