HP Matrix Operating Environment Software User Manual
Page 122
NOTE:
These parameters are required in the workflow definition even if the parameters are
not used within the workflow.
Insight Orchestration and Operations Orchestration communication
Insight Orchestration uses HTTPS communication with the Operations Orchestration Server to
invoke Operations Orchestration workflows and pass any data needed by the workflow. The
Operations Orchestration Server may be located on the same CMS as Insight Orchestration, or
may be on a separate server. HP recommends that Insight Orchestration and Operations
Orchestration be on the same trusted corporate network.
The Operations Orchestration workflow runs with Windows Local System privilege and can be
customized to run arbitrary actions such as file system reads, open network connections or send
email.
For some Operations Orchestration flows, Insight Orchestration waits for a user response before
moving to the next step of an infrastructure’s lifecycle (see
). Insight
Orchestration passes a unique, one time use User Token to these Operations Orchestration flows
to Administrator-defined email recipients. This token is used to authenticate the user response.
Insight Orchestration waits until the User Token is passed back to the Insight Orchestration
Service with the correct request ID before moving to the next step of the infrastructure service’s
lifecycle.
By default, these flows send email containing the URL of a response page to the Insight
Orchestration administrator. This URL contains the User Token and the ID of the request. The
admin opens the URL in a web browser, and is given a form that allows them to Continue or
Reject the request. Clicking either Continue or Reject opens a HTTPS connection to the Insight
Orchestration service and passes the user token, request id and requested action. If Insight
Orchestration confirms that the user token for the request id is correct, then Insight Orchestration
Continues or Cancels the request as appropriate.
If the User Token was intercepted, it is possible for an unauthorized user to approve, reject,
continue or cancel a step of a request on an infrastructure service. However, an administrator
will notice that the infrastructure service continued without his direct action and could then take
steps to correct the problem.
Administrative actions
Administrative Actions are Operations Orchestration Workflow processes invoked during
lifecycle of an infrastructure service.
•
Manual OS Deployment—Insight Orchestration waits for Continued or Canceled response
from user
•
Manual Storage Provisioning—Insight Orchestration waits for Continued or Canceled
response from user
•
Manual Storage Removal—Insight Orchestration waits for Continued or Canceled response
from user
•
Manual Disk Scrubbing—Insight Orchestration waits for Continued or Canceled response
from user
•
Request Approval—Insight Orchestration waits for Approved or Rejected response from
user
•
Service Begin Action
•
Service End Action
•
Global Service End Action
•
User Notification
•
User Pool Notification
•
Service Lease Notification
•
Service Recovery
•
Service Fail Action
122
HP Operations Orchestration communication security