| .. This work is licensed under a Creative Commons Attribution 4.0 |
| International License. |
| .. http://creativecommons.org/licenses/by/4.0 |
| .. (c) ONAP Project and its contributors |
| |
| ****************** |
| SDNC Release Notes |
| ****************** |
| |
| |
| Abstract |
| ======== |
| |
| This document provides the release notes for the Frankfurt release of the Software Defined |
| Network Controller (SDNC) |
| |
| Summary |
| ======= |
| |
| The Frankfurt release of SDNC introduces new functionality to support PNFs (Physical Network Functions), extends support |
| for Netconf/TLS to support CMPv2, and adds support for the Multi Domain Optical Network Service use case. |
| |
| |
| |
| Release Data |
| ============ |
| |
| +-------------------------+-------------------------------------------+ |
| | **Project** | SDNC | |
| | | | |
| +-------------------------+-------------------------------------------+ |
| | **Docker images** | See :ref:`dockercontainers` section below | |
| +-------------------------+-------------------------------------------+ |
| | **Release designation** | Frankfurt | |
| | | | |
| +-------------------------+-------------------------------------------+ |
| | **Release date** | 06/04/2020 | |
| | | | |
| +-------------------------+-------------------------------------------+ |
| |
| |
| New features |
| ------------ |
| |
| The SDNC Frankfurt release includes the following features: |
| |
| * ORAN-compliant A1 adaptor (Jira `SDNC-965 <https://jira.onap.org/browse/SDNC-965>`_) |
| * Multi-Domain Optical Service (Jira `SDNC-928 <https://jira.onap.org/browse/SDNC-928>`_) |
| * Python 2 -> Python 3 migration (Jira `SDNC-967 <https://jira.onap.org/browse/SDNC-967>`_) |
| * Upgrade to new Policy lifecycle API (Jira `SDNC-968 <https://jira.onap.org/browse/SDNC-968>`_) |
| |
| |
| |
| For the complete list of `SDNC Frankfurt release epics <https://jira.onap.org/issues/?filter=12322>`_ and |
| `SDNC Frankfurt release user stories <https://jira.onap.org/issues/?filter=12323>`_ , please see the `ONAP Jira`_. |
| |
| **Bug fixes** |
| |
| The full list of `bugs fixed in the SDNC Frankfurt release <https://jira.onap.org/issues/?filter=12324>`_ is maintained on the `ONAP Jira`_. |
| |
| **Known Issues** |
| |
| The full list of `known issues in SDNC <https://jira.onap.org/issues/?filter=11119>`_ is maintained on the `ONAP Jira`_. |
| |
| |
| Deprecated Features |
| ------------------- |
| |
| ** SDNC portal ** |
| |
| The SDNC portal is considered deprecated in the Frankfurt release, due |
| to resource contraints. This functionality is delivered dormant |
| in Frankfurt (i.e. it is disabled in the Frankfurt helm charts) and we |
| plan to remove the code entirely in the Guilin release. |
| |
| ** VNF-API ** |
| |
| The functionality provided by the VNF-API is now provided as part |
| of the GENERIC-RESOURCE-API. Therefore, the VNF-API is deprecated |
| in Frankfurt and will be removed in Guilin. |
| |
| |
| Deliverables |
| ------------ |
| |
| Software Deliverables |
| ~~~~~~~~~~~~~~~~~~~~~ |
| |
| .. _dockercontainers: |
| |
| Docker Containers |
| ````````````````` |
| |
| The following table lists the docker containers comprising the SDNC Frankfurt |
| release along with the current stable Frankfurt version/tag. Each of these is |
| available on the ONAP nexus3 site (https://nexus3.onap.org) and can be downloaded |
| with the following command:: |
| |
| docker pull nexus3.onap.org:10001/{image-name}:{version} |
| |
| |
| Note: users that want to use the latest in-development Frankfurt version may use the |
| tag 0.7-STAGING-latest to pull the latest daily Frankfurt build |
| |
| +--------------------------------+-----------------------------------------------------+---------+ |
| | Image name | Description | Version | |
| +================================+=====================================================+=========+ |
| | onap/sdnc-aaf-image | SDNC controller image, integrated with AAF for RBAC | 1.8.3 | |
| +--------------------------------+-----------------------------------------------------+---------+ |
| | onap/sdnc-ansible-server-image | Ansible server | 1.8.3 | |
| +--------------------------------+-----------------------------------------------------+---------+ |
| | onap/sdnc-dmaap-listener-image | DMaaP listener | 1.8.3 | |
| +--------------------------------+-----------------------------------------------------+---------+ |
| | onap/sdnc-image | SDNC controller image, without AAF integration | 1.8.3 | |
| +--------------------------------+-----------------------------------------------------+---------+ |
| | onap/sdnc-ueb-listener-image | SDC listener | 1.8.3 | |
| +--------------------------------+-----------------------------------------------------+---------+ |
| | onap/sdnc-web-image | Web tier (currently only used by SDN-R persona) | 1.8.3 | |
| +--------------------------------+-----------------------------------------------------+---------+ |
| |
| |
| Documentation Deliverables |
| ~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| |
| * `SDN Controller for Radio user guide`_ |
| |
| Known Limitations, Issues and Workarounds |
| ========================================= |
| |
| System Limitations |
| ------------------ |
| |
| No system limitations noted. |
| |
| |
| Known Vulnerabilities |
| --------------------- |
| |
| Any known vulnerabilities for ONAP are tracked in the `ONAP Jira`_ in the OJSI project. Any outstanding OJSI issues that |
| pertain to SDNC are listed in the :ref:`secissues` section below. |
| |
| |
| Workarounds |
| ----------- |
| |
| Not applicable. |
| |
| |
| Security Notes |
| -------------- |
| |
| Fixed Security Issues |
| ~~~~~~~~~~~~~~~~~~~~~ |
| |
| The following security issues have been addressed in the Frankfurt SDNC release: |
| |
| * `OSJI-34 <https://jira.onap.org/browse/OJSI-34>`_ : Multiple SQL Injection issues in SDNC |
| * `OSJI-40 <https://jira.onap.org/browse/OJSI-40>`_ : SDNC service allows for arbitrary code execution |
| * `OSJI-41 <https://jira.onap.org/browse/OJSI-41>`_ : SDNC service allows for arbitrary code execution in sla/dgUpload form (CVE-2019-12132) |
| * `OSJI-42 <https://jira.onap.org/browse/OJSI-42>`_ : SDNC service allows for arbitrary code execution in sla/printAsXml form (CVE-2019-12123) |
| * `OSJI-43 <https://jira.onap.org/browse/OJSI-43>`_ : SDNC service allows for arbitrary code execution in sla/printAsGv form (CVE-2019-12113) |
| * `OSJI-199 <https://jira.onap.org/browse/OJSI-199>`_ : SDNC service allows for arbitrary code execution in sla/upload form (CVE-2019-12112) |
| * `SDNC-1145 <https://jira.onap.org/browse/SDNC-1145>`_ : Pods still run as root |
| * `SDNC-970 <https://jira.onap.org/browse/SDNC-970>`_ : Password removal from OOM Helm charts |
| |
| .. _secissues : |
| |
| Known Security Issues |
| ~~~~~~~~~~~~~~~~~~~~~ |
| |
| There is currently one known SDNC security issue, related to the SDNC portal |
| |
| * `OJSI-91 <https://jira.onap.org/browse/OJSI-91>`_ : SDNC exposes unprotected API for user creation |
| |
| The current implementation of the SDNC portal - which was intended purely |
| as a test tool - has a self-subscription model - so anyone can create an |
| account by going to the setup link. This is not appropriate for production |
| deployment and we strongly recommend that the SDNC portal NOT be used in |
| production. |
| |
| The SDNC portal is disabled in the Frankfurt helm charts and will be removed |
| entirely in the Guilin release. |
| |
| |
| |
| Test Results |
| ============ |
| Not applicable |
| |
| |
| References |
| ========== |
| |
| For more information on the ONAP Frankfurt release, please see: |
| |
| #. `ONAP Home Page`_ |
| #. `ONAP Documentation`_ |
| #. `ONAP Release Downloads`_ |
| #. `ONAP Wiki Page`_ |
| |
| |
| .. _`ONAP Home Page`: https://www.onap.org |
| .. _`ONAP Wiki Page`: https://wiki.onap.org |
| .. _`ONAP Documentation`: https://docs.onap.org |
| .. _`ONAP Release Downloads`: https://git.onap.org |
| .. _`ONAP Jira`: https://jira.onap.org |
| .. _`SDN Controller for Radio user guide`: https://docs.onap.org/en/frankfurt/submodules/ccsdk/features.git/docs/guides/onap-user/home.html |