Policy Management
This comprehensive guide covers creating, managing, and troubleshooting policies in FLOPY-NET's Policy Engine, enabling dynamic network behavior and adaptive federated learning orchestration.
Policy Engine Overview
The FLOPY-NET Policy Engine provides declarative policy management for:
- Network QoS: Dynamic bandwidth allocation, traffic prioritization
- FL Governance: Training parameter adaptation, client selection
- Security Enforcement: Access control, anomaly response
- Resource Management: Adaptive resource allocation, load balancing
- Event Response: Automated responses to system events
Policy Fundamentals
1. Policy Structure
Every policy consists of three main components:
{
"name": "FL Traffic Priority Policy",
"conditions": [
{
"field": "traffic_type",
"operator": "equals",
"value": "fl_communication"
}
],
"actions": [
{
"type": "set_qos_class",
"parameters": {
"dscp": "AF41",
"bandwidth_guarantee": "20Mbps"
}
}
]
}
Components:
- Conditions: When the policy should trigger
- Actions: What the policy should do
- Metadata: Priority, category, scheduling information
2. Policy Categories
FLOPY-NET supports several policy categories:
Network QoS Policies:
- Traffic prioritization
- Bandwidth allocation
- Latency optimization
- Congestion control
FL Governance Policies:
- Training parameter adaptation
- Client selection criteria
- Model aggregation rules
- Convergence optimization
Security Policies:
- Access control enforcement
- Anomaly detection response
- Privacy protection
- Audit logging
Resource Management Policies:
- CPU/memory allocation
- Storage management
- Load balancing
- Auto-scaling
Creating Policies
1. Basic Policy Creation
Create a simple QoS policy:
curl -X POST http://localhost:5000/api/v1/policies \
-H "Content-Type: application/json" \
-d '{
"name": "Basic FL Priority",
"description": "Prioritize FL communication traffic",
"category": "network_qos",
"priority": "high",
"conditions": [
{
"field": "traffic_type",
"operator": "equals",
"value": "fl_communication"
}
],
"actions": [
{
"type": "set_qos_class",
"parameters": {
"dscp": "AF41",
"bandwidth_guarantee": "15Mbps"
}
}
]
}'
2. Advanced Policy Conditions
Multiple Conditions (AND logic):
{
"conditions": [
{
"field": "experiment_priority",
"operator": "equals",
"value": "high"
},
{
"field": "network_utilization",
"operator": "less_than",
"value": 70
},
{
"field": "time_of_day",
"operator": "between",
"value": ["09:00", "17:00"]
}
]
}
Complex Conditions (OR logic):
{
"conditions": [
{
"logic": "or",
"subconditions": [
{
"field": "client_type",
"operator": "equals",
"value": "mobile"
},
{
"field": "client_battery",
"operator": "less_than",
"value": 20
}
]
}
]
}
Conditional Operators:
equals,not_equalsgreater_than,less_than,greater_or_equal,less_or_equalin,not_incontains,not_containsmatches(regex),not_matchesbetween,not_betweenexists,not_exists
3. Policy Actions
Network Actions:
{
"actions": [
{
"type": "set_qos_class",
"parameters": {
"dscp": "AF41",
"bandwidth_guarantee": "20Mbps",
"priority": "high"
}
},
{
"type": "install_flow_rule",
"parameters": {
"switch_id": "of:0000000000000001",
"priority": 100,
"match": {"tcp_dst": 8080},
"actions": ["set_queue:1", "output:2"]
}
},
{
"type": "allocate_bandwidth",
"parameters": {
"min_bandwidth": "10Mbps",
"max_bandwidth": "50Mbps",
"adaptive": true
}
}
]
}
FL Training Actions:
{
"actions": [
{
"type": "adjust_training_params",
"parameters": {
"local_epochs": 3,
"batch_size": 64,
"learning_rate": 0.005
}
},
{
"type": "select_clients",
"parameters": {
"strategy": "resource_aware",
"max_clients": 8,
"min_battery": 30
}
},
{
"type": "trigger_aggregation",
"parameters": {
"force": true,
"min_participants": 5
}
}
]
}
System Actions:
{
"actions": [
{
"type": "send_alert",
"parameters": {
"severity": "warning",
"message": "Network congestion detected",
"channels": ["email", "webhook"]
}
},
{
"type": "execute_script",
"parameters": {
"script": "/opt/scripts/network_optimization.sh",
"timeout": 30
}
},
{
"type": "log_event",
"parameters": {
"level": "info",
"message": "Policy {{policy_name}} executed",
"structured_data": true
}
}
]
}
Policy Templates
1. Using Built-in Templates
List available templates:
curl http://localhost:5000/api/v1/policies/templates
Create policy from template:
curl -X POST http://localhost:5000/api/v1/policies/from-template \
-H "Content-Type: application/json" \
-d '{
"template_id": "tpl_fl_priority",
"name": "Custom FL Priority Policy",
"parameters": {
"bandwidth_guarantee": "25Mbps",
"dscp_marking": "AF42",
"priority_level": "high"
}
}'
2. Creating Custom Templates
curl -X POST http://localhost:5000/api/v1/policies/templates \
-H "Content-Type: application/json" \
-d '{
"name": "Adaptive Bandwidth Template",
"description": "Template for adaptive bandwidth allocation",
"category": "network_qos",
"parameters": [
{
"name": "base_bandwidth",
"type": "string",
"default": "10Mbps",
"description": "Base bandwidth guarantee"
},
{
"name": "scaling_factor",
"type": "number",
"default": 1.5,
"min": 1.0,
"max": 3.0,
"description": "Bandwidth scaling factor under load"
},
{
"name": "trigger_threshold",
"type": "number",
"default": 80,
"min": 50,
"max": 95,
"description": "Utilization threshold to trigger scaling"
}
],
"template": {
"conditions": [
{
"field": "network_utilization",
"operator": "greater_than",
"value": "{{trigger_threshold}}"
}
],
"actions": [
{
"type": "allocate_bandwidth",
"parameters": {
"min_bandwidth": "{{base_bandwidth}}",
"scaling_factor": "{{scaling_factor}}"
}
}
]
}
}'
Advanced Policy Features
1. Conditional Logic
Nested Conditions:
{
"conditions": [
{
"logic": "and",
"subconditions": [
{
"field": "experiment_status",
"operator": "equals",
"value": "running"
},
{
"logic": "or",
"subconditions": [
{
"field": "fl_training_phase",
"operator": "equals",
"value": "model_aggregation"
},
{
"field": "client_count",
"operator": "greater_than",
"value": 10
}
]
}
]
}
]
}
Time-based Conditions:
{
"conditions": [
{
"field": "current_time",
"operator": "between",
"value": ["22:00", "06:00"],
"timezone": "UTC"
},
{
"field": "day_of_week",
"operator": "in",
"value": ["saturday", "sunday"]
}
]
}
2. Policy Scheduling
Scheduled Activation:
{
"schedule": {
"type": "cron",
"expression": "0 9 * * MON-FRI",
"timezone": "America/New_York",
"end_date": "2024-06-30T23:59:59Z"
}
}
Event-based Scheduling:
{
"schedule": {
"type": "event",
"trigger_events": ["experiment_started", "network_congestion"],
"delay": "5m",
"max_executions": 10
}
}
3. Policy Dependencies
Define policy execution order:
{
"dependencies": {
"requires": ["policy_bandwidth_allocation"],
"conflicts": ["policy_traffic_shaping_strict"],
"order": "after"
}
}
4. Policy Rollback
Enable automatic rollback on failure:
{
"rollback": {
"enabled": true,
"conditions": [
{
"field": "action_success_rate",
"operator": "less_than",
"value": 0.8
}
],
"actions": [
{
"type": "restore_previous_state"
},
{
"type": "send_alert",
"parameters": {
"message": "Policy rollback triggered"
}
}
]
}
}
Policy Testing and Simulation
1. Dry Run Mode
Test policies without executing actions:
curl -X POST http://localhost:5000/api/v1/policies/evaluate \
-H "Content-Type: application/json" \
-d '{
"context": {
"traffic_type": "fl_communication",
"network_utilization": 85,
"experiment_priority": "high"
},
"dry_run": true
}'
2. Policy Simulation
Run comprehensive policy simulations:
curl -X POST http://localhost:5000/api/v1/policies/simulate \
-H "Content-Type: application/json" \
-d '{
"scenario": {
"name": "Network Congestion Simulation",
"duration": "1h",
"events": [
{
"timestamp": "2024-01-15T12:00:00Z",
"context": {
"network_utilization": 90,
"active_experiments": 5
}
}
]
},
"policies": ["pol_001", "pol_002"],
"metrics": ["response_time", "success_rate", "resource_impact"]
}'
3. A/B Testing
Compare policy effectiveness:
curl -X POST http://localhost:5000/api/v1/policies/ab-test \
-H "Content-Type: application/json" \
-d '{
"name": "Bandwidth Allocation A/B Test",
"policies": {
"control": "pol_conservative_bandwidth",
"treatment": "pol_aggressive_bandwidth"
},
"traffic_split": 0.5,
"duration": "24h",
"success_metrics": ["fl_convergence_time", "network_efficiency"]
}'
Policy Monitoring and Analytics
1. Policy Performance Metrics
Monitor policy execution:
# Get policy performance data
curl http://localhost:5000/api/v1/metrics/policies?policy_id=pol_001
# Response includes:
{
"policy_id": "pol_001",
"metrics": {
"execution_count": 156,
"success_rate": 0.987,
"avg_execution_time": "15ms",
"error_count": 2,
"last_execution": "2024-01-15T11:45:00Z"
},
"impact_analysis": {
"network_improvement": 0.23,
"fl_acceleration": 0.15,
"resource_efficiency": 0.31
}
}
2. Policy Events and Logs
Track policy execution events:
# Get policy events
curl http://localhost:5000/api/v1/events?policy_id=pol_001&from=2024-01-15T10:00:00Z
# Stream real-time events
curl -N http://localhost:5000/api/v1/events/stream \
-H "Accept: text/event-stream"
3. Policy Impact Analysis
Analyze policy effectiveness:
import requests
import pandas as pd
# Fetch policy impact data
response = requests.get(
"http://localhost:5000/api/v1/analytics/policy-impact",
params={
"policy_id": "pol_001",
"metrics": ["fl_accuracy", "training_time", "network_utilization"],
"comparison_period": "before_after"
}
)
data = response.json()
# Create impact analysis
before_accuracy = data["before"]["fl_accuracy"]["avg"]
after_accuracy = data["after"]["fl_accuracy"]["avg"]
improvement = (after_accuracy - before_accuracy) / before_accuracy * 100
print(f"Policy improved FL accuracy by {improvement:.2f}%")
Policy Governance
1. Policy Versioning
Track policy changes:
# View policy history
curl http://localhost:5000/api/v1/policies/pol_001/history
# Revert to previous version
curl -X POST http://localhost:5000/api/v1/policies/pol_001/revert \
-d '{"version": 3}'
# Create policy branch
curl -X POST http://localhost:5000/api/v1/policies/pol_001/branch \
-d '{"name": "experimental_branch"}'
2. Policy Approval Workflow
Implement policy approval process:
{
"approval_workflow": {
"enabled": true,
"stages": [
{
"name": "technical_review",
"reviewers": ["tech_lead@example.com"],
"required_approvals": 1
},
{
"name": "security_review",
"reviewers": ["security@example.com"],
"required_approvals": 1,
"conditions": [
{
"field": "policy_category",
"operator": "equals",
"value": "security"
}
]
}
],
"auto_approve": {
"conditions": [
{
"field": "policy_priority",
"operator": "equals",
"value": "low"
}
]
}
}
}
3. Policy Compliance
Ensure policy compliance:
# Run compliance check
curl -X POST http://localhost:5000/api/v1/policies/compliance-check \
-d '{
"policies": ["pol_001", "pol_002"],
"standards": ["company_network_policy", "gdpr_privacy"]
}'
# Generate compliance report
curl http://localhost:5000/api/v1/reports/compliance \
-H "Accept: application/pdf" \
-o compliance_report.pdf
Troubleshooting Policies
1. Common Policy Issues
Issue: Policy Not Triggering
Diagnosis:
# Check policy status
curl http://localhost:5000/api/v1/policies/pol_001
# Test policy conditions
curl -X POST http://localhost:5000/api/v1/policies/evaluate \
-d '{
"context": {"traffic_type": "fl_communication"},
"dry_run": true,
"debug": true
}'
# Review policy logs
curl http://localhost:5000/api/v1/events?policy_id=pol_001&type=evaluation
Solutions:
- Verify policy is active and not expired
- Check condition logic and field names
- Ensure context data is being provided correctly
- Review policy priority and conflicts
Issue: Policy Actions Failing
Diagnosis:
# Check action execution logs
curl http://localhost:5000/api/v1/events?policy_id=pol_001&type=action_failed
# Test action execution
curl -X POST http://localhost:5000/api/v1/policies/pol_001/test-action \
-d '{"action_index": 0}'
# Verify external service connectivity
curl http://localhost:8181/api/v1/health # SDN Controller
curl http://localhost:8080/api/v1/health # FL Server
Solutions:
- Check external service connectivity
- Verify action parameters and syntax
- Review service-specific error logs
- Test actions in isolation
2. Policy Debugging
Enable detailed policy debugging:
# Enable debug mode
curl -X PUT http://localhost:5000/api/v1/config \
-d '{"debug": {"enabled": true, "level": "verbose"}}'
# Get detailed execution trace
curl http://localhost:5000/api/v1/policies/pol_001/debug \
-d '{
"context": {"traffic_type": "fl_communication"},
"trace_level": "detailed"
}'
3. Performance Optimization
Optimize policy performance:
# Analyze policy performance
curl http://localhost:5000/api/v1/analytics/policy-performance
# Optimize policy execution order
curl -X POST http://localhost:5000/api/v1/policies/optimize-order
# Enable policy caching
curl -X PUT http://localhost:5000/api/v1/config \
-d '{"caching": {"enabled": true, "ttl": "300s"}}'
Best Practices
1. Policy Design Principles
- Keep it Simple: Start with simple policies and add complexity gradually
- Single Responsibility: Each policy should have one clear purpose
- Testable: Design policies that can be easily tested and validated
- Maintainable: Use clear naming and documentation
- Performant: Optimize conditions for fast evaluation
2. Policy Organization
- Naming Convention: Use descriptive, consistent naming
- Categorization: Group related policies by category
- Documentation: Document policy purpose, behavior, and dependencies
- Versioning: Track policy changes and maintain history
3. Testing Strategy
- Unit Testing: Test individual policy components
- Integration Testing: Test policy interactions with services
- Load Testing: Verify policy performance under load
- Regression Testing: Ensure changes don't break existing functionality
4. Monitoring and Maintenance
- Regular Review: Periodically review and update policies
- Performance Monitoring: Track policy execution metrics
- Alert Management: Set up alerts for policy failures
- Impact Analysis: Measure policy effectiveness regularly
Next Steps
- GNS3 Integration - Network simulation with policy enforcement
- Advanced Configurations - Expert policy setups
- Policy Engine API Reference - Detailed API documentation
- Development Guide - Contributing to policy engine development