| Sylvain Desbureaux | dd76978 | 2020-05-29 11:19:42 +0200 | [diff] [blame] | 1 | .. This work is licensed under a Creative Commons Attribution 4.0 International |
| 2 | .. License. |
| 3 | .. http://creativecommons.org/licenses/by/4.0 |
| 4 | .. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights |
| 5 | .. reserved. |
| 6 | .. _release_notes_dublin: |
| 7 | |
| 8 | ONAP Operations Manager Release Notes |
| 9 | ===================================== |
| 10 | |
| 11 | Version 4.0.0 (Dublin Release) |
| 12 | ------------------------------ |
| 13 | |
| 14 | :Release Date: 2019-06-26 |
| 15 | |
| 16 | **Previous Release Notes** |
| 17 | |
| 18 | - :ref:`Casablanca <release_notes_casablanca>` |
| 19 | - :ref:`Beijing <release_notes_beijing>` |
| 20 | - :ref:`Amsterdam <release_notes_amsterdam>` |
| 21 | |
| 22 | |
| 23 | Summary |
| 24 | ------- |
| 25 | |
| 26 | **Platform Resiliency** |
| 27 | |
| 28 | * Documenation of a Highly-Available Kubernetes Cluster Deployment |
| 29 | * Availability of a Default Storage Class Provisioner for improved Persistent Storage resiliency |
| 30 | * Availability of a CNI reference integration for Multi-site support |
| 31 | |
| 32 | * applications can take advantage of multi-site by using POD and/or Node (anti)affinity, taints/tolerations, labels per application |
| 33 | |
| 34 | **Footprint Optimization** |
| 35 | |
| 36 | * Shared MariaDB-Galera Cluster - current clients in Dublin: SO, SDNC |
| 37 | * Shared Cassandra Cluster - current clients in Dublin: AAI, SDC |
| 38 | * Optional deployment of independent clusters (backward compatibility) |
| 39 | |
| 40 | **Platform Upgradability** |
| 41 | |
| 42 | * Introduction of an Upgrade Framework supporting: |
| 43 | |
| 44 | * Automated rolling upgrades for applications |
| 45 | * In-place schema and data migrations |
| 46 | * Blue-Green deployment environment migration (e.g. Pre-prod to Prod) |
| 47 | * Upgrades from embedded database instance into shared database instance |
| 48 | |
| 49 | * Release-to-release upgrade support delivered for the following projects |
| 50 | |
| 51 | * A&AI |
| 52 | * SDNC |
| 53 | * SO |
| 54 | |
| 55 | **Security Notes** |
| 56 | |
| 57 | *Fixed Security Issues* |
| 58 | |
| 59 | *Known Security Issues* |
| 60 | |
| 61 | * In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_] |
| 62 | * Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_] |
| 63 | * CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_] |
| 64 | |
| 65 | *Known Vulnerabilities in Used Modules* |
| 66 | |
| 67 | OOM code has been formally scanned during build time using NexusIQ and no |
| 68 | Critical vulnerability was found. |
| 69 | |
| 70 | Quick Links: |
| 71 | |
| 72 | - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_ |
| 73 | |
| 74 | - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_ |
| 75 | |
| 76 | |
| 77 | **Known Issues** |
| 78 | |
| 79 | End of Release Notes |