1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
# Moon
__Version 4.3__
This directory contains all the modules for running the Moon platform.
## Platform
### Setup
- [Docker installation](tools/moon_kubernetes/README.md)
- [kubeadm installation](tools/moon_kubernetes/README.md)
- [Moon deployment](tools/moon_kubernetes/README.md)
- [OpenStack deployment](tools/openstack/README.md)
### Micro-service Architecture
The Moon platform is composed on the following components/containers:
- *consul*: a Consul configuration server
- *db*: a MySQL database server
- *keystone*: a Keystone authentication server
- [gui](moon_gui/README.md): a Moon web interface
- [manager](moon_manager/README.md): the Moon manager for the database
- [orchestrator](moon_orchestrator/README.md): the Moon component that manage pods in te K8S platform
- [wrapper](moon_wrapper/README.md): the Moon endpoint where OpenStack component connect to.
## Manipulation
### moon_gui
The web access of Moon is through the URL `http://$MOON_HOST:30002` with the login and password of Keystone.
The default login and password can be found here: `http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit`.
**WARNING: the password is in clear text, this is a known security issue.**
### moon_manager
The REST access of Moon is through `http://$MOON_HOST:30001`
**WARNING: By default, no login/password will be needed because of the configuration which is in DEV mode.**
For more security, update `http://$MOON_HOST:30005/ui/#/dc1/kv/openstack/keystone/edit` by modifying the `check_token` argument to `yes`
Requests to Moon API must include a valid token taken from Keystone in the header of `X-Auth-Token`.
Check if the Manager API is running with:
```bash
curl http://$MOON_HOST:30001
curl http://$MOON_HOST:30001/pdp
curl http://$MOON_HOST:30001/policies
```
The Moon platform is fully installed and configured when you have no error with the `moon_get_keystone_projects`:
```bash
sudo pip install python_moonclient --upgrade
moon project list
```
### moon_wrapper
The moon_wrapper component is used to connect OpenStack to the Moon platform.
You need to load one wrapper before connecting OpenStack to Moon.
First of all, get the names of all available slaves:
```bash
moon slave list
```
Select the slave you want to configure:
```bash
moon slave set <name_of_the_slave>
```
If you don't put a name here, by default, the script will use `kubernetes-admin@kubernetes`
which is the master.
If you need to unload the slave, use the following command:
```bash
moon slave delete <name_of_the_slave>
```
If you don't put a name here, by default, the script will use `kubernetes-admin@kubernetes`.
## Tests
- [Python Unit Test](tests/python_unit/README.md)
- [Functional Test](tests/functional/README.md)
## Annexe
### Authentication
If you configured the authentication in the Moon platform:
```bash
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "<set_your_password_here>"
}
}
},
"scope": {
"project": {
"name": "admin",
"domain": { "id": "default" }
}
}
}
}' \
"http://moon_hostname:30006/v3/auth/tokens" ; echo
curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001
curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/pdp
curl --header "X-Auth-Token: <token_retrieve_from_keystone>" http://moon_hostname:30001/policies
```
|
