Merge "declare data center / region failures out of scope"

2016-06-06 15:02:10 +00:00
parent 4e249d1aea d2d17f2f13
commit d6181c66d2
1 changed files with 13 additions and 1 deletions
--- a/user-stories/proposed/ha_vm.rst
+++ b/user-stories/proposed/ha_vm.rst
@@ -64,7 +64,19 @@ can be detected and recovered by the system. Possible failure events include:

 * Attached Cinder volume failure

-* Availability Zone/Data Center/Region failure
+* Availability Zone failure
+
+* Data Center / Region failure
+
+  Failure of a whole region or data center is obviously much more severe,
+  requiring recovery of not just compute nodes but also OpenStack services in
+  the control plane.  It needs to be covered by a Disaster Recovery plan,
+  which will vary greatly for each cloud depending on its architecture,
+  supported workloads, required SLAs, and organizational structure.  As such,
+  a general solution to Disaster Recovery is a problem of considerable
+  complexity, therefore it makes sense to keep it out of scope for this user
+  story, which should instead be viewed as a necessary and manageable step on
+  the long road to that solution.

 N.B. This user story concerns high availability, not 100% availability.
 Therefore some service interruption is usually expected when failures occur.