CliQr is now part of Cisco Learn More About Cisco

Policy Management

About Policies 

A policy causes the CloudCenter platform to perform configured activities when certain events or conditions occur. For example, a policy could cause the CloudCenter platform to send an email alert message to a designated administrator if a cloud goes down. You use the Policies window to configure the following types of policies:

  • Action Policy – Causes the CloudCenter platform to send an email message, invoke a web service, execute a command or script, or perform any number and combination of these activities when a designated event occurs
  • Scaling Policies – Causes the CloudCenter platform to increase or decrease VM resources for each application deployment tier that is associated with the policy when one or more designated conditions occur
  • Aging Policies – Causes the CloudCenter platform to suspend and optionally terminate each application deployment that is associated with the policy after the deployment has been running for a designated period of time term
Icon

Custom Actions are now defined in a new Actions Library tab.

Action Policies

An action policy causes the CloudCenter platform to perform one or more configured activities when a designated event occurs for the designated resource. These activities can be:

  • Email–Sends an email message with the designated subject and body text to the designated recipient or recipients
  • Invoke a web service–Executes the designated web service request
  • Execute a command–Executes the designated command or script on an application VM

To manage action policies, click Policies in the CCM UI main menu and then click the Action Policies link to display the Action Policies page.

The Action Policies page lists configured action policies and lets you perform the following tasks:

TaskDescription
Add a new action policy.

Click the Add Action Policy link.

See Adding an Action Policy (this page) for details.

View configurations for an existing action policy.

Click the policy name in the Name column.

The View page for the policy displays. See Adding an Action Policy (this page) for details.

Update configurations for an existing action policy.

Click the Edit this Policy icon in the Actions column for the policy.

The Edit page for the policy displays. See Adding an Action Policy (this page) for a description of the fields that you can update. If you make updates, click the Save button on the Edit page to save your changes.

Enable or disable an action policy.

Click the ON/OFF toggle button in the Actions Column for the policy.

A green ON button indicates that the corresponding policy is enabled. When a policy is enabled, it executes when the configured event occurs.

Set permissions for an action policy.

Click the Share this Policy icon in the Actions column for the policy.

See Policy Permissions for details.

Auto enable for an action policy

Select the Auto Enable for shared users check box to determine if this policy must be automatically enabled for all shared users and sub-tenants.

Icon

If you share this policy with another user, the shared user can only turn off this policy if assigned manage privileges (see Policy Permissions) .

When you select the Auto Enable check box, you also have the option to select the Restrict users from disabling this Policy check box to determine if this policy must also be enforced for all shared users and sub-tenants. 

Delete an action policy.

Click the Delete this Policy icon in the Actions column for the policy.

See a history of action policy executions.

Click the Action Execution History link at the bottom right of the list of policies.

The User Defined Policy Executions page displays. This page lists in reverse chronological order each policy that has executed. For each policy, the page displays the local date and time of execution, the name of the policy, and the name of the resource against which the policy was enforced. You can see details about a policy or resource by clicking the name of the policy or entity.

Adding an Action Policy

When you add an action policy, you create a new policy based on configuration settings that you make. To add an action policy, follow these steps:

  1. On the Action Policies page, click the Add Action Policy link.
    The Add a New Action Policy page displays.
  2. In the Name field, enter a brief and unique descriptive name for the policy.
  3. (Optional) In the Description field, enter a brief description of the policy.
  4. From the Execute For dropdown list, choose the resource against which the policy is enforced with the configured event occurs.
  5. From the On Event dropdown list, choose the event that, when it affects the configured resource, causes the policy to execute. See eventName for additional details.
  6. From the Action Type dropdown list, choose the action that the policy performs when it executes.
    The available action types depend on the resource and event combination that you choose. 
    1. Enter information in the fields that appear for the action type that you choose as follows. When entering information, you can include variables that are described in the Available Variables section at the top right of the page to customize an email message, web service request, command, or script with dynamic information.

      Action TypeDescription
      EmailEnter information in the To, Bcc, Subject, and Body fields that appear, as appropriate.
      Invoke a web serviceEnter information in the Web Service URLHttp Request TypeContent Type, Command Params, and Body fields that appear, as appropriate. See Using Parameters > Parameter Type for additional context.
      Execute a commandEnter the desired command or script in the command/script field.
      When you specify the script or command action type globally, these global policies are executed on all jobs/deployments. You can also configure these global policies to be executed on specific state changes – for example, if a job/deployment goes to a Resumed or Deployed state. On reaching those states, all the VMs for this job/deployment are executed.
      Launch a new deploymentSet the cloud-specific default in the destination deployment environment for the cloud burst configuration.

      Be aware that the instance types and network defaults are used from the  Deployment Environment in the destination job when using a cloud bursting policy. This action type allows other choices as well, however, a cloud bursting policy is only applicable if you use the following settings:

      • Execute for = Application Deployment:
      • On Event = Maximum cluster size limit 
      • Action Type = Launch a new deployment

      If you configure multiple instance types in the destination Deployment Environment Defaults, the CloudCenter platform selects the first instance type.

       

    2. (Optional) To designate another action, click the + icon under an Action Type dropdown list, choose the action from the new Action Type dropdown list that appears, and then enter information as described in the step above.
  7. You can add as many actions as needed.
    To remove an action, click the Trash Can icon under the Action Type dropdown list for the action to remove. (This icon is not available for the first action.)
  8. Click the Save button.
    The policy must be enabled before it can execute. To enable a policy, click its ON/OFF toggle button on the Action Policies and make sure that the button displays ON

Scaling Policies

A scaling policy causes the CloudCenter platform to increase or decrease VMs for each application deployment tier that is associated with the policy. You can configure the VM scaling to occur once or daily, or when one or more designated conditions relating to system metrics such as CPU, memory, or network usage occur at a specified polling interval. 

VM Metrics Frequency

Icon

The frequency of updates for VM metrics depends on the polling interval configured in your scaling policy. Two schedulers are used for each VM:

  • The first scheduler fetches the metrics from the operating system (for example, CPU, memory, and so forth at a polling interval frequency defined by user. If the user defines a polling interval at 15-second intervals CloudCenter provides the metrics from the OS at 5-second intervals.
  • The second scheduler calculates the average of all values provided by the first scheduler and uploads the metrics to the CCO. This upload to the CCO occurs at the user-defined, polling interval frequency. The CCO does not poll each VM.

CPU Calculation

Icon

The CPU threshold is calculated based on the first VM – assuming that all balanced servers have a similar usage. Once the scaling (up or down) is executed, the CloudCenter platform waits for the breach period to re-evaluate the policy.

You can associate an application deployment tier with a scaling policy by associating system tags with the application deployment or deployment tier (if corresponding system tag matching rules are configured for the policy and rules-based governance  is enabled) or by associating the application deployment with the name of the policy to use (if rules-governance is disabled). See Governance Rules for details.

To manage scaling policies, click Policies in the CCM UI main menu and then click the Scaling Policies link to display the Scaling Policies page.

The Scaling Policies page lists configured scaling policies and lets you perform the following tasks:

TaskDescription
Add a new scaling policy.

Click the Add Scaling Policy link.

See Adding a Scaling Policy (this page) for details.

View or update configurations for an existing scaling policy.

Click the Edit this Policy icon in the Actions column for the policy.

The Edit page for the policy displays. See Adding a Scaling Policy  (this page) for a description of the fields that you can update. If you make updates, click the Save button on the Edit page to save your changes.

Set permissions for a scaling policy.

Click the Share this Policy icon in the Actions column for the policy.

See Policy Permissions for details.

Change the order of policies in the scaling policies list.

Click the Move up or Move down icon for the policy.

If you associate system tags with an application deployment tier, the first policy with corresponding tag matching rules in the policies list is enforced against that application deployment tier.

Add tag matching rules to a scaling policy.

Click the Tags icon for the policy. (This icon appears only if governance rules are enabled on the Governance Rules page.)

See System Tags for details.

Delete a scaling policy.

Click the Delete this Policy icon in the Actions column for the policy.

Adding a Scaling Policy

When you add a scaling policy, you create a new policy based on configuration settings that you make. To add a scaling policy, follow these steps:

  1. On the Scaling Policies page, click the Add Scaling Policy link.
    The Add a New Scaling Policy page displays.
  2. In the Name field, enter a brief and unique descriptive name for the policy.
  3. (Optional) In the Description field, enter a brief description of the policy.
  4. Under Type of scaling, choose Scheduled Scaling or Elastic Scaling.
    Scheduled scaling causes the policy to increase and then decrease the number of VMs to the values that you designate according to the schedule that you designate. The schedule can cause the scaling cycle to occur once at the designated dates and times, or it can cause scaling cycle to occur every day at designated times.
    Elastic scaling causes the policy to increase or decrease the number of VMs as needed based on configured conditions that the system detects at a specified polling interval and breach period.

    Icon

    The breach period refers to the period of time that the CloudCenter platform waits after one scale up or scale down action, before stabilizing the load.

    Ideally, the breach period should be greater than (or equal to) the time taken by the scaling operation to launch a VM.

    For example, if the time taken to:

    • Launch and configure a node = 5 to 7 minutes
    • Polling interval = 30 seconds
    • Breach period should be = 8 to 10 minutes


  5. If you choose Scheduled Scaling, enter information in the Add Scaling Schedule fields that appear, and then skip to Step 7.
  6. If you choose Elastic Scaling, enter information in the Poling IntervalBreach PeriodScale out condition, and Scale in condition fields that appear:
    1. In the Poling Interval fields, choose a time length in the left field and choose a time unit in the right field. The system polls system metrics at this interval to determine if the conditions that this policy requires to execute are met.

      Poling Interval

      Icon

      For example, if you configure a 6-second polling interval, your metrics collected in this time is divided by 3 to obtain the average value. The average value is sent to the CCO at the polling interval frequency. So in this example, the CPU data is collected every 2 seconds, and automatically sent to the CCO at 6-second intervals.

    2. In the Breach Period fields, choose a time length in the left field and choose a time unit in the right field. If the policy executes, it will not execute again for this period of time. In this way, the system can stabilize after a condition occurs without the policy continually adjusting the system.

      Breach Period

      Icon

      If any VM meets the specified criteria, CloudCenter executes the policy. In a load balanced cluster if one VM's metrics crosses the threshold, it is most likely that the other VM will reach that threshold. If CloudCenter detects any VM crossing the threshold, the policy is executed and the breach period is set. Once the breach period is set, the other VMs cannot execute the policy.


    3. The Scale out condition fields cause the policy to increase the number VMs per the designated rule or rules. The Scale in condition fields cause the policy to decrease the number VMs per the designated rule or rules.
      For each condition, you configure one or more rule sets. Within each rule set, you configure one or more rules. 
      • From the Match dropdown list for each rule set: 
        • Choose All to cause the scaling to execute when the situations that are defined by all rules in the rule set occur
          or 
        • Choose Any to cause the scaling to execute when a situation that is defined by any rule in the set occurs.
      • To add a rule set, click the ... icon.
      • To add a rule to a rule set, click the + icon within the rule set.
      • To remove a rule, click the Trash Can icon under the rule, and then click the yes link.
  7. Click the Save button.

Aging Policies

An aging policy causes the CloudCenter platform to suspend and optionally terminate each application deployment that is associated with the policy after the application deployment has been running for a designated period.

Icon

If you enable both the aging policy and the prevent termination feature, the prevent termination feature takes precedence.

The Prevent Termination feature is only applicable to N-tier jobs.

 

You can associate an application deployment with an aging policy by associating system tags with the application deployment (if corresponding system tag matching rules are configured for the policy and rules-based governance is enabled)  or by associating the application deployment with the name of the policy to use (if rules-based governance is disabled). See Governance Rules for details.

To manage aging policies, click Policies in the CCM UI main menu and then click the Aging Policies link to display the Aging Policies page.

The Aging Policies page lists configured aging policies and lets you perform the following tasks:

TaskDescription
Add a new aging policy.

Click the Add Aging Policy link.

See Adding an Aging Policy (this page) for details.

View or update configurations for an existing aging policy.

Click the Edit this Policy icon in the Actions column for the policy.

The Edit page for the policy displays. See Adding an Aging Policy (this page) for a description of the fields that you can update. If you make updates, click the Save button on the Edit page to save your changes.

Set permissions for an aging policy.

Click the Share this Policy icon in the Actions column for the policy.

See Policy Permissions for details.

Change the order of policies in the aging policies list.

Click the Move up or Move down icon for the policy.

If you associate system tags with an application deployment, the first policy with corresponding tag matching rules in the policies list is enforced against that application deployment.

Add tag matching rules to an aging policy.

Click the Tags icon for the policy. (This icon appears only if governance rules are enabled on the Governance Rules page.)

See System Tags for details.

Delete an aging policy.

Click the Delete this Policy icon in the Actions column for the policy.

Adding an Aging Policy

When you add an aging policy, you create a new policy based on configuration settings that you make. To add an aging policy, follow these steps:

  1. On the Aging Policies page, click the Add Aging Policy link.
    The Add a New Aging Policy page displays.
  2. In the Name field, enter a brief and unique descriptive name for the policy.
  3. (Optional) In the Description field, enter a brief description of the policy.
  4. In the Automatically suspend deployment in fields, choose a time length in the left field and choose a time unit in the right field.
    The deployment suspends after it has been running for the time period that you configure.
  5. (Optional) To cause the deployment to terminate when it suspends, check the Terminate deployment box.
  6. Click the Save button.

Policy Guidelines

Icon

Do not use your system admin (see People > System Administrator) credentials to change the user's action policy. This change adversely affects the CloudCenter platform and does not notify the user.

Adhere to the following action policy guidelines:

  • If you use a group email and you don't want to disable all email notifications for this policy, all users who enabled that policy in the CloudCenter platform must disable it for the group to no longer receive emails.
  • If you use a token (for example, %myemail%) and this token is replaced with a user email, then the user with this email must disable the policy in the CloudCenter platform.
  • If you create custom email policies, only the default email policy is triggered.
  • No labels