From 33ad8b1c5576d16b27180da32f85695561e492eb Mon Sep 17 00:00:00 2001 From: Sumit Naiksatam Date: Thu, 7 Jul 2016 16:27:03 -0700 Subject: [PATCH] Grouping of PTGs based on Application Characteristics A Policy Target Group (PTG) can be used to represent a specific tier of an Application (e.g. DB tier). However, there is no construct in GBP that corresponds to the application itself. Such a construct can help to abstract the properties of the application (across the PTGs) futher simplifying the intent specification and automated orchestration. It is proposed to add a new resource Application Policy Group (APG) that will have a 1 to many relationship with PTGs. Each PTG will belong to exactly one APG. The APG does not have relationship (or constraints) with any other GBP resources. Change-Id: I45fd722ccd000ff311b37088f0d96a8a3411eaaa Defines: blueprint application-group --- specs/newton/application-group.rst | 185 +++++++++++++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 specs/newton/application-group.rst diff --git a/specs/newton/application-group.rst b/specs/newton/application-group.rst new file mode 100644 index 0000000..d144469 --- /dev/null +++ b/specs/newton/application-group.rst @@ -0,0 +1,185 @@ +.. + This work is licensed under a Creative Commons Attribution 3.0 Unported + License. + + http://creativecommons.org/licenses/by/3.0/legalcode + +===================================================== +Grouping of PTGs based on Application Characteristics +===================================================== + +Launchpad blueprint: + +https://blueprints.launchpad.net/group-based-policy/+spec/application-group + +Problem description +=================== + +A Policy Target Group (PTG) can be used to represent a specific tier of an +Application (e.g. DB tier). However, there is no construct in GBP that +corresponds to the application itself. Such a construct can help to abstract +the properties of the application (across the PTGs) futher simplifying the +intent specification and automated orchestration. + +Proposed change +=============== + +It is proposed to add a new resource Application Policy Group (APG) that will +have a 1 to many relationship with PTGs. Each PTG will belong to exactly one +APG. The APG does not have relationship (or constraints) with any other GBP +resources. + +Each tenant will have a default APG. If no APG is specified, a PTG will be +placed in this default APG. The APG association of the PTG can be updated. +APG will support the shared attribute and can have visibility beyond the +project which owns it. + +Data model impact +----------------- + +A new table for APG will be added: + +:: + + class ApplicationPolicyGroup(models_v2.HasId, models_v2.HasTenant): + name = sa.Column(sa.String(255)) + description = sa.Column(sa.String(255)) + status = sa.Column(sa.String(length=16), nullable=True) + status_details = sa.Column(sa.String(length=4096), nullable=True) + policy_target_groups = orm.relationship(PolicyTargetGroup, + backref='application_policy_group') + +A new foreign key constraint will be added to the PolicyTargetGroup table: + +:: + + application_policy_group_id = sa.Column(sa.String(36), + sa.ForeignKey('gp_application_policy_groups.id'), + nullable=True) + +REST API impact +--------------- + +A new resource application_policy_groups will be added: + +:: + + APPLICATION_POLICY_GROUPS: { + 'id': {'allow_post': False, 'allow_put': False, + 'validate': {'type:uuid': None}, 'is_visible': True, + 'primary_key': True}, + 'name': {'allow_post': True, 'allow_put': True, + 'validate': {'type:gbp_resource_name': None}, + 'default': '', 'is_visible': True}, + 'description': {'allow_post': True, 'allow_put': True, + 'validate': {'type:string': None}, + 'is_visible': True, 'default': ''}, + 'tenant_id': {'allow_post': True, 'allow_put': False, + 'validate': {'type:string': None}, + 'required_by_policy': True, 'is_visible': True}, + 'status': {'allow_post': False, 'allow_put': False, + 'is_visible': True}, + 'status_details': {'allow_post': False, 'allow_put': False, + 'is_visible': True}, + 'policy_target_groups': {'allow_post': False, 'allow_put': False, + 'validate': {'type:uuid_list': None}, + 'convert_to': attr.convert_none_to_empty_list, + 'default': None, 'is_visible': True}, + attr.SHARED: {'allow_post': True, 'allow_put': True, + 'default': False, 'convert_to': attr.convert_to_boolean, + 'is_visible': True, 'required_by_policy': True, + 'enforce_policy': True}, + }, + + +A new optional attribute "application_policy_group_id" is added to the +policy_target_group resource: + +:: + + 'application_policy_group_id': {'allow_post': True, 'allow_put': True, + 'validate': {'type:uuid_or_none': None}, + 'default': '', 'is_visible': True} + +The client will have to be updated, and CLI for APG will have to be provided. + + +Security impact +--------------- + + +Notifications impact +-------------------- + + +Other end user impact +--------------------- + + +Performance impact +------------------ + + +Other deployer impact +--------------------- + + +Developer impact +---------------- + +The policy driver interface will be updated to support CRUD operations for APG. + + +Community impact +---------------- + + +Alternatives +------------ + + +Implementation +============== + + +Assignee(s) +----------- + +* Sumit Naiksatam (snaiksat) + +Work items +---------- + + +Dependencies +============ + + +Testing +======= + +Tempest tests +------------- + + +Functional tests +---------------- + + +API tests +--------- + + +Documentation impact +==================== + +User documentation +------------------ + + +Developer documentation +----------------------- + + +References +==========