Chapter 18. Approval

A newly provisioned virtual machine consumes resources in a virtual infrastructure and potentially costs money in a public cloud. To control the consumption of resources and keep cloud costs in check, an approval stage is built into the virtual machine and instance provisioning workflow. By default, requests for single small virtual machines are auto-approved, but attempts to provision larger or multiple VMs are redirected for administrative approval.

This chapter describes the approval process and shows how we can fine-tune the approval thresholds based on the number of VMs, number of CPUs, or amount of memory in the request.

Approval Workflow

The provision request approval workflows are triggered by the request_created and request_pending events (see Figure 18-1).

Figure 18-1. Event-triggered provision request approval workflows

Request Created Event

The approval workflow for a virtual machine provision request is entered as a result of the /System/Policy/MiqProvisionRequest_created policy instance being run from a request_created event. This policy instance contains two relationships, rel5 and rel6.

The rel5 relationship performs a group profile lookup to read the value of the auto_approval_state_machine attribute, which by default is ProvisionRequestApproval for an infrastructure virtual machine or cloud instance provision request.

The rel6 relationship ...