PolicyGuidedFulfillmentLibertyPlanning Remediation

This topic is part of PolicyGuidedFulfillmentLibertyPlanning

Remediation
Congress' action execution feature will trigger Mistral workflow implementing remediation for given situation/breach. Mistral workflow can use Murano components action, any O~S API, ...

Example of remediation can be recovery of failed node in a cluster. If failed cluster node is detected, then given workflow is executed, which connects to Murano, where action to create new cluster node is executed.

Requirements
 * execution of Mistral workflow from Congress
 * Mistral Congress datasource driver with execute-api has to be provided.
 * Datasource driver can populate data from Mistral to Congress, but it is not required now.


 * access from Mistral to Murano
 * invocation of actions of Murano applications in given environment under given identity
 * Murano client in Mistral has to be added (like other OpenStack clients are added)
 * identity management
 * now we can use user in admin role, but in future we need general solution for management of identity trusts for Murano, Mistral and Congress

Example:

Following rule invokes Murano environment action restart on given environment and object when watch dog detects that given application is not responding.
 * Example of workflow execution

execute[mistral:workflow("remediate-scalable-node-failure", env=env-id, obj=obj-id)] :- watchdog:not-responding(server-uuid), murano:properties(vmid,'server',server-uuid), murano:objects(vmid, parent, 'Instance'), murano:connected(env-id, vm-id), murano:objects(env-id, p2, 'io.murano.Environment')

workflow remediate-scalable-node-failure version: '2.0' remediate: description: destroys given node in cluster (obj) in environment (env) and adds new cluster node type: direct input: - env - obj output: url: <% $.url %> ....


 * Example of calling murano action directly

execute[murano:muranoaction(env-id, obj-id, 'restart')] :- watchdog:not-responding(server-uuid), murano:properties(vmid,'server',server-uuid), murano:objects(vmid, parent, 'Instance'), murano:connected(env-id, vm-id), murano:objects(env-id, p2, 'Environment')