PolicyGuidedFulfillmentLibertyPlanning Remediation
Revision as of 12:20, 13 May 2015 by Radek Pospisil (talk | contribs)
This topic is part of PolicyGuidedFulfillmentLibertyPlanning
Remediation
Congress' action execution feature will trigger Mistral workflow implementing remediation for given situation/breach. Mistral workflow can use Murano components action, any O~S API, ...
Example of remediation can be recovery of failed node in a cluster. If failed cluster node is detected, then given workflow is executed, which connects to Murano, where action to create new cluster node is executed.
Requirements
- execution of Mistral workflow from Congress
- Mistral Congress datasource driver with execute-api has to be provided.
- Datasource driver can populate data from Mistral to Congress, but it is not required now.
- Mistral Congress datasource driver with execute-api has to be provided.
- access from Mistral to Murano
- invocation of actions of Murano applications in given environment under given identity
- Murano client in Mistral has to be added (like other OpenStack clients are added)
- identity management
- now we can use user in admin role, but in future we need general solution for management of identity trusts for Murano, Mistral and Congress
- invocation of actions of Murano applications in given environment under given identity
- Example:
- Example of workflow execution
Following rule invokes Murano environment action restart on given environment and object when watch dog detects that given application is not responding.
execute[mistral:workflow("remediate-scalable-node-failure", env=env-id, obj=obj-id)] :- watchdog:not-responding(server-uuid), murano:properties(vmid,'server',server-uuid), murano:objects(vmid, parent, 'Instance'), murano:connected(env-id, vm-id), murano:objects(env-id, p2, 'io.murano.Environment')
workflow remediate-scalable-node-failure
version: '2.0'
remediate:
description: destroys given node in cluster (obj) in environment (env) and adds new cluster node
type: direct
input:
- env
- obj
output:
url: <% $.url %>
....
- Example of calling murano action directly
execute[murano:muranoaction(env-id, obj-id, 'restart')] :- watchdog:not-responding(server-uuid), murano:properties(vmid,'server',server-uuid), murano:objects(vmid, parent, 'Instance'), murano:connected(env-id, vm-id), murano:objects(env-id, p2, 'Environment')
