moonv4 test doc

Change-Id: Ibdb221449cc72f483d72c387d427cd1f06e957c2
Signed-off-by: RHE <rebirthmonkey@gmail.com>

1 files changed, 119 insertions, 118 deletions

diff --git a/moonv4/README.md b/moonv4/README.md
index d05c03b2..ba3604d6 100644
--- a/moonv4/README.md
+++ b/moonv4/README.md
@@ -3,68 +3,61 @@ __Version 4.3__
 
 This directory contains all the modules for running the Moon platform.
 
-**WARNING: this is a proof of concept, don't expect anymore...**
-
 ## Installation
-
 ### kubeadm
-
 You must follow those explanations to install `kubeadm`:
-
 > https://kubernetes.io/docs/setup/independent/install-kubeadm/
 
 To summarize, you must install `docker`:
-
-    apt update
-    apt install -y docker.io
-
+```bash
+apt update
+apt install -y docker.io
+```
+    
 And then, install `kubeadm`:
-
-    apt update && apt install -y apt-transport-https
-    curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
-    cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
-    deb http://apt.kubernetes.io/ kubernetes-xenial main
-    EOF
-    apt update
-    apt install -y kubelet kubeadm kubectl
-
+```bash
+apt update && apt install -y apt-transport-https
+curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
+cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
+deb http://apt.kubernetes.io/ kubernetes-xenial main
+EOF
+apt update
+apt install -y kubelet kubeadm kubectl
+```
 
 ### Moon
-
 The Moon code is not necessary to start the platform but you need
 Kubernetes configuration files from the GIT repository. 
 
 The easy way is to clone the Moon code:
-
-    git clone https://git.opnfv.org/moon
-    cd moon/moonv4
-    export MOON=$(pwd)
-
+```bash
+git clone https://git.opnfv.org/moon
+cd moon/moonv4
+export MOON=$(pwd)
+```
 
 ### OpenStack
-
 You must have the following OpenStack components installed somewhere:
-
 - nova, see [Nova install](https://docs.openstack.org/mitaka/install-guide-ubuntu/nova-controller-install.html)
 - glance, see [Glance install](https://docs.openstack.org/glance/pike/install/)
 
 A Keystone component is automatically installed and configured in the Moon platform.
 After the Moon platform installation, the Keystone server will be available 
-at: http://localhost:30005 or http://\<servername\>:30005
+at: `http://localhost:30005 or http://\<servername\>:30005`
 
 You can also use your own Keystone server if you want.
 
-## initialisation
-
+## Initialisation
 ### kubeadm
-
 The `kubeadm` platform can be initialized with the following shell script:
-
-    sh kubernetes/init_k8s.sh
+```bash
+sh kubernetes/init_k8s.sh
+```
     
 Wait until all the kubeadm containers are in the `running` state:
-
-    watch kubectl get po --namespace=kube-system
+```bash
+watch kubectl get po --namespace=kube-system
+```
     
 You must see something like this:
 
@@ -81,9 +74,7 @@ You must see something like this:
     kube-scheduler-varuna                       1/1       Running   0          1h
 
 ### Moon
-
 The Moon platform is composed on the following components:
-
 * `consul`: a Consul configuration server
 * `db`: a MySQL database server
 * `keystone`: a Keystone authentication server
@@ -93,36 +84,31 @@ The Moon platform is composed on the following components:
 * `wrapper`: the Moon endpoint where OpenStack component connect to.
 
 At this point, you must choose one of the following options:
-
 * Specific configuration
 * Generic configuration 
 
-#### Specific configuration
-
+#### Specific Configuration
 Why using a specific configuration:
-
 1. The `db` and `keystone` can be installed by yourself but you must configure the 
 Moon platform to use them.
 2. You want to change the default passwords in the Moon platform
 
-Use the following commands:
-
-    TODO
-
-#### Generic configuration 
+Use the following commands: `TODO`
 
+#### Generic Configuration 
 Why using a specific configuration:
-
 1. You just want to test the platform
 2. You want to develop on the Moon platform
 
 The `Moon` platform can be initialized with the following shell script:
+```bash
+sh kubernetes/start_moon.sh
+```
 
-    sh kubernetes/start_moon.sh
-    
 Wait until all the Moon containers are in the `running` state:
-
-    watch kubectl get po --namespace=moon
+```bash
+watch kubectl get po --namespace=moon
+```
 
 You must see something like this:
 
@@ -138,13 +124,9 @@ You must see something like this:
     orchestrator-65d8fb4574-tnfx2          1/1       Running   0          51m
     wrapper-astonishing-748b7dcc4f-ngsvp   1/1       Running   0          51m
 
-
-## configuration
-
+## Configuration
 ### Moon
-
 #### Introduction
-
 The Moon platform is already configured after the installation.
 If you want to see or modify the configuration, go with a web browser 
 to the following page: 
@@ -159,18 +141,14 @@ and not during its life cycle.
 This is a known security issue.**
 
 #### Keystone
-
 If you have your own Keystone server, you can point Moon to your server in the 
 `openstack/keystone` element or through the link: 
-
 > http://localhost:30005/ui/#/dc1/kv/openstack/keystone/edit
 
 This configuration element is read every time Moon need it, specially when adding users.
 
 #### Database
-
 The database can also be modified here: 
-
 > http://varuna:30005/ui/#/dc1/kv/database/edit
 
 **WARNING: the password is in clear text, this is a known security issue.**
@@ -187,25 +165,23 @@ This can be done with the following commands:
     kubectl create -f kubernetes/templates/moon_configuration.yaml
 
 
-### Openstack
-
+### OpenStack
 Before updating the configuration of the OpenStack platform, check that the platform 
 is working without Moon, use the following commands:
-    
-    # set authentication
-    openstack endpoint list
-    openstack user list
-    openstack server list
+```bash    
+# set authentication
+openstack endpoint list
+openstack user list
+openstack server list
+```
 
 In order to connect the OpenStack platform with the Moon platform, you must update some
 configuration files in Nova and Glance: 
-
 * `/etc/nova/policy.json`
 * `/etc/glance/policy.json`
 
 In some installed platform, the `/etc/nova/policy.json` can be absent so you have 
 to create one. You can find example files in those directory:
-
 > ${MOON}/moonv4/templates/nova/policy.json
 > ${MOON}/moonv4/templates/glance/policy.json
 
@@ -230,30 +206,25 @@ To find this TCP port, use the following command:
     31002/TCP
 
 ### Moon
-
 The Moon platform comes with a graphical user interface which can be used with 
 a web browser at this URL:
-
-> http://localhost:30002
+> http://$MOON_HOST:30002
 
 You will be asked to put a login and password. Those elements are the login and password 
 of the Keystone server, if you didn't modify the Keystone server, you will find the 
 login and password here:
-
-> http://varuna:30005/ui/#/dc1/kv/openstack/keystone/edit 
+> http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit 
 
 **WARNING: the password is in clear text, this is a known security issue.**
 
 The Moon platform can also be requested through its API:
-
-> http://localhost:30001
+> http://$MOON_HOST:30001
 
 **WARNING: By default, no login/password will be needed because of 
 the configuration which is in DEV mode.**
 
 If you want more security, you have to update the configuration of the Keystone server here:
-
-> http://varuna:30005/ui/#/dc1/kv/openstack/keystone/edit 
+> http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit 
 
 by modifying the `check_token` argument to `yes`.
 If you write this modification, your requests to Moon API must always include a valid token 
@@ -261,58 +232,88 @@ taken from the Keystone server. This token must be place in the header of the re
 (`X-Auth-Token`).
 
 ## usage
-
 ### tests the platform
-
 In order to know if the platform is healthy, here are some commands you can use.
-
 1) Check that all the K8S pods in the Moon namespace are in running state:
-
-    kubectl get pods -n moon
+`kubectl get pods -n moon`
     
 2) Check if the Manager API is running:
-
-    curl http://moon_hostname:30001
-    curl http://moon_hostname:30001/pdp
-    curl http://moon_hostname:30001/policies
-   
+```bash
+curl http://$MOON_HOST:30001
+curl http://$MOON_HOST:30001/pdp
+curl http://$MOON_HOST:30001/policies
+```
     
-   If you configured the authentication in the Moon platform:
-
-    curl -i \
-      -H "Content-Type: application/json" \
-      -d '
-    { "auth": {
-        "identity": {
-          "methods": ["password"],
-          "password": {
-            "user": {
-              "name": "admin",
-              "domain": { "id": "default" },
-              "password": "<set_your_password_here>"
-            }
-          }
-        },
-        "scope": {
-          "project": {
-            "name": "admin",
-            "domain": { "id": "default" }
-          }
+If you configured the authentication in the Moon platform:
+```bash
+curl -i \
+  -H "Content-Type: application/json" \
+  -d '
+{ "auth": {
+    "identity": {
+      "methods": ["password"],
+      "password": {
+        "user": {
+          "name": "admin",
+          "domain": { "id": "default" },
+          "password": "<set_your_password_here>"
         }
       }
-    }' \
-      "http://moon_hostname:30006/v3/auth/tokens" ; echo
-      
-    curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001
-    curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/pdp
-    curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/policies
-
+    },
+    "scope": {
+      "project": {
+        "name": "admin",
+        "domain": { "id": "default" }
+      }
+    }
+  }
+}' \
+  "http://moon_hostname:30006/v3/auth/tokens" ; echo
+  
+curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001
+curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/pdp
+curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/policies
+```
+    
 3) Use a web browser to navigate to the GUI and enter the login and password of the keystone service:
-
-    firefox http://moon_hostname:30002
+`firefox http://$MOON_HOST:30002`
+
+4) Use tests Python Scripts
+check firstly the Consul service for *Components/Manager*, e.g. 
+```json
+{
+  "port": 8082, 
+  "bind": "0.0.0.0", 
+  "hostname": "manager", 
+  "container": "wukongsun/moon_manager:v4.3.1", 
+  "external": {
+    "port": 30001, 
+    "hostname": "$MOON_HOST"
+  }
+}
+```
+*OpenStack/Keystone*: e.g. 
+```json
+{
+  "url": "http://keystone:5000/v3", 
+  "user": "admin", 
+  "password": "p4ssw0rd", 
+  "domain": "default", 
+  "project": "admin", 
+  "check_token": false, 
+  "certificate": false, 
+  "external": {
+    "url": "http://$MOON_HOST:30006/v3"
+  }
+}
+```
+
+```bash
+python3 populate_default_values.py --consul-host=$MOON_HOST --consul-port=30005 -v scenario/rbac_large.py
+python3 send_authz.py --consul-host=$MOON_HOST --consul-port=30005 --authz-host=$MOON_HOST --authz-port=31002 -v scenario/rbac_large.py
+```
     
 ### GUI usage
-
 After authentication, you will see 4 tabs: Project, Models, Policies, PDP:
 
 * *Projects*: configure mapping between Keystone projects and PDP (Policy Decision Point)