diff --git a/benchmark/Makefile b/benchmark/Makefile index 6aef34be..b4dac4a1 100644 --- a/benchmark/Makefile +++ b/benchmark/Makefile @@ -22,5 +22,5 @@ run_job: .PHONY: cleanup cleanup: - oc -n $(NAMESPACE) delete job $(NAME) + oc -n $(NAMESPACE) delete job $(NAME) --ignore-not-found=true oc -n $(NAMESPACE) delete secret $(NAME)-secret diff --git a/benchmark/benchmark-guide.md b/benchmark/README.md similarity index 76% rename from benchmark/benchmark-guide.md rename to benchmark/README.md index 08dcbcc3..0b0dbb76 100644 --- a/benchmark/benchmark-guide.md +++ b/benchmark/README.md @@ -6,7 +6,7 @@ - You need a keycloak server with dataset provider added to be able to use it for generating test data - To build such server image, run `.github/workflows/publish-image-keycloak-benchmark.yml` that builds an image using `docker/keycloak/Dockerfile-26-perf` that explicitly copies `docker/keycloak/dataset-providers/keycloak-benchmark-dataset-0.15-SNAPSHOT.jar` provider -- Deploy keycloak server run from this image **ONLY** in a test namespace +- Deploy keycloak server run from this image **ONLY** in a test namespace. See the [sso-helm-charts repo](https://github.com/bcgov/sso-helm-charts/tree/main/charts/keycloak). - After the testing is complete, uninstall the server from the namespace ### Runner Image @@ -66,7 +66,6 @@ export ADMIN_PASSWORD= # using 100 users and 100 clients to make 34 req/s for a duration of upto 30 mins ./bin/kcb.sh --scenario=${SCENARIO} --server-url=${SERVER_URL}/auth --admin-username=${ADMIN_USERNAME} --admin-password=${ADMIN_PASSWORD} --users-per-sec=34 --ramp-up=300 --users-per-realm=101 --measurement=1800 --clients-per-realm=101 ``` - ### Locally - with entrypoint.sh - Create `.env` from `.env.example` and set the appropriate values for the variables @@ -79,12 +78,33 @@ export ADMIN_PASSWORD= - Run `make cleanup` to ensure old resources get deleted - Run `make run_job` to deploy a secret and a job that executes `entrypoint.sh` script in a pod +## ADDITIONAL_CONFIG + +There are four runs we have done with the previous versions of keycloak. In order for runs to be comparable the same runs should be done on future versions. These are controlled by the `ADDITIONAL_CONFIG` env var. + +### Run 1 + +ADDITIONAL_CONFIG := "--users-per-sec=34 --ramp-up=300 --users-per-realm=101 --measurement=1800 --clients-per-realm=101" + +### Run 2 +--users-per-sec=100 --ramp-up=300 --users-per-realm=5001 --measurement=1800 --clients-per-realm=301 +` + +### Run 3 +--users-per-sec=200 --ramp-up=300 --users-per-realm=9000 --measurement=1800 --clients-per-realm=301 + +### Run 4 +This is a different scenerio, it is not an Auth Code flow like the other tests. The new environment vars are: + +SCENARIO := "keycloak.scenario.authentication.ClientSecret" +ADDITIONAL_CONFIG := "--users-per-sec=500 --ramp-up=300 --users-per-realm=9995 --measurement=1800 --clients-per-realm=395" + ## Reports - The html report will be generated under the `./results` directory if running locally without using `entrypoint.sh` - Running `entrypoint.sh` locally or in a pod would send the report via email to the email address set under `RECEPIENT` environment variable -- Download the attachment from the email and use `base64 --decode` to decode the file -- After the decode, you can extract the contents from the archive +- Download the attachment from the email and use `base64 --decode` to decode the file `base64 --decode results.tar.gz>decoded_results.tar.gz` +- After the decode, you can extract the contents from the archive and use the browser to preview them `file://<<PATH_TO_FILE>>/req_browser-to-log---<<TIMESTAMP>>.html` ## References diff --git a/docker/keycloak/Dockerfile-24-perf b/docker/keycloak/Dockerfile-24-perf new file mode 100644 index 00000000..44961cf6 --- /dev/null +++ b/docker/keycloak/Dockerfile-24-perf @@ -0,0 +1,39 @@ +FROM maven:3.8.5-openjdk-17-slim AS extensions-builder + +COPY ./extensions-24 /tmp/ +WORKDIR /tmp/ +RUN mvn -B clean package --file pom.xml + +FROM registry.redhat.io/rhbk/keycloak-rhel9:24-17 as builder + +# Enable health and metrics support +ENV KC_HEALTH_ENABLED=true +ENV KC_METRICS_ENABLED=true + +# Configure a database vendor +ENV KC_DB=postgres + +# un-comment when dataset required for loadtests +COPY ./dataset-providers/keycloak-benchmark-dataset-0.15-SNAPSHOT.jar /opt/keycloak/providers + +COPY --from=extensions-builder /tmp/services/target/bcgov-services-1.0.0.jar /opt/keycloak/providers/ + +WORKDIR /opt/keycloak + +RUN /opt/keycloak/bin/kc.sh build + +FROM registry.redhat.io/rhbk/keycloak-rhel9:24-17 + +COPY --from=builder /opt/keycloak/ /opt/keycloak/ + +# copy the theme directory to `/opt/keycloak/themes/` for now, but we can consider to archive to be deployed later. +COPY ./extensions-24/themes/src/main/resources/theme /opt/keycloak/themes + +COPY ./configuration/24/keycloak.conf /opt/keycloak/conf + +COPY ./configuration/24/quarkus.properties /opt/keycloak/conf + +COPY ./configuration/24/keycloak-default-user-profile.json /tmp + +# change these values to point to a running postgres instance +ENTRYPOINT ["/opt/keycloak/bin/kc.sh"] diff --git a/k6/k6-runner/Makefile b/k6/k6-runner/Makefile index 4ac6e831..2800c956 100644 --- a/k6/k6-runner/Makefile +++ b/k6/k6-runner/Makefile @@ -12,5 +12,5 @@ run_job: .PHONY: cleanup cleanup: - oc -n $(NAMESPACE) delete job sso-k6 + oc -n $(NAMESPACE) delete job sso-k6 --ignore-not-found=true oc -n $(NAMESPACE) delete configmap k6-config