LCOO Topical Session Proposals

The following is a matrix of projects initiated by members are actively engaged which have been suggested for future LCOO Sharing Sessions:



Indicate topics of interest and their priority (1, 2, 3, etc...) -->

ATTCharterIntelNTTOrangeReliance JioSKTWould you like to lead/host the session?Specific Sub-Topics that could be the focus of a Topical SessionNotes
Security by DesignSecurity related priorities, pain points, activities underway, etc...



Role Based Access Controls (RBAC)

Secure Secrets (eliminating plain text passwords, etc., from config files)

does it include RBAC or do you consider it as a seperated topic (marcb)?  Yes, I would consider RBAC to definitely be a subject here. Also for us, Cosde scanning/vulnerabilities, secrets management, hypervisor isolation... (AndyU). 

From 2017.11.16 LCOO General:

Objective: Next Steps in RBAC

  Topic #1 What projects are needed? Patrole (RBAC testing) came out LCOO in 2016, what is needed, more on Patrole or new projects? 

  Topic #2 Moon (OPNFV project providing an External Policy Decision Point with associated developments already embedded in Keystone roadmap) .

  Topic #3 oslo.policy is a library for RBAC for OpenStack projects (but not yet commonly used)

Objective #2 Security screening - Additional projects/tools or entry into the CI process needed to screen core projects or all projects for security vulnerabilities.

Objective #3 Security frameworks we need to comply with. Next steps - list session to continue from Austin on this topic

Objective#4 Key Management



Top OpenStack Priorities Members share their top community priority areas including any culture and/or community governance/process changes members may be seeking to drive

Cloud Native Focused Deployments

Applications deployments that are Cloud Native focused, without standard Chef, Ansible, Puppet, Salt. Deployments must include embedded security and network declarations. They must be containerized. 

Security Related: CPU Pinning, NUMA, CPU slicing, etc for containerized workloads. →this sounds interesting(shinaro)


is this like OpenStack+K8S deployments? Similar, but this is a general deployment methodology for all applications. 

OK we were looking into more hybrid environment where cloud native app and legacy app exist side-by-side.(shintaro)  >> this is very similar to skt's interest (jayahn)   

Network PerformanceNot just performance, but also multi-CNI Cloud Native containerized workloads.


SR-IOV/DPDK/CPU pinning operation/troube shooting issues are pain for us (shintaro). Potentially NIC offloading performance results and publishing with the overall LCOO group? This would be an R&D function, but it would provide high value, and could potentially drive industry standards. Thoughts?

sounds nice.

Seemless/Hitless Upgrades


For ex. some of AT&T's areas of interest under this topic would include: ability to automatically move tenant workloads without impact, speed of updates to controle plane, API normalizaion, N-2 upgrade backward compatibility... (AndyU)

Simplified Operations



For ex. some of AT&T's areas of interest under this topic would include: log standardization & transactional traceability, service health api's, error coding vs stack traces... (AndyU)
OnboardingOnboarding new VNF's and/or enterprise applications onto our openstack clouds. Challenges, processes followed, steps, etc.