[UXPROD-4630] Investigations and Designs Created: 28/Dec/23  Updated: 08/Feb/24

Status: In Progress
Project: UX Product
Components: None
Affects versions: None
Fix versions: None

Type: New Feature Priority: P2
Reporter: Craig McNally Assignee: Craig McNally
Resolution: Unresolved Votes: 0
Labels: SolutionArchitecture, back-end, epam-eureka, eureka-phase4, front-end
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Defines
is defined by MGRAPPS-7 PLACEHOLDER - Define application desc... Open
is defined by MODSIDECAR-13 PLACEHOLDER - Spike - Options for han... Open
is defined by MODSIDECAR-21 Spike - investigate SSL termination i... Open
is defined by KONG-1 PLACEHOLDER - Spike - Investigate Kon... Open
is defined by MODROLESKC-58 Spike - Investigate support for i18n ... Open
is defined by MODROLESKC-62 PLACEHOLDER - Spike - Should Keycloak... Open
is defined by MODROLESKC-63 PLACEHOLDER - How to organize/refacto... Open
is defined by MODROLESKC-67 PLACEHOLDER - Spike/PoC - Investigate... Open
is defined by MODROLESKC-68 PLACEHOLDER - Spike - Revisit platfor... Open
is defined by MODROLESKC-69 PLACEHOLDER - Spike - investigate imp... Open
is defined by MODSIDECAR-23 Measure sidecar resource consumption ... Open
is defined by STCOR-777 Spike - Load shared assets: sounds Open
is defined by STRIPES-901 Spike - Load a remote app with confli... Open
is defined by UIROLES-4 Spike - Review permission sets (folio... Open
is defined by MODSCHED-5 PLACEHOLDER - Spike - investigate opt... Open
is defined by MODSIDECAR-12 Spike - Cache invalidation upon logout In Progress
is defined by MODROLESKC-48 Spike - Investigate options for idle ... Closed
is defined by MODROLESKC-49 Spike - design for setting keycloak r... Closed
is defined by MODROLESKC-50 Spike - investigate how to configure ... Closed
is defined by MODROLESKC-51 Spike - investigate signing key rotation Closed
is defined by MODROLESKC-53 Spike - Design formalization of appli... Closed
is defined by MODROLESKC-54 Spike - investigate client credential... Closed
is defined by MODSIDECAR-2 Spike: setting timeouts for sidecars Closed
is defined by MODSIDECAR-4 Spike - investigate how to handle opt... Closed
is defined by MODSIDECAR-22 Spike - Investigate how we can reduce... Closed
is defined by MODROLESKC-141 Investigate options for "replaces" fu... In Code Review
is defined by MODROLESKC-149 Spike: Investigate solutions to redun... In Refinement
Back End Estimator: Oleksii Kuzminov
Development Team: Eureka
PO Rank: 0
RCA Group: TBD

 Description   

Scope:

  • Karate tests - How can we organize/refactor the existing Karate tests to work with applications, but also still work with the legacy platform?
  • Sidecars - investigate how to invalidate caches upon logout.
  • Ability to resume jobs in the event that the node that was handling the job failed (cluster awareness?)
    • Spike/Design
      • Refer to the FRM design - it sounds like they do something similar (heartbeats, etc.)
    • Implementation - out of scope, handled in a separate feature.
  • Implement/formalize "upgrade" of applications instead of forcing the operator to disable/enable.
    • Spike/Design*
      • Do we need additional endpoints? Parameters in existing endpoints, etc.
      • Ideally we don't need to make any changes on the module side
    • Implementation - out of scope, handled in a separate feature.
  • Analysis of permissionsDesired/optional Interface use
    • Includes the use of Optional, multiple interfaces.
  • Investigation into idle session timeouts
  • Placeholder for spike/design work related to FedRAMP gap analysis (set aside some time)
  • Placeholder for unplanned spikes/investigations
  • Design for setting keycloak realm params based on tenant attributes
  • Investigate how to configure keycloak password lifecycle policies
  • Investigate signing key rotation
    • Via tenant attributes
    • Adjustments on the client side?
    • Implementation of mgr-tenants -> keycloak interactions
    • Does keycloak have this ability OOTB?  If so, how should it be configured?
      • Can we somehow leverage AWS KMS?
    • Which components need this information? (is it only Sidecars and Keycloak?)
    • How do the components get the latest signing key?  How often?
    • See https://www.keycloak.org/docs/latest/server_admin/#realm_keys - I think it's relevant
  • Investigate options for migrating from OKAPI timers on the legacy platform
  • Revisit platform descriptors
  • Investigate improvements to impersonation
  • Sidecars - investigate opportunities for reducing resource consumption
    • e.g. replace Kafka with polling/etc.

Source - F77870: Investigations and Designs


Generated at Fri Feb 09 00:41:21 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.