.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2017 AT&T Intellectual Property. All rights reserved.
+.. _release_notes:
AAI Release Notes
==================
+Abstract
+========
+
+This document provides release notes for the Active and Available Inventory Project's Kohn Release
+
+Release Data
+============
+
+Version: 13.0.0
+---------------
+
+New Features
+------------
+
+- Spring Boot update in aai-common, resources and traversal from 2.1 to 2.4
+- Tracing support in resources and traversal
+- Optionally enable `database level caching for JanusGraph <https://docs.janusgraph.org/operations/cache/#database-level-caching>`_
+- Change default logging to write to stdout instead of files
+- Reduce log noise by not logging happy pass for liveness probes
+
+Fixes
+-----
+
+- Fix metrics monitoring via Prometheus
+
+:Release Date: 2022-11-10
+
+Version: 11.0.0
+---------------
+
+:Release Date: 2022-11-10
+
+New Features
+------------
+
+The R11 Kohn release of ONAP includes updates to the schema and edge rules. AAI is serving v27 as the latest version of the REST APIs, and has support for v25.
+
+- Model updates made on the following nodes for changes to attributes or indexing, present in v27
+ * User Network Interfaces (uni)
+ * Route target
+ * Network Route
+ * Bgp neighbor
+ * Vpn binding
+ * Lag interface
+ * Physical interface
+ * Logical interface
+
+- Edge rule changes include
+ * UPDATE collection > service instance edge label and multiplicity change
+ * ADD configuration > p-interface
+ * ADD collection>endpoint
+ * ADD collection>configuration
+ * ADD collection>aggregate-route
+ * ADD collection>parameter-list
+ * ADD collection>policy-key-term
+ * ADD collection>policy-map-member
+ * ADD collection>rule
+ * ADD collection>profile
+ * ADD collection>policy
+ * ADD collection>l3-network
+ * ADD collection>vpn-binding
+ * ADD collection>community-list
+ * ADD collection>object-group
+ * ADD p-interface>object-group
+
+- Please note log4j is still on older versions in a transitive dependency for aaf auth for the following mS
+ * onap-aai-aai-common
+ * onap-aai-babel
+ * onap-aai-resources
+ * onap-aai-schema-service
+ * onap-aai-traversal
+
+Known Limitations, Issues, and Workarounds
+==========================================
+
+Known Issues
+------------
+
+* DMAAP Events are Not Being Published from AAI-Resources (AAI-3507)
+
+Workarounds
+-----------
+
+* None
+
+References
+==========
+
+Quick links:
+
+- `AAI project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+
+For more information on the ONAP Honolulu release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+
+Version: 10.0.0
+---------------
+
+:Release Date: 2022-06-02
+
+The R10 Jakarta release of ONAP A&AI addressed security vulnerabilities and enhanced the model for the CCVPN Use Case
+
+- Schema updated for CCVPN use case mainly enhancing and bug fixes of the Cloud Leased Line (CLL) service
+- Updated versions for indy, httpclient, freemarker, activemq, commons-io, commons-compress, logback-core, commons-codec, groovy, netty-all, netty-handler, gson, and snakeyaml in various mS
+- Please note log4j is still on older versions in a transitive dependency for aaf auth for the following mS
+ * onap-aai-aai-common
+ * onap-aai-babel
+ * onap-aai-resources
+ * onap-aai-schema-service
+ * onap-aai-traversal
+
+Version: 9.0.1
+--------------
+
+:Release Date: 2022-02-17
+
+The R9 Istanbul maintenance release of ONAP A&AI addressed some security vulnerabilities mainly for the Log4J dependencies
+
+- Updated the direct dependency log4j libraries to 2.17.2
+- Please note log4j is still on older versions in a transitive dependency for aaf auth for the following mS
+ * onap-aai-aai-common
+ * onap-aai-babel
+ * onap-aai-resources
+ * onap-aai-schema-service
+ * onap-aai-traversal
+
+Version: 9.0.0
+--------------
+
+:Release Date: 2021-11-04
+
+New Features
+------------
+
+The R9 Istanbul release of ONAP includes updates to both use cases and non-functional requirements. AAI is serving v24 as the latest version of the REST APIs, and has support for v21.
+
+- Functional Updates
+ * Model updates as part of CCVPN Transport Slicing Feature
+ * Model updates as part of Smart Intent Guarantee based on IBN Feature
+ * Model updates as part of CNF Orchestration Feature
+- Non-functional Updates
+ * Sonar & Security updates
+ * Rolling upgrade functionality
+ * Micrometer integration
+ * Prometheus monitoring integration
+
+Istanbul Known Limitations, Issues, and Workarounds
+---------------------------------------------------
+
+Known Issues
+------------
+
+* None
+
+Workarounds
+-----------
+
+* None
+
+Honolulu References
+-------------------
+
+Quick links:
+
+- `AAI project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+
+For more information on the ONAP Honolulu release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+
+Version: 8.0.0
+--------------
+
+:Release Date: 2021-04-29
+
+New Features
+------------
+
+The R8 Honolulu release of ONAP includes updates to both use cases and non-functional requirements.
+
+- Functional Updates
+ * Model updates as part of CCVPN Transport Slicing Feature
+ * Model updates as part of Network Slicing Feature
+ * Model updates as part of Multi-tenancy
+ * Multi-tenancy implemented allowing for control of data by owner (disabled by default)
+ * GraphGraph POC enhanced for schema visualization and visual model generation
+ * Sparky UI updates including Browse, Specialized Search, BYOQ, and BYOQ Builder Views
+- Non-functional Updates
+ * Updated eligible microservices (non-janusgraph dependent) to use Java 11
+- Deprecation Notice
+ * Data-router, Search-data-service, Elastic, and Router-Core are put into maintenance mode and removed from release.
+
+Honolulu Known Limitations, Issues, and Workarounds
+---------------------------------------------------
+
+Known Issues
+------------
+
+* None
+
+Workarounds
+-----------
+
+* None
+
+Istanbul References
+-------------------
+
+Quick links:
+
+- `AAI project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+
+For more information on the ONAP Honolulu release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+
+Version: 7.0.1
+--------------
+
+:Release Date: 2021-05-10
+
+The R7 Guilin maintenance release of ONAP A&AI just addressed some bug fixes and certificate updates
+
+- Updated Certificates
+- Updated Edge rule for bandwidth attribute
+- AAI-EVENT notifications failing to publish was fixed
+
+Version: 7.0.0
+--------------
+
+:Release Date: 2020-12-03
+
+New Features
+------------
+
+The R7 Guilin release of ONAP includes updates to both use cases and non-functional requirements. The AAI platform maturity rating graduated from Incubation to Mature in Guilin. AAI is serving v21 as the latest version of the REST APIs, and has support for v19.
+
+- Functional Updates
+ * Model updates as part of CCVPN Transport Slicing Feature
+ * Model updates as part of xNF Software Upgrade feature
+ * Model updates as part of Multi-tenancy
+ * Updates to SDC model parsing to support Bulk PM/PM Data Control Extension & E2E Network Slicing features
+ * Configurable ability to control concurrency locking
+ * Configurable ability to enforce ownership of owning entity on pnf crud interactions (Multi-tenancy poc)
+ * Enhancements to the model based on physical inventory
+ * Support for nested json formatted responses using the as-tree=true parameter for traversal mS calls
+- Non-functional Updates
+ * Updated microservices to run as non-root
+ * Spring boot 2 upgrades to our microservices
+ * Enhanced logging
+ * Added limits to aai pods
+ * Update mS based on license scan findings
+- Deprecation Notice
+ * ESR Server is retired
+ * ESR GUI is retired
+ * AAI Sparky UI is not supported in Guilin nor is its supporting mS data-router, search-data-service, or elastic. Targeted for retirement in Honolulu.
+
+Guilin Known Limitations, Issues, and Workarounds
+-------------------------------------------------
+
+Known Issues
+------------
+
+* `AAI-3219 <https://jira.onap.org/browse/AAI-3219>`_ - AAI-EVENT notifications failed to be published to DMaap
+
+Workarounds
+-----------
+
+The following is our workaround (i.e., replacing HTTPS with HTTP):
+
+ .. code-block:: bash
+
+ /** Change each of these configmaps below**/
+ kubectl -n onap edit configmaps dev-aai-resources-configmap
+ kubectl -n onap edit configmaps dev-aai-traversal-configmap
+ kubectl -n onap edit configmaps dev-aai-graphadmin-configmap
+ kubectl -n onap edit configmaps dev-aai-data-router-dynamic
+ // The target attributes need to be changed are:
+ // change Dmaap port from 3905 => 3904
+ // change Dmaap protocol from https => http
+ /** Restart related pods **/
+ kubectl n onap delete pod {POD1} {POD2} {POD3} {POD4}
+ //where POD1-4 are pod names of dev-aai-resources, dev-aai-traversal, dev-aai-graphadmin, and dev-aai-data-router, respectively.
+
+Guilin References
+-----------------
+
+Quick links:
+
+- `AAI project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+
+For more information on the ONAP Guilin release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+
+Version: 6.0.0
+--------------
+
+:Release Date: 2020-06-04
+
+New Features
+------------
+
+The R6 Frankfurt release of ONAP includes updates to both use cases and non-functional requirements. AAI is serving v19 as the latest version of the REST APIs, and has support for v16 (Dublin and El Alto).
+
+- Implemented new parent POM under org.onap.aai.aai-common.aai-parent for simplified management of 3rd party dependencies
+- Upgrade to spring-boot 2 (partially complete)
+- Model updates and edge rules changes in support of the following use cases:
+ * CCVPN for SOTN NNI
+ * 5G Network Slicing
+ * Multi-Domain Optical Network Services
+ * PNF enhancements
+- Papyrus XMI UML files for run-time data model reverse engineering
+- Integration with sonarcloud
+- All containers run as non-root user
+
+champ, spike, and gizmo are deprecated and removed from the helm chart.
+
+Frankfurt Known Limitations, Issues, and Workarounds
+----------------------------------------------------
+
+Known Issues
+------------
+
+* `AAI-2766 <https://jira.onap.org/browse/AAI-2766>`_ - AAI data-router cannot communicate with DMaaP message router service
+* `AAI-2905 <https://jira.onap.org/browse/AAI-2905>`_ - AAI sparky cannot communicate with portal due to certificate issue, might be related to https://jira.onap.org/browse/PORTAL-875
+
+The AAI sub-project External System Registry (ESR) is re-using elalto containers. The integration team has helped ESR to meet security requirements for Frankfurt, and the AAI is grateful for the contribution.
+
+Workarounds
+-----------
+
+Roles for sparky are loaded into AAF by default, so previous workaround is no longer required. However, the pods cannot resolve portal.api.simpledemo.onap.org anymore, so it's necessary to add an entry to /etc/hosts in the sparky-be pod. This will get around the "unknown host" issue, but then it's leads to AAI-2905, where AAI cannot get the roles from Portal due to the issue with the AAF auto-created certificate.
+
+The community has been unable to make data-router communicate with DMaaP, we welcome contributors who can help resurrect this service, or it will be deprecated in Guilin.
+
+Frankfurt References
+--------------------
+
+Quick links:
+
+- `AAI project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+
+For more information on the ONAP Frankfurt release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+
+Version: 5.0.2
+--------------
+:Release Date: 2019-10-03
+
+**New Features**
+
+The R5 El Alto release of ONAP is a maintenance release, focusing on
+deployability, technical debt, and footprint opimization.
+
+AAI focused on converting all of our microservices to Alpine, created
+common images for users to select either Alpine or Ubuntu, and reduced
+the number of microservices that is started by default for the
+demo. We updated to newer versions of spring boot - we are in the
+process of moving to spring-boot 2, but many of the microservices are
+still running 1.5.21. We updated to JanusGraph 0.2.3, which is a
+seamless upgrade from 0.2.0 which was used in Dublin.
+
+Users who would like to further reduce the AAI footprint can update the
+aai/oom helm charts.
+
+To re-enable the services that have been disabled by default, update
+to "enabled: true" in aai/oom/values.yaml:
+
+ .. code-block:: bash
+
+ aai-champ:
+ enabled: true
+ aai-gizmo:
+ enabled: true
+ aai-spike:
+ enabled: true
+
+To disable other components that are not critical to the Integration
+use cases (vFw, vLB, vDNS, etc), add "enabled: false" in
+aai/oom/values.yaml for each of the following services:
+
+ .. code-block:: bash
+
+ aai-data-router:
+ enabled: false
+ aai-search-data:
+ enabled: false
+ aai-elasticsearch:
+ enabled: false
+ aai-sparky-fe:
+ enabled: false
+
+*Known Vulnerabilities in Used Modules*
+
+AAI code has been formally scanned during build time using NexusIQ and
+all Critical vulnerabilities have been addressed, items that remain
+open have been assessed for risk and determined to be false
+positive. The AAI open Critical security vulnerabilities and their
+risk assessment have been documented as part of the link
+
+**Known Issues**
+
+The AAI UI is now integrated with Portal and AAF. However, the AAF
+default boostrap does not include a role that is necessary the demo
+user to access the AAI UI.
+
+Run the following as a workaround, adjust the URL and credentials
+according to your environment. The user in CRED must be able to update
+the org.onap.aai namespace. The following example has been tested from
+inside the AAI resources pod.
+
+ .. code-block:: bash
+
+ URL='https://aaf-service.onap:8100'
+ CRED='aai@aai.onap.org:demo123456!'
+
+ curl -v -k -u "$CRED" -H "Content-Type: application/RoleRequest+json" $URL/authz/role -d '{"name":"org.onap.aai.aaiui"}'
+
+ curl -v -k -u "$CRED" -H "Content-Type: application/UserRoleRequest+json" $URL/authz/userRole -d '{ "user":"demo@people.osaaf.org", "role":"org.onap.aai.aaiui" }'
+
+Frankfurt will include the role and role assignment in the
+default bootstrap data (being tracked under `AAI-2475 <https://jira.onap.org/browse/AAI-2475>`__)
+
+- `AAI-2606 <https://jira.onap.org/browse/AAI-2606>`_ Schema-service entity description is not available
+
+- `AAI-2457 <https://jira.onap.org/browse/AAI-2457>`_ Inconsistent error messages when getting AAI resources
+
+- `AAI-2457 <https://jira.onap.org/browse/AAI-2457>`_ Inconsistent error messages when getting AAI resources
+
+- `AAI-2092 <https://jira.onap.org/browse/AAI-2092>`_ aai-resources does excessive amounts of logging
+
+- `AAI-2082 <https://jira.onap.org/browse/AAI-2082>`_ aai-resources gives incorrect output when aai-cassandra has shutdown with failure
+
+Quick Links:
+
+- `Active and Available Inventory project page <https://wiki.onap.org/display/DW/Active+and+Available+Inventory+Project>`_
+- `R5 Passing Badge information for AAI <https://bestpractices.coreinfrastructure.org/en/projects/1591>`_
+- `R5 Project Vulnerability Review Table for AAI <https://wiki.onap.org/pages/viewpage.action?pageId=64003431>`_
+
+
Version: 1.4.0
+--------------
-:Release Data: 2019-06-08
+:Release Date: 2019-06-08
**New Features**
**Known Issues**
-If the either the aai-resources or aai-traversal pod is deleted, haproxy will not automatically detect when the pod is re-instantiated. As a temporary workaround, you can delete the haproxy pod (the one named "aai", for example, "dev-aai-8794fbff5-clx7d") and when the aai pod restarts the service should operate normally. A proposed fix is here: https://gerrit.onap.org/r/#/c/51075/1 if you want to see how to configure the haproxy service to auto-recover when the IP address of either the aai-resources or aai-traversal pod changes.
+If the either the aai-resources or aai-traversal pod is deleted, haproxy will not automatically detect when the pod is re-instantiated. As a temporary workaround, you can delete the haproxy pod (the one named "aai", for example, "dev-aai-8794fbff5-clx7d") and when the aai pod restarts the service should operate normally. A proposed fix is `here <https://gerrit.onap.org/r/c/oom/+/51075/1>`_ if you want to see how to configure the haproxy service to auto-recover when the IP address of either the aai-resources or aai-traversal pod changes.
**Security Notes**
- `AAI-61 <https://jira.onap.org/browse/AAI-61>`_ AAI cleaned up references to OpenECOMP but in order to keep the release stable for R1, the XML namespace still contains openecomp.
-Client systems should use http://org.openecomp.aai.inventory/v11 as the XML namespace for ONAP AAI R1.
-
**Security Issues**
See Common Vulnerabilities and Exposures `CVE <https://cve.mitre.org>`
Code Review / aai / aai-common.git / blobdiff