|Summary:||Document Container Replicator/Pod/Node/Image policies support|
|Product:||Red Hat CloudForms Management Engine||Reporter:||Beni Paskin-Cherniavsky <cben>|
|Component:||Documentation||Assignee:||Suyog Sainkar <ssainkar>|
|Status:||CLOSED CURRENTRELEASE||QA Contact:||Dayle Parker <dayleparker>|
|Version:||5.6.0||CC:||adahms, cpelland, hhudgeon, jhardy, mtayer, obarenbo, ssainkar|
|Fixed In Version:||Doc Type:||Enhancement|
|Doc Text:||Story Points:||---|
|:||1366261 (view as bug list)||Environment:|
|Last Closed:||2016-10-31 00:37:36 UTC||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:|
Description Beni Paskin-Cherniavsky 2016-08-02 12:42:22 UTC
- I added Policy (control & compliance) support for Container Replicators, Pods, and Nodes. It will be first released in 5.6.1. (Sorry for only realizing recently it needs documentation.) Feature BZ (5.6.1 clone): bug 1346057 Main PRs with screenshots that give idea of the new features: https://github.com/ManageIQ/manageiq/pull/9813 ← Contol UI additions https://github.com/ManageIQ/manageiq/pull/9948 ← Show compliance status/history on replicator, pod, node views. There is still no Alerts, Simulation nor Schedules support for these entities. - Container Image policies have been added earlier, and mostly documented (particularly bug 1346057) but are not mentioned in various places that only mention Host or VM policies. Document URL: https://access.redhat.com/documentation/en/red-hat-cloudforms/4.1/single/policies-and-profiles-guide Section Number and Name: - These sections mention specifically Host or VM policies: 1.1.1. Creating Control Policies 1.1.4. Deleting a Policy 1.2. Compliance Policies — opening paragraph 1.2.1. Creating a Compliance Policy 2.1. Creating a Condition Chapter 4. Policy Profiles — opening paragraph Repeating the now 6 types of entities everywhere sounds awkward (and likely to require future updates). Perhaps list them somewhere central and use some neutral term? (Current docs don't seem to have any short term for "to what entity type policy applies". Inside the code/translations we use "towhat", "model" which are not helpful. "Policy type" is not bad, except it also means "is it Control or Compliance".) * 184.108.40.206. Scheduling a Compliance Check — this is not currently supported for the new Replicators/Pods/Nodes, but it is already supported for Container Images. Suggested addition: "If you choose Container Image Compliance Check, you are presented with Image selection where you can choose to analyze all images, all images for a specific provider, or a single image." - After 220.127.116.11. Checking a Host for Compliance from the Summary Screen, add sections on checking Replicator/Pod/Node/Image. - Chapter 4. Policy Profiles requires extensive additions: 4.4. Assigning Policy Profiles insert: "=> Assign a policy profile to a provider to apply the policy profile to all virtual machines, hosts, ++replicators, pods, container nodes or container images++ registered to that provider." add: "=> Assign a policy profile to a replicator to apply the policy profile to that specific replicator." "=> Assign a policy profile to a pod to apply the policy profile to that specific pod." "=> Assign a policy profile to a container node to apply the policy profile to that specific node." "=> Assign a policy profile to a container image to apply the policy profile to that specific image." - Add subsections about assigning/removing to container provider (or unify with 4.4.11, 4.4.12 on Cloud Provider?), and specific Replicator/Pod/Node/Image. - A.1. Events - Table A.1. Event Types missing "Container Operation" - Table A.2. Events and Descriptions missing all these: https://github.com/ManageIQ/manageiq/blob/1661a32481b03b380fabf6ccf836cf53d670d6dd/db/fixtures/miq_event_definitions.csv#L163-L201 Additional information: There are some caveats/limitations, probably belong in release notes, will open separate BZ.
Comment 2 Beni Paskin-Cherniavsky 2016-08-02 13:43:57 UTC
- https://access.redhat.com/documentation/en/red-hat-cloudforms/4.1/single/support-matrix/#container_features Perhaps "Container Compliance Enforcement" and "Container Policy Enforcement" can now become Yes? Not sure what was meant, we support it for *some* entities, not including individual containers.
Comment 3 Andrew Dahms 2016-08-11 11:56:01 UTC
Removing 5.7 version flag.
Comment 5 Andrew Dahms 2016-10-31 00:37:36 UTC
This content is now live on the Customer Portal. Closing.