Hi Madhu,

For the alpha release (due soon), we’re focusing on just monitoring policy 
violations—we’ve disabled all the enforcement code in master.  (Though we never 
actually hooked up the enforcement policy to the real world, so all Congress 
has ever done is compute what actions to take to enforce policy.)  There’s a 
ton of interest in enforcement, so we’re planning to add enforcement features 
to the beta release.


On Aug 21, 2014, at 7:07 AM, Madhu Mohan 
<mmo...@mvista.com<mailto:mmo...@mvista.com>> wrote:


I am quite new to the Congress and Openstack as well and this question may seem 
very trivial and basic.

I am trying to figure out the policy enforcement logic,

Can some body help me understand how exactly, a policy enforcement action is 

>From the example policy there is an action defined as:

nova:network-(vm, network) :- disconnect_network(vm, network)

I assume that this statement when applied would translate to deletion of entry 
in the database.

But, how does this affect the actual setup (i.e) How is this database update 
translated to actual disconnection of the VM from the network.
How does nova know that it has to disconnect the VM from the network ?

Thanks and Regards,
Madhu Mohan

OpenStack-dev mailing list

OpenStack-dev mailing list

Reply via email to