Versions Compared

Old Version 93

changes.mady.by.user Randy Stricklin

Saved on

compared with

New Version 94

changes.mady.by.user Randy Stricklin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

No.Project NameTSC Subgroup Release StatusIs this your first release 

Blue Print Stage

  • Self-Certify
  • Incubation
  • Mature
  • Core

CD Logs URL to be used for review

(Column filled in by PTLs)

How to: Push Logs to Nexus

Jenkins Master for Private Lab

Jenkins Peering Guide

Example: 

KubeEdge BP Test Documents

Link to executive one pager

(editable doc format)

(Column filled in by PTLs)

API Info Reporting Review

(Column filled in by API Subcommittee)

(note for PTLs – go here for steps to fill in project API info form)

BluVal

Certification

Bluval User Guide

Security

Certification

Provide link to Vuls, Lynis, and Kube-Hunter logs below.

Pass/Fail Criteria:  Steps To Implement Security Scan Requirements

Exception requests should be filed at:

Release 5: Akraino CVE Vulnerability Exception Request

Upstream Review (Column filled by Upstream Subcommittee and PTLs)


(note PTL can go to Release 5 BP/Feature Upstream Status to find details)

Date ready for TSC review

(Column filled in by PTLs)

 TSC Review Date

(Column filled in by TSC)


1

Connected Vehicle Blueprint

Thor Chin

Tao Wang













2

IEC Type 4: AR/VR oriented Edge Stack for Integrated Edge Cloud (IEC) Blueprint Family

Bart Dong

Thor Chin













3














4

ICN - Integrated Cloud-Native Family

Kuralamudhan Ramakrishnan


No

ICN Master Bare Metal Deployment Verifier

ICN Master Virtual Deployment Verifier


Per notice from Kural 5Aug21, no change from R4

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master/20210707-182026/results/os/lynis/

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master/20210707-182026/results/os/vuls/

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master/20210707-182026/results/k8s/conformance/

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master/20210707-182026/results/k8s/kube-hunter/

Filed Release 5: Akraino CVE Vulnerability Exception Request

Incubation Level Review Results:

 

VulsAccepted with exceptions shown at:

Release 5 Vuls Exception Request

____________________________________________________________

LynisAccepted 

____________________________________________________________

Kube-Hunter: 

  Cluster:  Accepted 

  Pod:  Accepted 

Completed by 8/6/2021


5

ICN - Multi-Tenant Secure Cloud Native Platform 

Salvador Fuentes


Yes
https://nexus.akraino.org/content/sites/logs/intel/ICN_CD_logs/pod11-node5/icn-master-bm-verify-bm_verifer-kata/12/

API form uploaded 24 May

e-mail questions exchanged 20Jul21

Scheduled for review by API subcommittee  

API subcommittee review completed and info accepted  

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master-kata/20210624-025354/results/os/lynis/

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master-kata/20210712-025145/results/os/vuls/

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master-kata/20210624-025354/results/k8s/conformance/

https://nexus.akraino.org/content/sites/logs/intel/bluval_results/icn/master-kata/20210624-025354/results/k8s/kube-hunter/

Filed Release 5: Akraino CVE Vulnerability Exception Request

Incubation Level Review Results:

 

VulsAccepted with exceptions shown at:

Release 5 Vuls Exception Request

____________________________________________________________

Lynis: Accepted 

____________________________________________________________

Kube-Hunter: 

  Cluster:  Accepted 

  Pod:  Accepted 

Completed by 8/10/2021


6

ELIOT IoT Gateway Blueprint

khemendra kumar


No
https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-build/18/home/jenkins/log/

https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-security-validation-build/4/results/

Incubation Level Review Results:

 

VulsAccepted with exceptions shown at:

Release 5 Vuls Exception Request

____________________________________________________________

Lynis: Accepted 

____________________________________________________________

Kube-Hunter: 

  Cluster:  Accepted 

  Pod:  Accepted with exceptions shown at:

Release 5 Blueprint Scanning Status

Completed 8/6/2021


7

ELIOT SD-WAN/WAN Edge/uCPE Blueprint

khemendra kumar




https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-uCPE-build/15/home/jenkins/log/

https://nexus.akraino.org/content/sites/logs/huawei/job/eliot-uCPE-security-build/10/results/

Incubation Level Review Results:

 

VulsAccepted with exceptions shown at:

Release 5 Vuls Exception Request

____________________________________________________________

Lynis: Accepted 

____________________________________________________________

Kube-Hunter: 

  Cluster:  Accepted 

  Pod:  Accepted with exceptions shown at:

Release 5 Blueprint Scanning Status

Completed on 8/6/2021


8

Network Cloud and TF (Tungsten Fabric) Integration Project

Sukhdev Kapur


No


Per e-mail from Sukhdev 5Aug21, no change from R4

Completed by 8/10/2021


9

KNI Provider Access Edge

Ricardo Noriega


No
https://jenkins.akraino.org/job/kni-blueprint-pae-verify-deploy-gcp/69/

Akraino R5 blueprint Datasheet_ KNI PAE.odt




Completed by 8/10/2021


10

KNI Industrial Edge

Ricardo Noriega


No

Management Hub:

https://logs.akraino.org/production/vex-yul-akraino-jenkins-prod-1/kni-blueprint-management-hub-verify-deploy-gcp/19/

Industrial Edge:

https://logs.akraino.org/production/vex-yul-akraino-jenkins-prod-1/kni-blueprint-ie-verify-deploy-gcp/4/

Akraino R5 blueprint Datasheet_ KNI IE.odt




Completed by 8/10/2021


11

Micro-MEC













12

The AI Edge: School/Education Video Security Monitoring

Yu, Liya













13

The AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)

Yu, Liya













14

5G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting Blueprint

Feng Yang

TSC 2021-08-17 (Tuesday) 7:00 am Pacific

No
https://nexus.akraino.org/content/sites/logs/tencent/job/tencent_5g_mec/

5G MEC_Akraino R4&5 blueprint Datasheet.docx

Per e-mail from Eagan Fu on Aug 16, no change from R4





15

IEC Type 3: Android cloud native applications on Arm servers in edge for Integrated Edge Cloud (IEC) Blueprint Family

hanyu ding













16

IEC Type 5: SmartNIC for Integrated Edge Cloud (IEC) Blueprint Family

yihui wang






Per e-mail from Leo 11Aug21, no change from R4





17

Enterprise Applications on Lightweight 5G Telco Edge

Gaurav Agrawal


No
https://nexus.akraino.org/content/sites/logs/huawei/job/ealt-edge-build/51/home/jenkins/log/

https://nexus.akraino.org/content/sites/logs/huawei/job/ealt-security-validation-build/19/results/

Incubation Level Review Results:

 

VulsAccepted with exceptions shown at:

Release 5 Vuls Exception Request

____________________________________________________________

LynisAccepted 

____________________________________________________________

Kube-Hunter: 

  Cluster:  Accepted 

  Pod:  Accepted with exceptions shown at:

Release 5 Blueprint Scanning Status

R5 - Architecture Documentation of Enterprise Applications on Lightweight 5G Telco Edge


Completed by 8/10/2021




18

Public Cloud Edge Interface (PCEI) Blueprint

Oleg Berzin

TSC 2021-08-10 (Tuesday) 7:00 am PacificNo
https://nexus.akraino.org/content/sites/logs/cmti/job/pcei-daily/https://wiki.akraino.org/x/lwHkAg

Per API Subcommittee meeting 30Jul21, no change from R4

PCEI R5 API Doc:

https://wiki.akraino.org/x/qgHkAg

https://nexus.akraino.org/content/sites/logs/pcei/job/r5/v1/


 

https://nexus.akraino.org/content/sites/logs/pcei/job/r5/v2/

Fixed:

fs.suid_dumpable

net.ipv4.conf.default.accept_source_route

Cannot fix AUTH-9328

because changing unmask value to 027 caused lynis test suite to fail (does not run)

Incubation Level Review Results:

 

VulsAccepted with exceptions shown at:

Release 5 Vuls Exception Request

____________________________________________________________

Lynis:  Accepted with exceptions shown at:

Release 5 Blueprint Scanning Status

____________________________________________________________

Kube-Hunter: 

  Cluster:  Accepted 

  Pod:  Accepted with exceptions shown at:

Release 5 Blueprint Scanning Status

PCEI R5 Release Notes

https://wiki.akraino.org/x/LgLkAg



Completed by 8/6/2021

 



19

The AI Edge: Federated ML application at edge

zifan wu


No
  • Incubation
https://nexus.akraino.org/content/sites/logs/fate/job/Fate_test/15/Akraino R5 Federated ML blueprint datasheet.docxPer e-mail from Zifan 8Aug21, no change from R4

https://nexus.akraino.org/content/sites/logs/fate/job/fate_security/1

 

https://nexus.akraino.org/content/sites/logs/fate/fml/2/


Incubation Level Review Results:

03

The attached logs do not contain the output files generated by lyns, vuls, and kube-hunter.  The following log files are needed to perform the security review:

  • lynis.log  generated by Lynis
  • vuls.log   generated by Vuls
  • cluster.log  generated by Kube-Hunter
  • pod.log   generated by Kube-Hunter

If you need additional information please contact the security team at security@lists.akraino.org.

Also, utilizing BluVal will perform these tests automatically.

Incubation Level Review Results:

 

VulsFAILED with exceptions shown at:

Release 5 Vuls Exception Request

The following CVE must be corrected by updating CURL:

CVE-2019-5482

Solution information can be found at:

 

VulsFAILED with exceptions shown at:

Release 5 Vuls Exception Request

The following CVE must be corrected by updating CURL:

CVE-2019-5482

Solution information can be found at:

https://access.redhat.com/security/cve/cve-2019-5482

__________________________________________________________

LynisFAILED

  1. Test: Checking PASS_MAX_DAYS option in /etc/login.defs: FAILEDSuggestion: Configure maximum password age in /etc/login.defs
  2. Performing test ID AUTH-9328 (Default umask values): FAILEDSuggestion: Default umask in /etc/profile or /etc/profile.d/custom.sh could be more strict (e.g . 027)
  3. Performing test ID SSH-7440 (Check OpenSSH option: AllowUsers and AllowGroups): FAILED

AllowUsers is not set

AllowGroups is not set

     SSH has no specific user or group limitation. Most   

     likely all valid users can SSH to th is machine.

4.  sysctl key kernel.dmesg_restrict: FAILED

     Valued should be set to 1.

5.  Performing test ID HRDN-7220 (Check if one or more 

     compilers are installed): FAILED

     Following compilers installed:

  • Found known binary: as (compiler) - /usr/bin/as
  • Found known binary: cc (compiler) - /usr/bin/cc
  • Found known binary: g++ (compiler) - /usr/bin/g++
  • Found known binary: gcc (compiler) - /usr/bin/gcc
https://access.redhat.com/security/cve/cve-2019-5482

__________________________________________________________

__

Kube-Hunter:  Exception granted:  K8s not used by this BP.

 


20

KubeEdge Edge Service Blueprint

Yin Ding













21

Private LTE/5G ICN Blueprint

Prem Sankar G

TSC 2021-08-03 (Tuesday) 7:00 am Pacific

No
https://nexus.akraino.org/content/sites/logs/juniper/job/Private%205G%20BP/Akraino Private LTE/5G BP DatasheetNo new features or bugs have been added after R4 release

Completed by 8/10/2021


22

Rural Edge blueprint for Tami COVID-19 Blueprint Family

Surojit Banerjee













23

Smart Cities

Olivier Bernard Cindy Xing Alexander Su


Yes









24

MEC-based Stable Topology Prediction for Vehicular Networks

Asif Mehmood













25

IEC Type 2 for Integrated Edge Cloud (IEC) Blueprint Family

Vinothini Raju

ashvin kumar Trevor Tao

No

Akraino Light Weight μMEC on AWS.pdf








26

IoT Workloads at the Smart Device Edge - Predictive Maintenance (with a Thermal Imaging Camera, vibration sensors, etc.)

V S Aaron Williams


No









27

Federated Multi-Access Edge Cloud Platform

Deepak Vij


Yes









...