forked from eclipse-edc/Connector
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs: PolicyMonitor DR (eclipse-edc#3441)
* docs: PolicyMonitor DR * PR remarks
- Loading branch information
1 parent
254ee3b
commit ff93d51
Showing
2 changed files
with
29 additions
and
0 deletions.
There are no files selected for viewing
28 changes: 28 additions & 0 deletions
28
docs/developer/decision-records/2023-09-07-policy-monitor/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
# Generic Properties | ||
|
||
## Decision | ||
|
||
A `PolicyMonitor` extension component will be implemented. | ||
|
||
## Rationale | ||
|
||
Some transfer types, such as streaming never reach the `COMPLETED` state, so they need to be terminated whenever the | ||
`Policy` on which the participants agreed is not valid anymore. | ||
|
||
## Approach | ||
|
||
This component will be implemented using the same model as the state machine we're using for `TransferProcess`: | ||
|
||
- The ingestion will be done with a listener on the `TransferProcessStarted` event, that will add an entry to a `PolicyMonitorStore`. | ||
- The state machine then will continuously fetch the oldest entries leasing them, check the related policy. | ||
- If the check fails the TP will get completed through a service call (that could be either embedded in the control-plane | ||
or remote through a rest call) and the entry will be removed from the `PolicyMonitorStore`. | ||
- otherwise the lease will be broken and the policy be verified again in the next run. | ||
|
||
With "leasing" we mean that the entity will be reserved by a connector instance that will be the only one allowed to modify it | ||
until the lease gets broken, and this can happen by updating it or after a certain amount of time. | ||
|
||
This mechanism will permit to scale the process to multiple instances. | ||
|
||
The `PolicyMonitor` will be deployable embedded in the control-plane or separately in a standalone runtime. | ||
The `PolicyMonitorStore` will have a in-memory implementation for testing scenarios and a sql (postgres) one. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters