Introduction

The Policy Manager is the entity of the service platform responsible for runtime policies enforcement over the deployed network services. Policies enforcement regard mainly elasticity actions (scaling in and out VNFs), events identification and triggering of relevant alerts as well as security actions (e.g. application of a firewall rule). It consists of a set of components supporting the formulation of the policies and their enforcement, including the interfaces for interaction with the 5GTANGO monitoring framework,the message broker for publication and consumption of monitoring data, alerts and suggested actions, the catalogue and repository databases,the gatekeeper and the MANO orchestration mechanisms.

The objective is to support the injection of intelligence in the various MANO orchestration mechanisms by exploiting inference mechanisms over the collected data in real-time. Inference mechanisms are applied over a set of rules that specify what action can be enforced upon the fulfilment of set of conditions. In this way, runtime policies design can be realised by service providers, targeted at runtime management of network services as well as network slices. Conflict resolution mechanisms are also available, promoting the enforcement of policies with higher priority in case of conflicts.

Policies in 5GTANGO are considering deployment and operational aspects of network services over programmable infrastructure. Operational or runtime policies regard the runtime adaptation of network service mechanisms in order to optimally support the overall performance achieved.

Every runtime runtime policy is defined upon a specific NS. Based on this, for each NS, a set of rules per policy can be defined. Each rule consists of the expressions part, denoting a set of conditions to be met and the actions part denoting actions upon the fulfillment of the conditions. The conditions may regard resources consumption aspects, software-specific aspects, status of a VNF or a NS, while the set of actions may regard resources allocation/disposal aspects, live migration and mobility aspects, horizontal scaling aspects and network functions management or activation aspects.

A network service may be associated with a set of runtime policies, however only one can be active during its deployment and execution time. A runtime policy can be defined by the software developer of the NS, having detailed knowledge of the business logic of the developed software, or the network operator/service platform manager having knowledge of the available resources and the set of active SLAs. Knowledge of SLAs can lead to description of set of rules guaranteeing that such SLAs can be respected in the maximum possible way.

Policies enforcement is realized through a rule-based management system. Based on the set of activated rules associated with the deployed network services and the real time collection of data, inference is realized leading to policies enforcement. Such enforcement takes place over the deployed network services, while the inference follows a continuous match-resolve-act approach. In the match phase, the set of defined conditions are examined, leading to the set of rules that have to be activated, while in the resolve phase, conflict resolution over the set of rules to be activated is taking place. The act phase concerns the triggering of the suggested actions aiming at the guidance of various orchestration components of the 5GTANGO service platform. For each rule, an inertial period is introduced denoting the time period that the same rule should not be re-triggered.

Please see details on the overall 5GTANGO architecture here.