I think we should really fix this for Ocata release. I've made some progress but no solution yet.
As Tim thought, it has something to do with rule sync. rule synchronizer is deleting the rule one sync, and adding it back the next. The cause is that the rule['policy_name'] is incorrectly stored as 'classification' rather than 'policy1' when stored in the policy engine memory. Further investigation needed to figure out why that happens.
Below are some synchronizer logs from two consecutive rule syncs (newpolicy instead of policy1).
I think we should really fix this for Ocata release. I've made some progress but no solution yet.
As Tim thought, it has something to do with rule sync. rule synchronizer is deleting the rule one sync, and adding it back the next. The cause is that the rule['policy_name'] is incorrectly stored as 'classification' rather than 'policy1' when stored in the policy engine memory. Further investigation needed to figure out why that happens.
Below are some synchronizer logs from two consecutive rule syncs (newpolicy instead of policy1).
2017-01-31 14:49:42.925 DEBUG congress. synchronizer. policy_ rule_synchroniz er [^[[00;36m-] ^[[01;35mremoving rule {'comment': u'', 'policy_name': u'classification', 'id': u'c7398319- d4e1-41a6- be70-930bdae54e 59', 'rule': u'u(x,y) :- q(x,y), NOT classification: a(x,y)' , 'name': None}^[[00m ^[[00;33mfrom (pid=66261) synchronize_rules /opt/stack/ congress/ congress/ synchronizer/ policy_ rule_synchroniz er.py:268^ [[00m^M
2017-01-31 14:50:12.924 DEBUG congress. synchronizer. policy_ rule_synchroniz er [^[[00;36m-] ^[[01;35madding rule {'comment': u'', 'policy_name': u'newpolicy', 'id': u'c7398319- d4e1-41a6- be70-930bdae54e 59', 'rule': u'u(x,y) :- q(x,y), NOT classification: a(x,y)' , 'name': None}^[[00m ^[[00;33mfrom (pid=66261) synchronize_rules /opt/stack/ congress/ congress/ synchronizer/ policy_ rule_synchroniz er.py:243^ [[00m^M