To limit resource consumption when users deploy cloud templates in Cloud Assembly and request catalog items in Service Broker, you can create a limit policy using the Service Broker Policies API. The policy applies limits to all deployments in an organization by default.
The following procedure shows how to use the Deployment limit API to get the cloud template ID before creating the deployment limit policy using the Policy API.
Prerequisites
- Verify that general prerequisites have been satisfied. See Prerequisites for Creating Policies.
- Assign an API version variable for the Deployment Limit API.
api_version_deploymentlimit='2020-11-01'Note: The Deployment Limit API and Policies API have different API version values. You set the API version value for the Policy API when you satisfied the general prerequisites. The Deployment Limit API is grouped with the Approvals services API. See API Services. - Verify you know the resource criteria that you want to use to restrict the policy.
Procedure
Example: Create a deployment limit policy
Create a deployment limit policy named Sample Limit Policy that is applied to limit resource usage in deployments created from a cloud template named template2.
Assign variables.
$ url='https://appliance.domain.com'
$ api_version='2020-08-25'
$ api_version_deploymentlimit='2020-11-01'
$ orgId='394a4ccb-22c6-4ef0-8c75-8b77efbefb51'
List the cloud templates.
$ curl -X GET \ $url/deploymentlimit/api/policy/data/blueprints?apiVersion=$api_version_deploymentlimit \ -H "Authorization: Bearer $access_token" | jq "."
Examine the response to find the cloud template named template2.
...
{
"id": "3d3c714f-0aeb-423d-a494-97e85e4a8566",
"name": "template2",
"description": "Cloud template for example deployment"
},
...
Assign the cloud template ID variable.
$ cloudtemplateId = "3d3c714f-0aeb-423d-a494-97e85e4a8566"
Use the cloud template ID to create the deployment limit policy with hard enforcement named Sample Limit Policy. The value for the type ID is fixed as com.vmware.policy.deployment.limit.
$ curl -X POST \
$url/policy/api/policies?apiVersion=$api_version \
-H "Authorization: Bearer $access_token" \
-H 'Content-Type: application/json' \
-d '{
"name": "Sample Limit Policy",
"enforcementType": "HARD",
"typeId": "com.vmware.policy.deployment.limit"
"definition": {
"deploymentLimits": {
"cpu": {
"value": 6
},
"memory": {
"unit": "GB",
"value": 5
},
"instances": {
"value": 3
},
"storage": {
"unit": "GB",
"value": "20
},
},
"deploymentResourceLimits": {
"resources": [
{
"name": "vSphere-Machine-Limits",
"limits": {
"cpu": {
"value": 2
},
"memory": {
"unit": "GB",
"value": 2
},
"storage": {
"unit": "GB",
"value": "20
}
},
"criteria": {
"matchExpression": [
{
"key": "type",
"value": "Cloud.vSphere.Machine",
"operator": "eq"
}
]
}
}
]
},
"criteria": {
"matchExpression": [
{
"key": "blueprintId",
"operator": "eq",
"value": "'$cloudtemplateId'"
}
]
}
}
}
| jq "."
The response shows the deployment limit policy.
{
"id": "62ad2f02-0b2a-4ed8-a739-a6c40d761e49",
"name": "Sample Limit Policy",
"typeId": "com.vmware.policy.deployment.limit",
"enforcementType": "HARD",
"orgId": "d2994f92-bd52-45b1-9220-686b20944c2c",
"definition": {
"deploymentLimits": {
"cpu": {
"value": 6
},
"memory": {
"unit": "GB",
"value": 5
},
"instances": {
"value": 3
},
"storage": {
"unit": "GB",
"value": 20
}
},
"deploymentResourceLimits": {
"resources": [
{
"name": "vSphere-Machine-Limits",
"limits": {
"cpu": {
"value": 2
},
"memory": {
"unit": "GB",
"value": 2
},
"storage": {
"unit": "GB",
"value": "20
}
},
"criteria": {
"matchExpression": [
{
"key": "type",
"value": "Cloud.vSphere.Machine",
"operator": "eq"
}
]
}
}
]
}
},
"criteria": {
"matchExpression": [
{
"key": "blueprintId",
"operator": "eq",
"value": "7950795a-4f66-451c-a79f-be9ef6bd723c"
}
]
},
"createdAt": "2021-11-088T09:45:38.108885Z",
"createdBy": "[email protected]",
"lastUpdatedAt": "2021-11-08T09:45:38.108885Z",
"lastUpdatedBy": "[email protected]"
}
