Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1362526 - Document Container Replicator/Pod/Node/Image policies support
Summary: Document Container Replicator/Pod/Node/Image policies support
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Documentation
Version: 5.6.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.7.0
Assignee: Suyog Sainkar
QA Contact: Dayle Parker
URL:
Whiteboard: container
Depends On:
Blocks: 1366261
TreeView+ depends on / blocked
 
Reported: 2016-08-02 12:42 UTC by Beni Paskin-Cherniavsky
Modified: 2016-10-31 00:37 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
: 1366261 (view as bug list)
Environment:
Last Closed: 2016-10-31 00:37:36 UTC
Category: ---
Cloudforms Team: ---


Attachments (Terms of Use)

Description Beni Paskin-Cherniavsky 2016-08-02 12:42:22 UTC
- I added Policy (control & compliance) support for Container Replicators,
  Pods, and Nodes.  It will be first released in 5.6.1.
  (Sorry for only realizing recently it needs documentation.)

  Feature BZ (5.6.1 clone): bug 1346057
  Main PRs with screenshots that give idea of the new features:
  https://github.com/ManageIQ/manageiq/pull/9813 ← Contol UI additions
  https://github.com/ManageIQ/manageiq/pull/9948 ← Show compliance status/history on replicator, pod, node views.

  There is still no Alerts, Simulation nor Schedules support for these entities.

- Container Image policies have been added earlier, and mostly documented
  (particularly bug 1346057) but are not mentioned in various places that 
  only mention Host or VM policies.


Document URL: 
https://access.redhat.com/documentation/en/red-hat-cloudforms/4.1/single/policies-and-profiles-guide

Section Number and Name: 
- These sections mention specifically Host or VM policies:

1.1.1. Creating Control Policies
1.1.4. Deleting a Policy
1.2. Compliance Policies — opening paragraph
1.2.1. Creating a Compliance Policy
2.1. Creating a Condition
Chapter 4. Policy Profiles — opening paragraph

Repeating the now 6 types of entities everywhere sounds awkward (and likely to require future updates).  
Perhaps list them somewhere central and use some neutral term?  (Current docs don't seem to have any short term for "to what entity type policy applies".  Inside the code/translations we use "towhat", "model" which are not helpful.  "Policy type" is not bad, except it also means "is it Control or Compliance".)

* 1.2.3.1. Scheduling a Compliance Check — this is not currently supported
  for the new Replicators/Pods/Nodes, but it is already supported for 
  Container Images.  Suggested addition:

  "If you choose Container Image Compliance Check, you are presented with Image selection where you can choose to analyze all images, all images for a specific provider, or a single image."

- After 1.2.3.3. Checking a Host for Compliance from the Summary Screen,
  add sections on checking Replicator/Pod/Node/Image.

- Chapter 4. Policy Profiles requires extensive additions:

  4.4. Assigning Policy Profiles
  insert:
    "=> Assign a policy profile to a provider to apply the policy profile to all virtual machines, hosts, ++replicators, pods, container nodes or container images++ registered to that provider."
  add:
    "=> Assign a policy profile to a replicator to apply the policy profile to that specific replicator."
    "=> Assign a policy profile to a pod to apply the policy profile to that specific pod."
    "=> Assign a policy profile to a container node to apply the policy profile to that specific node."
    "=> Assign a policy profile to a container image to apply the policy profile to that specific image."

  - Add subsections about assigning/removing to container provider (or unify with 4.4.11, 4.4.12 on Cloud Provider?), and specific Replicator/Pod/Node/Image.

- A.1. Events
  - Table A.1. Event Types missing "Container Operation"
  - Table A.2. Events and Descriptions missing all these:
    https://github.com/ManageIQ/manageiq/blob/1661a32481b03b380fabf6ccf836cf53d670d6dd/db/fixtures/miq_event_definitions.csv#L163-L201

Additional information: 

There are some caveats/limitations, probably belong in release notes, will open separate BZ.

Comment 2 Beni Paskin-Cherniavsky 2016-08-02 13:43:57 UTC
- https://access.redhat.com/documentation/en/red-hat-cloudforms/4.1/single/support-matrix/#container_features
 Perhaps "Container Compliance Enforcement" and "Container Policy Enforcement" can now become Yes?   Not sure what was meant, we support it for *some* entities, not including individual containers.

Comment 3 Andrew Dahms 2016-08-11 11:56:01 UTC
Removing 5.7 version flag.

Comment 5 Andrew Dahms 2016-10-31 00:37:36 UTC
This content is now live on the Customer Portal.

Closing.


Note You need to log in before you can comment on or make changes to this bug.