/
2021-01-19 TSC Agenda and Minutes

Anuket Project

2021-01-19 TSC Agenda and Minutes

Jan 20, 2021

Jan 19, 2021 

Attendees (TSC)

  1.  @Al Morton

  2. @Georg Kunz (Ericsson)

  3. @Mark Beierl (Canonical)

  4. @Beth Cohen (Verizon)

  5. @Walter.kozlowski (Telstra)

  6. @Frank Brockners (Cisco)

  7. @Sridhar Rao 

  8. @Lincoln Lavoie  (UNH-IOL)

  9. @Emma Foley (Red Hat)

  10. @Qiao Fu (China Mobile)

  11. @Trevor Cooper (Intel)

  12. @Gergely Csatari (Nokia)

  13. @Cédric Ollivier

  14. @Tom Kivlin (Vodafone) 

Absent (TSC)

  1. Ahmed El-Sawaf

Other Attendees

  1. @Scot Steele (AT&T)

  2. @David McBride

  3. @Karine Sevilla (Orange)

  4. @Luc Provoost

  5. @Ulrich Kleber (Huawei)

  6. @Toshi Wakayama (KDDI)

Agenda



Time

Topic

Presenters

Minutes

5min

Meeting Administration

Linux Foundation Anti-trust Policy
Recording
Agenda Bashing
Attendance/Quorum (13/15)

Approval of previous meeting minutes:  2021-01-12 TSC Agenda and Minutes

Co-Chairs

  • Minutes of last week's meeting approved.

5 min

Announcements

Elbrus Release and Anuket (OPNFV JERMA reminder) Jan 27, 0800 PT



  • Goal is to have draft agenda ready by Jan 22, 2021 

25 min

Operation of Workstreams/projects within Anuket 
Anuket wiki presence 

TSC Operation: LFN Governance and Charter

Operational Guidelines - Feedback needed. Volunteers to Edit.

@Al Morton

  • Developer representative to the LFN GB

  • TSC operations procedures (OPNFV)

  • Editable Anuket Operations Procedures

  • Charter:

    • Updates: Anyone can create a suggestion for updates to the Anuket charter (change requests would be reviewed and voted on by the TSC (2/3 vote), and will also go through a legal check). See also section 8 in the current charter.

    • Potential need for updates: Charter is (due to OPNFV heritage) more focused on code contributions. It might be desirable to reword the charter to reflect "code" on par with "specifications".

  • Heather notes that the charter is mostly a legal document. She encourages to update the TSC procedures and operational procedure to better reflect the different work procedures and work products of Anuket.

10min

Workstream Leads/ Project PTLs standup (continued)
Others missed at Jan 12 meeting?
 

PTLs/Co-Chairs

  • Moon status provided by Philippe Calvet

https://github.com/opnfv/moon

https://docs.openstack.org/oslo.policy/ussuri/admin/policy-json-file.html

Why we did Moon ?

  • Openstack was designed for those building a cloud infra, while telco cloud requires security configuration for the security administrator,  thus the need of Moon, a security policy engine that allows fine grained control under the supervision of security administrator,

  • Orange based its first version of telco cloud based an OpenStack release where security policy are managed by policy files that are depending on each Openstack module  aka .json policy ( = complex configurations)

  • The rationale for Moon : have a global security policy management plane, that could unify the security  of the various Openstack modules ( fully tested on Nova, and partially on Neutron , Cinder, Swift ) , and historically  Opendaylight

  • Moon helps addressing requirements from security authorities in virtualized environments  

What are the contributions to other communities ?

  • Orange with Openstack community added the concept of Identity/Keystone hook that allows from a .json policy file to interrogate through an API call an external policy decision point (aka Moon) that authorizes the requests based on a given security policy ( E.g allow or not the start of VM )

Why we republish Moon in 2020 ?

  • The initial contribution was initially linked with OPNFV . We redesign it internally to make as more an independent component and contributed the work in 2020 , this resulted in a major commit last year.

  • We also completey redesign the web interface to allow a security administrator within a telco to authorize certains commands through a simple user interface ( instead of CLI ) , and repackage the service as two libraries that could be easily integrated in any virtualized platform (in the micro-services spirit).

  • Moon was used in an experiment by one Orange Affiliate  to distinguish administrator roles depending of the status of the platform : design/maintenance status versus run status . As a consequence, this has been added to our recommendations.

What are next plans ?

  • Cover next generation telco cloud requirements : Extend Moon to manage dual environments like K8S and Openstack, and extend GUI to simplify policy generations.

Reference :

20 min

Elbrus Release - Important Dates

@Walter.kozlowski + WS Leads



10 min

Monday Technical Discussion follow-up

@Qiao Fu  to discuss the options in which PDF 2.0 frame work should be done with the TSC



@Qiao Fu

@Qiao Fu

Defer to Jan 26, 2021 

5 min

Continue Release process discussions, Goals and Management

Anuket Release Process Issues and Objectives r1.pdf

@David McBride

Defer to Jan 26, 2021 

5 min

@Jim Baker

OPNFV and CNTT mailing lists are being deprecated (date: TBD - target: Jan 31, 2021 )

Request new "foo@lists.anuket.io" from Jim

5 min

Next steps; high priorities:

ANUKET WIKI UPDATES — BEFORE JAN 27 Announcement  – MUST DO Before Jan 22, 2021  For main pages !!!!

EVERYONE!



5 min

Status Updates
Linux Foundation Lab (Portland) hardware upgrade status
LF IT/Infra update: (Aric GardnerTrevor Bramwell)
gitlab POC





Outstanding Action Items

Type your task here, using "@" to assign to a user and "//" to select a due date