LCOO Topical Session Proposals
- Jamey McCabe
- Shintaro Mizuno (Unlicensed)
- Andrew Ukasick
The following is a matrix of projects initiated by members are actively engaged which have been suggested for future LCOO Sharing Sessions:
| Topic | Description Indicate topics of interest and their priority (1, 2, 3, etc...) --> | ATT | Charter | Intel | NTT | Orange | Reliance Jio | SKT | Would you like to lead/host the session? | Specific Sub-Topics that could be the focus of a Topical Session | Notes |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Security by Design | Security related priorities, pain points, activities underway, etc... | 1 | 3 | 1 | 2 | Role Based Access Controls (RBAC) Secure Secrets (eliminating plain text passwords, etc., from config files) | does it include RBAC or do you consider it as a seperated topic (marcb)? Yes, I would consider RBAC to definitely be a subject here. Also for us, Cosde scanning/vulnerabilities, secrets management, hypervisor isolation... (AndyU). From 2017.11.16 LCOO General: Objective: Next Steps in RBAC Topic #1 What projects are needed? Patrole (RBAC testing) came out LCOO in 2016, what is needed, more on Patrole or new projects? Topic #2 Moon (OPNFV project providing an External Policy Decision Point with associated developments already embedded in Keystone roadmap) . Topic #3 oslo.policy is a library for RBAC for OpenStack projects (but not yet commonly used) Objective #2 Security screening - Additional projects/tools or entry into the CI process needed to screen core projects or all projects for security vulnerabilities. Objective #3 Security frameworks we need to comply with. Next steps - list session to continue from Austin on this topic Objective#4 Key Management | ||||
| Edge/Fog | 4 | 3 | |||||||||
| Top OpenStack Priorities | Members share their top community priority areas including any culture and/or community governance/process changes members may be seeking to drive | ||||||||||
| Cloud Native Focused Deployments | Applications deployments that are Cloud Native focused, without standard Chef, Ansible, Puppet, Salt. Deployments must include embedded security and network declarations. They must be containerized. Security Related: CPU Pinning, NUMA, CPU slicing, etc for containerized workloads. →this sounds interesting(shinaro) | 2 | 1 | 1 | 1 | is this like OpenStack+K8S deployments? Similar, but this is a general deployment methodology for all applications. OK we were looking into more hybrid environment where cloud native app and legacy app exist side-by-side.(shintaro) >> this is very similar to skt's interest (jayahn) | |||||
| Network Performance | Not just performance, but also multi-CNI Cloud Native containerized workloads. | 1 | 2 | 2 | 3 | 4 | Ex. SRIOV SR-IOV/DPDK/CPU pinning operation/troube shooting issues are pain for us (shintaro). Potentially NIC offloading performance results and publishing with the overall LCOO group? This would be an R&D function, but it would provide high value, and could potentially drive industry standards. Thoughts? sounds nice. | ||||
| Seemless/Hitless Upgrades | 2 | 4 | 3 | 3 | For ex. some of AT&T's areas of interest under this topic would include: ability to automatically move tenant workloads without impact, speed of updates to controle plane, API normalizaion, N-2 upgrade backward compatibility... (AndyU) | ||||||
| Simplified Operations | 3 | 5 | 2 | For ex. some of AT&T's areas of interest under this topic would include: log standardization & transactional traceability, service health api's, error coding vs stack traces... (AndyU) | |||||||
| Onboarding | Onboarding new VNF's and/or enterprise applications onto our openstack clouds. Challenges, processes followed, steps, etc. | ||||||||||