diff options
-rw-r--r-- | README.md | 81 | ||||
-rw-r--r-- | tests/README.md | 77 | ||||
-rw-r--r-- | tests/functional/README.md | 27 | ||||
-rw-r--r-- | tests/python_unit/README.md | 5 | ||||
-rw-r--r-- | tests/python_unit/run_tests.sh | 4 | ||||
-rw-r--r-- | tools/jenkins/README.md | 1 | ||||
-rw-r--r-- | tools/moon_kubernetes/README.md | 33 |
7 files changed, 84 insertions, 144 deletions
@@ -1,16 +1,16 @@ # Moon __Version 4.3__ - This directory contains all the modules for running the Moon platform. -## Platform Setup + +## Platform +### Setup - [Docker installation](tools/moon_kubernetes/README.md) - [kubeadm installation](tools/moon_kubernetes/README.md) - [Moon deployment](tools/moon_kubernetes/README.md) - [OpenStack deployment](tools/openstack/README.md) - -## Micro-service Architecture +### Micro-service Architecture The Moon platform is composed on the following components/containers: - *consul*: a Consul configuration server - *db*: a MySQL database server @@ -23,83 +23,30 @@ The Moon platform is composed on the following components/containers: ## Manipulation ### moon_gui -The Moon platform comes with a graphical user interface which can be used with -a web browser at this URL `http://$MOON_HOST:30002` - -You will be asked to put a login and password. Those elements are the login and password -of the Keystone server, if you didn't modify the Keystone server, you will find the -login and password here `http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit` +The web access of Moon is through the URL `http://$MOON_HOST:30002` with the login and password of Keystone. +The default login and password can be found here: `http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit`. **WARNING: the password is in clear text, this is a known security issue.** ### moon_manager -The Moon platform can also be requested through its API `http://$MOON_HOST:30001` +The REST access of Moon is through `http://$MOON_HOST:30001` -**WARNING: By default, no login/password will be needed because of -the configuration which is in DEV mode.** +**WARNING: By default, no login/password will be needed because of the configuration which is in DEV mode.** -If you want more security, you have to update the configuration of the Keystone server here: -`http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit` -by modifying the `check_token` argument to `yes`. -If you write this modification, your requests to Moon API must always include a valid token -taken from the Keystone server. This token must be place in the header of the request -(`X-Auth-Token`). +For more security, update `http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit` by modifying the `check_token` argument to `yes` +Requests to Moon API must include a valid token taken from Keystone in the header of `X-Auth-Token`. -### End-to-end Functional Test -Check if the Manager API is running: +Check if the Manager API is running with: ```bash curl http://$MOON_HOST:30001 curl http://$MOON_HOST:30001/pdp curl http://$MOON_HOST:30001/policies ``` -### Consul Check -Check the Consul service for -- *Components/Manager*, e.g. -```json -{ - "port": 8082, - "bind": "0.0.0.0", - "hostname": "manager", - "container": "wukongsun/moon_manager:v4.3.1", - "external": { - "port": 30001, - "hostname": "$MOON_HOST" - } -} -``` -- *OpenStack/Keystone*: e.g. -```json -{ - "url": "http://keystone:5000/v3", - "user": "admin", - "password": "p4ssw0rd", - "domain": "default", - "project": "admin", - "check_token": false, - "certificate": false, - "external": { - "url": "http://$MOON_HOST:30006/v3" - } -} -``` - -### Tests -Launch functional [test scenario](tests/functional/scenario_enabled) : -```bash -sudo pip install python_moonclient --upgrade -cd $MOON_HOME/tests/functional/scenario_tests -moon_create_pdp --consul-host=$MOON_HOST --consul-port=30005 -v rbac_large.py -moon_get_keystone_project --consul-host=$MOON_HOST --consul-port=30005 -moon_get_pdp --consul-host=$MOON_HOST --consul-port=30005 -moon_map_pdp_to_project "<pdp_id>" "<keystone_project_id>" -moon_send_authz_to_wrapper --consul-host=$MOON_HOST --consul-port=30005 --authz-host=$WRAPPER_HOST --authz-port=$WRAPPER_PORT -v rbac_large.py -``` -To retrieve the wrapper information, use the following command: -```bash -kubectl get -n moon services | grep wrapper -``` +## Tests +- [Python Unit Test](tests/python_unit/README.md) +- [Functional Test](tests/functional/README.md) ## Annexe diff --git a/tests/README.md b/tests/README.md deleted file mode 100644 index c1437a2d..00000000 --- a/tests/README.md +++ /dev/null @@ -1,77 +0,0 @@ -# Moon Tests -## Functional Tests -### Test Platform Setup -#### Docker Installation -```bash -apt update -apt install -y docker.io -``` - -#### Kubeadm Installation -see: https://kubernetes.io/docs/setup/independent/install-kubeadm/ -```bash -apt-get update && apt-get install -y apt-transport-https -curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - -cat <<EOF >/etc/apt/sources.list.d/kubernetes.list -deb http://apt.kubernetes.io/ kubernetes-xenial main -EOF -apt-get update -apt-get install -y kubelet kubeadm kubectl -``` - -#### K8S Initialisation -```bash -cd $MOON_HOME -bash tools/moon_kubernetes/init_k8s.sh -``` - -Wait until all the kubeadm containers are in the `running` state: -```bash -watch kubectl get po --namespace=kube-system -``` - -You must see something like this: - - $ kubectl get po --namespace=kube-system - NAME READY STATUS RESTARTS AGE - calico-etcd-7qgjb 1/1 Running 0 1h - calico-node-f8zvm 2/2 Running 1 1h - calico-policy-controller-59fc4f7888-ns9kv 1/1 Running 0 1h - etcd-varuna 1/1 Running 0 1h - kube-apiserver-varuna 1/1 Running 0 1h - kube-controller-manager-varuna 1/1 Running 0 1h - kube-dns-bfbb49cd7-rgqxn 3/3 Running 0 1h - kube-proxy-x88wg 1/1 Running 0 1h - kube-scheduler-varuna 1/1 Running 0 1h - - -#### Deploy Moon -```bash -cd $MOON_HOME -sudo bash tools/moon_kubernetes/start_moon.sh -``` - -Wait until all the Moon containers are in the `running` state: -```bash -watch kubectl get po --namespace=moon -``` - -You must see something like this: - - $ kubectl get po --namespace=moon - NAME READY STATUS RESTARTS AGE - consul-57b6d66975-9qnfx 1/1 Running 0 52m - db-867f9c6666-bq8cf 1/1 Running 0 52m - gui-bc9878b58-q288x 1/1 Running 0 51m - keystone-7d9cdbb69f-bl6ln 1/1 Running 0 52m - manager-5bfbb96988-2nvhd 1/1 Running 0 51m - manager-5bfbb96988-fg8vj 1/1 Running 0 51m - manager-5bfbb96988-w9wnk 1/1 Running 0 51m - orchestrator-65d8fb4574-tnfx2 1/1 Running 0 51m - wrapper-astonishing-748b7dcc4f-ngsvp 1/1 Running 0 51m - -### Launch Functional for Target Module -```bash -cd $MOON_HOME -sudo bash $TARGET_MODULE/tests/functional_pod/run_functional_tests.sh -``` diff --git a/tests/functional/README.md b/tests/functional/README.md new file mode 100644 index 00000000..4cac22b6 --- /dev/null +++ b/tests/functional/README.md @@ -0,0 +1,27 @@ +# Moon Functional Test + +[Test Platform Setup](../../tools/moon_kubernetes/README.md) + + +### Pod Functional Test +Launch functional [test scenario](tests/functional/scenario_enabled) : +```bash +sudo pip install python_moonclient --upgrade +cd $MOON_HOME/tests/functional/scenario_tests +moon_create_pdp --consul-host=$MOON_HOST --consul-port=30005 -v rbac_large.py +moon_get_keystone_project --consul-host=$MOON_HOST --consul-port=30005 +moon_get_pdp --consul-host=$MOON_HOST --consul-port=30005 +moon_map_pdp_to_project "<pdp_id>" "<keystone_project_id>" +moon_send_authz_to_wrapper --consul-host=$MOON_HOST --consul-port=30005 --authz-host=$WRAPPER_HOST --authz-port=$WRAPPER_PORT -v rbac_large.py +``` + +To retrieve the wrapper information, use the following command: +```bash +kubectl get -n moon services | grep wrapper +``` + +Launch functional tests: +```bash +cd $MOON_HOME +sudo bash $TARGET_MODULE/tests/functional_pod/run_functional_tests.sh +``` diff --git a/tests/python_unit/README.md b/tests/python_unit/README.md new file mode 100644 index 00000000..a399f834 --- /dev/null +++ b/tests/python_unit/README.md @@ -0,0 +1,5 @@ +# Python Unit Test + +```bash +bash run_tests.sh +``` diff --git a/tests/python_unit/run_tests.sh b/tests/python_unit/run_tests.sh new file mode 100644 index 00000000..86a5e06a --- /dev/null +++ b/tests/python_unit/run_tests.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash + +cd ${MOON_HOME}/python_moonclient +docker run --rm --volume $(pwd):/data wukongsun/moon_python_unit_test:latest
\ No newline at end of file diff --git a/tools/jenkins/README.md b/tools/jenkins/README.md new file mode 100644 index 00000000..8b137891 --- /dev/null +++ b/tools/jenkins/README.md @@ -0,0 +1 @@ + diff --git a/tools/moon_kubernetes/README.md b/tools/moon_kubernetes/README.md index 73d342fa..2077e580 100644 --- a/tools/moon_kubernetes/README.md +++ b/tools/moon_kubernetes/README.md @@ -78,6 +78,39 @@ You must see something like this: manager-5bfbb96988-w9wnk 1/1 Running 0 51m orchestrator-65d8fb4574-tnfx2 1/1 Running 0 51m wrapper-astonishing-748b7dcc4f-ngsvp 1/1 Running 0 51m + + +### Troubleshoot +check *Consul* for: +- *Components/Manager*, e.g. +```json +{ + "port": 8082, + "bind": "0.0.0.0", + "hostname": "manager", + "container": "wukongsun/moon_manager:v4.3.1", + "external": { + "port": 30001, + "hostname": "$MOON_HOST" + } +} +``` +- *OpenStack/Keystone*: e.g. +```json +{ + "url": "http://keystone:5000/v3", + "user": "admin", + "password": "p4ssw0rd", + "domain": "default", + "project": "admin", + "check_token": false, + "certificate": false, + "external": { + "url": "http://$MOON_HOST:30006/v3" + } +} +``` + ### Docker-K8S Port Mapping ```yamlex |