Latest revision as of 11:32, 4 November 2014

Policy Guided Fulfillment

Facilitating reusable policies across workloads:
- Enforcing Policies on Murano Environments Following Company Policies
- Facilitate distribution of Workload across hosts
- Facilitate specification of Monitoring and subsequent remediation (e.g. auto-Scaling)
- Deployment of specific workload in specific security zones
Customer Examples:
- Desire to use same IT policies on “traditional” and for workload on OpenStack
- DevOps with “Ops” setup added at production without other changes
- Evolution towards Autonomous IT beyond just Auto-Scaling

Add ability to use policies to guide provisioning workloads and their subsequent management:
- Declaratively attached to models
- Separation of concern from development (e.g. can change across stages)
Examples of Use Cases:
- Provisioning: Select how to best provision among options
  - E.g. Placement (location, security zone, Staging zone) choices; Requirements on infrastructure
- Monitoring: Setup OpenStack or external systems to monitor the workload / Environment:
  - Performance/Ops
  - Security
  - Usage
  - Compliance
- Events/Incident handling: where to aggregate/Process/Notify
- Remediation: How to fix issues (e.g. Auto-scale – Who decides, What to do; Reaction in production to security threat or compliance issue)

Evolve Murano Models to support binding to policies
- Compatible with existing model approach
Expand Congress to widen the set of use cases
Evolve Murano/Mistral to fulfill (Provision then manage) the Environment guided by the policies:
- Policies can modify model
- Execution plans are precompiled and impacted by policies
- Execution plans are executed in mistral by orchestrating:
  - OpenStack APIs
  - HOT/Heat
  - Ansible
  - Python
  - …
Instances are tracked for subsequent manual or policy driven management

@@ Line 1: / Line 1: @@
+= Policy Guided Fulfillment =
 == Business Use Case ==
 * Facilitating reusable policies across workloads:
@@ Line 25: / Line 26: @@
 ** Events/Incident handling: where to aggregate/Process/Notify
 ** Remediation: How to fix issues (e.g. Auto-scale – Who decides, What to do; Reaction in production to security threat or compliance issue)
+[[File:Overall_model.png|800px|Policy Guided Fulfillment and Operations]]
+[[File:Projects_thoughts.png|800px|Thoughts on OpenStack Projects Involvement]]
+== Next Steps ==
+* Agreement to support the use cases
+* Setup a Coordinated activity across Murano, Congress and Mistral
+* Agreed division of roles between projects and technical direction + blueprints
+= Background - Possible Technical Approach =
+== Proposed Approach ==
+* Evolve Murano Models to support binding to policies
+** Compatible with existing model approach
+* Expand Congress to widen the set of use cases
+* Evolve Murano/Mistral to fulfill (Provision then manage) the Environment guided by the policies:
+** Policies can modify model
+** Execution plans are precompiled and impacted by policies
+** Execution plans are executed in mistral by orchestrating:
+*** OpenStack APIs
+*** HOT/Heat
+*** Ansible
+*** Python
+*** …
+* Instances are tracked for subsequent manual or policy driven management
+[[File:Technical_approach_1.png|800px|Step 1 and 2]]
+[[File:Technical_approach_2.png|800px|Step 3]]
+[[File:Technical_approach_3.png|800px|Step 4]]