Hi Madhu, For the alpha release (due soon), we’re focusing on just monitoring policy violations—we’ve disabled all the enforcement code in master. (Though we never actually hooked up the enforcement policy to the real world, so all Congress has ever done is compute what actions to take to enforce policy.) There’s a ton of interest in enforcement, so we’re planning to add enforcement features to the beta release.
Tim On Aug 21, 2014, at 7:07 AM, Madhu Mohan <mmo...@mvista.com<mailto:mmo...@mvista.com>> wrote: Hi, I am quite new to the Congress and Openstack as well and this question may seem very trivial and basic. I am trying to figure out the policy enforcement logic, Can some body help me understand how exactly, a policy enforcement action is taken. >From the example policy there is an action defined as: action("disconnect_network") nova:network-(vm, network) :- disconnect_network(vm, network) I assume that this statement when applied would translate to deletion of entry in the database. But, how does this affect the actual setup (i.e) How is this database update translated to actual disconnection of the VM from the network. How does nova know that it has to disconnect the VM from the network ? Thanks and Regards, Madhu Mohan _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org<mailto:OpenStack-dev@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
