Policy Release Notes

Version: 3.0.2

Release Date:2019-03-31 (Casablanca Maintenance Release #2)

The following items were deployed with the Casablanca Maintenance Release:

Bug Fixes

  • [POLICY-1522] - Policy doesn’t send “payload” field to APPC

Security Fixes

  • [POLICY-1538] - Upgrade Elasticsearch to 6.4.x to clear security issue

License Issues

  • [POLICY-1433] - Remove proprietary licenses in PSSD test CSAR

Known Issues

The following known issue will be addressed in a future release.

  • [POLICY-1650] - Policy UI doesn’t show left menu or any content

A workaround for this issue consists in bypassing the Portal UI when accessing the Policy UI. See PAP recipes for the specific procedure.

Version: 3.0.1

Release Date:2019-01-31 (Casablanca Maintenance Release)

The following items were deployed with the Casablanca Maintenance Release:

New Features

  • [POLICY-1221] - Policy distribution application to support HTTPS communication
  • [POLICY-1222] - Apex policy PDP to support HTTPS Communication

Bug Fixes

Version: 3.0.0

Release Date:2018-11-30 (Casablanca Release)

New Features

The Casablanca release for POLICY delivered the following Epics. For a full list of stories and tasks delivered in the Casablanca release, refer to JiraPolicyCasablanca (Note: Jira details can also be viewed from this link).

  • [POLICY-701] - This epic covers the work to integrate Policy into the SDC Service Distribution

The policy team introduced a new application into the framework that provides integration of the Service Distribution Notifications from SDC to Policy.

  • [POLICY-719] - This epic covers the work to build the Policy Lifecycle API
  • [POLICY-726] - This epic covers the work to distribute policy from the PAP to the PDPs into the ONAP platform
  • [POLICY-876] - This epics covers the work to re-build how the PAP organizes the PDP’s into groups.

The policy team did some forward looking spike work towards re-building the Software Architecture.

  • [POLICY-809] - Maintain and implement performance
  • [POLICY-814] - 72 hour stability testing (component and platform)

The policy team made enhancements to the Drools PDP to further support S3P Performance. For the new Policy SDC Distribution application and the newly ingested Apex PDP the team established S3P performance standard and performed 72 hour stability tests.

  • [POLICY-824] - maintain and implement security

The policy team established AAF Root Certificate for HTTPS communication and CADI/AAF integration into the MVP applications. In addition, many java dependencies were upgraded to clear CLM security issues.

  • [POLICY-840] - Flexible control loop coordination facility.

Work towards a POC for control loop coordination policies were implemented.

  • [POLICY-841] - Covers the work required to support HPA

Enhancements were made to support the HPA use case through the use of the new Policy SDC Service Distribution application.

  • [POLICY-842] - This epic covers the work to support the Auto Scale Out functional requirements

Enhancements were made to support Scale Out Use Case to enforce new guard policies and updated SO and A&AI APIs.

  • [POLICY-851] - This epic covers the work to bring in the Apex PDP code

A new Apex PDP engine was ingested into the platform and work was done to ensure code cleared CLM security issues, sonar issues, and checkstyle.

  • [POLICY-1081] - This epic covers the contribution for the 5G OOF PCI Optimization use case.

Policy templates changes were submitted that supported the 5G OOF PCI optimization use case.

  • [POLICY-1182] - Covers the work to support CCVPN use case

Policy templates changes were submitted that supported the CCVPN use case.

Bug Fixes

The following bug fixes have been deployed with this release:

  • [POLICY-799] - Policy API Validation Does Not Validate Required Parent Attributes in the Model
  • [POLICY-869] - Control Loop Drools Rules should not have exceptions as well as die upon an exception
  • [POLICY-872] - investigate potential race conditions during rules version upgrades during call loads
  • [POLICY-878] - pdp-d: feature-pooling disables policy-controllers preventing processing of onset events
  • [POLICY-909] - get_ZoneDictionaryDataByName class type error
  • [POLICY-920] - Hard-coded path in junit test
  • [POLICY-921] - XACML Junit test cannot find property file
  • [POLICY-1083] - Mismatch in action cases between Policy and APPC

Security Notes

POLICY code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The POLICY open Critical security vulnerabilities and their risk assessment have been documented as part of the project (Casablanca Release).

Quick Links:

Known Issues

Version: 2.0.0

Release Date:2018-06-07 (Beijing Release)

New Features

The Beijing release for POLICY delivered the following Epics. For a full list of stories and tasks delivered in the Beijing release, refer to JiraPolicyBeijing.

  • [POLICY-390] - This epic covers the work to harden the Policy platform software base (incl 50% JUnit coverage)
    • POLICY-238 policy/drools-applications: clean up maven structure
    • POLICY-336 Address Technical Debt
    • POLICY-338 Address JUnit Code Coverage
    • POLICY-377 Policy Create API should validate input matches DCAE microservice template
    • POLICY-389 Cleanup Jenkin’s CI/CD process’s
    • POLICY-449 Policy API + Console : Common Policy Validation
    • POLICY-568 Integration with org.onap AAF project
    • POLICY-610 Support vDNS scale out for multiple times in Beijing release
  • [POLICY-391] - This epic covers the work to support Release Planning activities
    • POLICY-552 ONAP Licensing Scan - Use Restrictions
  • [POLICY-392] - Platform Maturity Requirements - Performance Level 1
    • POLICY-529 Platform Maturity Performance - Drools PDP
    • POLICY-567 Platform Maturity Performance - PDP-X
  • [POLICY-394] - This epic covers the work required to support a Policy developer environment in which Policy Developers can create, update policy templates/rules separate from the policy Platform runtime platform.
    • POLICY-488 pap should not add rules to official template provided in drools applications
  • [POLICY-398] - This epic covers the body of work involved in supporting policy that is platform specific.
    • POLICY-434 need PDP /getConfig to return an indicator of where to find the config data - in config.content versus config field
  • [POLICY-399] - This epic covers the work required to policy enable Hardware Platform Enablement
    • POLICY-622 Integrate OOF Policy Model into Policy Platform
  • [POLICY-512] - This epic covers the work to support Platform Maturity Requirements - Stability Level 1
    • POLICY-525 Platform Maturity Stability - Drools PDP
    • POLICY-526 Platform Maturity Stability - XACML PDP
  • [POLICY-513] - Platform Maturity Requirements - Resiliency Level 2
    • POLICY-527 Platform Maturity Resiliency - Policy Engine GUI and PAP
    • POLICY-528 Platform Maturity Resiliency - Drools PDP
    • POLICY-569 Platform Maturity Resiliency - BRMS Gateway
    • POLICY-585 Platform Maturity Resiliency - XACML PDP
    • POLICY-586 Platform Maturity Resiliency - Planning
    • POLICY-681 Regression Test Use Cases
  • [POLICY-514] - This epic covers the work to support Platform Maturity Requirements - Security Level 1
    • POLICY-523 Platform Maturity Security - CII Badging - Project Website
  • [POLICY-515] - This epic covers the work to support Platform Maturity Requirements - Escalability Level 1
    • POLICY-531 Platform Maturity Scalability - XACML PDP
    • POLICY-532 Platform Maturity Scalability - Drools PDP
    • POLICY-623 Docker image re-design
  • [POLICY-516] - This epic covers the work to support Platform Maturity Requirements - Manageability Level 1
    • POLICY-533 Platform Maturity Manageability L1 - Logging
    • POLICY-534 Platform Maturity Manageability - Instantiation < 1 hour
  • [POLICY-517] - This epic covers the work to support Platform Maturity Requirements - Usability Level 1
    • POLICY-535 Platform Maturity Usability - User Guide
    • POLICY-536 Platform Maturity Usability - Deployment Documentation
    • POLICY-537 Platform Maturity Usability - API Documentation
  • [POLICY-546] - R2 Beijing - Various enhancements requested by clients to the way we handle TOSCA models.

Bug Fixes

The following bug fixes have been deployed with this release:

  • [POLICY-484] - Extend election handler run window and clean up error messages
  • [POLICY-494] - POLICY EELF Audit.log not in ECOMP Standards Compliance
  • [POLICY-501] - Fix issues blocking election handler and add directed interface for opstate
  • [POLICY-509] - Add IntelliJ file to .gitingore
  • [POLICY-510] - Do not enforce hostname validation
  • [POLICY-518] - StateManagement creation of EntityManagers.
  • [POLICY-519] - Correctly initialize the value of allSeemsWell in DroolsPdpsElectionHandler
  • [POLICY-629] - Fixed a bug on editor screen
  • [POLICY-684] - Fix regex for brmsgw dependency handling
  • [POLICY-707] - ONAO-PAP-REST unit tests fail on first build on clean checkout
  • [POLICY-717] - Fix a bug in checking required fields if the object has include function
  • [POLICY-734] - Fix Fortify Header Manipulation Issue
  • [POLICY-743] - Fixed data name since its name was changed on server side
  • [POLICY-753] - Policy Health Check failed with multi-node cluster
  • [POLICY-765] - junit test for guard fails intermittently

Security Notes

POLICY code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The POLICY open Critical security vulnerabilities and their risk assessment have been documented as part of the project.

Quick Links:

Known Issues

The following known issues will be addressed in a future release:

  • [POLICY-522] - PAP REST APIs undesired HTTP response body for 500 responses
  • [POLICY-608] - xacml components : remove hardcoded secret key from source code
  • [POLICY-764] - Policy Engine PIP Configuration JUnit Test fails intermittently
  • [POLICY-776] - OOF Policy TOSCA models are not correctly rendered
  • [POLICY-799] - Policy API Validation Does Not Validate Required Parent Attributes in the Model
  • [POLICY-801] - fields mismatch for OOF flavorFeatures between implementation and wiki
  • [POLICY-869] - Control Loop Drools Rules should not have exceptions as well as die upon an exception
  • [POLICY-872] - investigate potential race conditions during rules version upgrades during call loads

Version: 1.0.2

Release Date:2018-01-18 (Amsterdam Maintenance Release)

Bug Fixes

The following fixes were deployed with the Amsterdam Maintenance Release:

  • [POLICY-486] - pdp-x api pushPolicy fails to push latest version

Version: 1.0.1

Release Date:2017-11-16 (Amsterdam Release)

New Features

The Amsterdam release continued evolving the design driven architecture of and functionality for POLICY. The following is a list of Epics delivered with the release. For a full list of stories and tasks delivered in the Amsterdam release, refer to JiraPolicyAmsterdam.

  • [POLICY-31] - Stabilization of Seed Code
    • POLICY-25 Replace any remaining openecomp reference by onap
    • POLICY-32 JUnit test code coverage
    • POLICY-66 PDP-D Feature mechanism enhancements
    • POLICY-67 Rainy Day Decision Policy
    • POLICY-93 Notification API
    • POLICY-158 policy/engine: SQL injection Mitigation
    • POLICY-269 Policy API Support for Rainy Day Decision Policy and Dictionaries
  • [POLICY-33] - This epic covers the body of work involved in deploying the Policy Platform components
    • POLICY-40 MSB Integration
    • POLICY-124 Integration with oparent
    • POLICY-41 OOM Integration
    • POLICY-119 PDP-D: noop sinks
  • [POLICY-34] - This epic covers the work required to support a Policy developer environment in which Policy Developers can create, update policy templates/rules separate from the policy Platform runtime platform.
    • POLICY-57 VF-C Actor code development
    • POLICY-43 Amsterdam Use Case Template
    • POLICY-173 Deployment of Operational Policies Documentation
  • [POLICY-35] - This epic covers the body of work involved in supporting policy that is platform specific.
    • POLICY-68 TOSCA Parsing for nested objects for Microservice Policies
  • [POLICY-36] - This epic covers the work required to capture policy during VNF on-boarding.
  • [POLICY-37] - This epic covers the work required to capture, update, extend Policy(s) during Service Design.
    • POLICY-64 CLAMP Configuration and Operation Policies for vFW Use Case
    • POLICY-65 CLAMP Configuration and Operation Policies for vDNS Use Case
    • POLICY-48 CLAMP Configuration and Operation Policies for vCPE Use Case
    • POLICY-63 CLAMP Configuration and Operation Policies for VOLTE Use Case
  • [POLICY-38] - This epic covers the work required to support service distribution by SDC.
  • [POLICY-39] - This epic covers the work required to support the Policy Platform during runtime.
    • POLICY-61 vFW Use Case - Runtime
    • POLICY-62 vDNS Use Case - Runtime
    • POLICY-59 vCPE Use Case - Runtime
    • POLICY-60 VOLTE Use Case - Runtime
    • POLICY-51 Runtime Policy Update Support
    • POLICY-328 vDNS Use Case - Runtime Testing
    • POLICY-324 vFW Use Case - Runtime Testing
    • POLICY-320 VOLTE Use Case - Runtime Testing
    • POLICY-316 vCPE Use Case - Runtime Testing
  • [POLICY-76] - This epic covers the body of work involved in supporting R1 Amsterdam Milestone Release Planning Milestone Tasks.
    • POLICY-77 Functional Test case definition for Control Loops
    • POLICY-387 Deliver the released policy artifacts
Bug Fixes
  • This is technically the first release of POLICY, previous release was the seed code contribution. As such, the defects fixed in this release were raised during the course of the release. Anything not closed is captured below under Known Issues. For a list of defects fixed in the Amsterdam release, refer to JiraPolicyAmsterdam.
Known Issues
  • The operational policy template has been tested with the vFW, vCPE, vDNS and VOLTE use cases. Additional development may/may not be required for other scenarios.
  • For vLBS Use Case, the following steps are required to setup the service instance:
    • Create a Service Instance via VID.
    • Create a VNF Instance via VID.
    • Preload SDNC with topology data used for the actual VNF instantiation (both base and DNS scaling modules). NOTE: you may want to set “vlb_name_0” in the base VF module data to something unique. This is the vLB server name that DCAE will pass to Policy during closed loop. If the same name is used multiple times, the Policy name-query to AAI will show multiple entries, one for each occurrence of that vLB VM name in the OpenStack zone. Note that this is not a limitation, typically server names in a domain are supposed to be unique.
    • Instantiate the base VF module (vLB, vPacketGen, and one vDNS) via VID. NOTE: The name of the VF module MUST start with Vfmodule_. The same name MUST appear in the SDNC preload of the base VF module topology. We’ll relax this naming requirement for Beijing Release.
    • Run heatbridge from the Robot VM using Vfmodule_ … as stack name (it is the actual stack name in OpenStack)
    • Populate AAI with a dummy VF module for vDNS scaling.
Security Issues
  • None at this time
Other
  • None at this time

End of Release Notes