Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 1362526

Summary: Document Container Replicator/Pod/Node/Image policies support
Product: Red Hat CloudForms Management Engine Reporter: Beni Paskin-Cherniavsky <cben>
Component: DocumentationAssignee: Suyog Sainkar <ssainkar>
Status: CLOSED CURRENTRELEASE QA Contact: Dayle Parker <dayleparker>
Severity: high Docs Contact:
Priority: high    
Version: 5.6.0CC: adahms, cpelland, hhudgeon, jhardy, mtayer, obarenbo, ssainkar
Target Milestone: GAKeywords: ZStream
Target Release: 5.7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: container
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 1366261 (view as bug list) Environment:
Last Closed: 2016-10-31 00:37:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1366261    

Description Beni Paskin-Cherniavsky 2016-08-02 12:42:22 UTC
- I added Policy (control & compliance) support for Container Replicators,
  Pods, and Nodes.  It will be first released in 5.6.1.
  (Sorry for only realizing recently it needs documentation.)

  Feature BZ (5.6.1 clone): bug 1346057
  Main PRs with screenshots that give idea of the new features: ← Contol UI additions ← Show compliance status/history on replicator, pod, node views.

  There is still no Alerts, Simulation nor Schedules support for these entities.

- Container Image policies have been added earlier, and mostly documented
  (particularly bug 1346057) but are not mentioned in various places that 
  only mention Host or VM policies.

Document URL:

Section Number and Name: 
- These sections mention specifically Host or VM policies:

1.1.1. Creating Control Policies
1.1.4. Deleting a Policy
1.2. Compliance Policies — opening paragraph
1.2.1. Creating a Compliance Policy
2.1. Creating a Condition
Chapter 4. Policy Profiles — opening paragraph

Repeating the now 6 types of entities everywhere sounds awkward (and likely to require future updates).  
Perhaps list them somewhere central and use some neutral term?  (Current docs don't seem to have any short term for "to what entity type policy applies".  Inside the code/translations we use "towhat", "model" which are not helpful.  "Policy type" is not bad, except it also means "is it Control or Compliance".)

* Scheduling a Compliance Check — this is not currently supported
  for the new Replicators/Pods/Nodes, but it is already supported for 
  Container Images.  Suggested addition:

  "If you choose Container Image Compliance Check, you are presented with Image selection where you can choose to analyze all images, all images for a specific provider, or a single image."

- After Checking a Host for Compliance from the Summary Screen,
  add sections on checking Replicator/Pod/Node/Image.

- Chapter 4. Policy Profiles requires extensive additions:

  4.4. Assigning Policy Profiles
    "=> Assign a policy profile to a provider to apply the policy profile to all virtual machines, hosts, ++replicators, pods, container nodes or container images++ registered to that provider."
    "=> Assign a policy profile to a replicator to apply the policy profile to that specific replicator."
    "=> Assign a policy profile to a pod to apply the policy profile to that specific pod."
    "=> Assign a policy profile to a container node to apply the policy profile to that specific node."
    "=> Assign a policy profile to a container image to apply the policy profile to that specific image."

  - Add subsections about assigning/removing to container provider (or unify with 4.4.11, 4.4.12 on Cloud Provider?), and specific Replicator/Pod/Node/Image.

- A.1. Events
  - Table A.1. Event Types missing "Container Operation"
  - Table A.2. Events and Descriptions missing all these:

Additional information: 

There are some caveats/limitations, probably belong in release notes, will open separate BZ.

Comment 2 Beni Paskin-Cherniavsky 2016-08-02 13:43:57 UTC
 Perhaps "Container Compliance Enforcement" and "Container Policy Enforcement" can now become Yes?   Not sure what was meant, we support it for *some* entities, not including individual containers.

Comment 3 Andrew Dahms 2016-08-11 11:56:01 UTC
Removing 5.7 version flag.

Comment 5 Andrew Dahms 2016-10-31 00:37:36 UTC
This content is now live on the Customer Portal.