From 01e5d504341c252a9b76dc8b32ee4780263fb164 Mon Sep 17 00:00:00 2001 From: Nithin Shekar Kuruba Date: Wed, 22 Jan 2025 13:57:44 -0800 Subject: [PATCH 1/6] feat: ocp templates for keycloak benchmark --- .../publish-image-benchmark-runner.yml | 63 +++++++++++++++++++ benchmark/Dockerfile | 22 +++++++ benchmark/Makefile | 12 ++++ benchmark/openshift/dc.yaml | 58 +++++++++++++++++ 4 files changed, 155 insertions(+) create mode 100644 .github/workflows/publish-image-benchmark-runner.yml create mode 100644 benchmark/Dockerfile create mode 100644 benchmark/Makefile create mode 100644 benchmark/openshift/dc.yaml diff --git a/.github/workflows/publish-image-benchmark-runner.yml b/.github/workflows/publish-image-benchmark-runner.yml new file mode 100644 index 00000000..aa8e5ecb --- /dev/null +++ b/.github/workflows/publish-image-benchmark-runner.yml @@ -0,0 +1,63 @@ +name: Create and publish Benchmark Runner Docker image + +on: + push: + branches: + - main + - dev + - SSOTEAM-2187 + paths: + - 'benchmark/**' + - '.github/workflows/publish-image-benchmark-runner.yml' + +env: + GITHUB_REGISTRY: ghcr.io + REDHAT_REGISTRY: registry.redhat.io + IMAGE_NAME: bcgov/sso-benchmark-runner + +jobs: + build-and-push-image: + runs-on: ubuntu-20.04 + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Log in to the GitHub Container registry + uses: docker/login-action@v2 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Build and push Docker image + uses: docker/build-push-action@v3 + with: + context: benchmark + push: true + tags: ${{ env.GITHUB_REGISTRY }}/${{env.IMAGE_NAME}}:dev + file: benchmark/Dockerfile + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/benchmark/Dockerfile b/benchmark/Dockerfile new file mode 100644 index 00000000..89580182 --- /dev/null +++ b/benchmark/Dockerfile @@ -0,0 +1,22 @@ +FROM eclipse-temurin:21 + +RUN apt-get update \ + && apt-get install -y wget tar gzip bash jq uuid-runtime curl + +ENV KEYCLOAK_BENCHMARK_VERSION=keycloak-benchmark-0.15-SNAPSHOT + +# Set working directory +WORKDIR /app + +RUN wget https://github.com/keycloak/keycloak-benchmark/releases/download/0.15-SNAPSHOT/${KEYCLOAK_BENCHMARK_VERSION}.tar.gz + +# Extract the archive +RUN tar -xzf ${KEYCLOAK_BENCHMARK_VERSION}.tar.gz + +RUN rm ${KEYCLOAK_BENCHMARK_VERSION}.tar.gz + +RUN chmod +x /app/${KEYCLOAK_BENCHMARK_VERSION}/bin/*.sh + +WORKDIR /app/${KEYCLOAK_BENCHMARK_VERSION}/bin + +ENTRYPOINT ["./kcb.sh"] diff --git a/benchmark/Makefile b/benchmark/Makefile new file mode 100644 index 00000000..68e44331 --- /dev/null +++ b/benchmark/Makefile @@ -0,0 +1,12 @@ +SHELL := /usr/bin/env bash + +# make NAMESPACE="" + +.PHONY: run_job +run_job: + oc -n $(NAMESPACE) process -f ./openshift/dc.yaml | oc -n $(NAMESPACE) apply -f - + +.PHONY: cleanup +cleanup: + oc -n $(NAMESPACE) delete job sso-benchmark-runner + oc -n $(NAMESPACE) delete pvc sso-benchmark-runner-pvc diff --git a/benchmark/openshift/dc.yaml b/benchmark/openshift/dc.yaml new file mode 100644 index 00000000..d39a4773 --- /dev/null +++ b/benchmark/openshift/dc.yaml @@ -0,0 +1,58 @@ +kind: Template +apiVersion: v1 +objects: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: ${NAME}-pvc + spec: + accessModes: + - ReadWriteMany + storageClassName: netapp-file-standard + resources: + requests: + storage: 200Mi + - apiVersion: batch/v1 + kind: Job + spec: + backoffLimit: 0 + template: + metadata: + creationTimestamp: null + spec: + volumes: + - name: ${NAME}-pvc + persistentVolumeClaim: + claimName: ${NAME}-pvc + containers: + - image: ${IMAGE_REPOSITORY}:${IMAGE_TAG} + name: ${NAME} + args: + - ${CONFIG} + resources: + limits: + cpu: 2 + memory: 5Gi + requests: + cpu: 500m + memory: 500Mi + volumeMounts: + - name: ${NAME}-pvc + mountPath: /app/${KEYCLOAK_BENCHMARK_VERSION}/results + restartPolicy: Never + metadata: + name: ${NAME} + labels: + app: ${NAME} + component: ${NAME}-job +parameters: + - name: NAME + value: sso-benchmark-runner + - name: IMAGE_TAG + value: dev + - name: IMAGE_REPOSITORY + value: ghcr.io/bcgov/sso-benchmark-runner + - name: KEYCLOAK_BENCHMARK_VERSION + value: keycloak-benchmark-0.15-SNAPSHOT + - name: CONFIG + description: Configuration set of parameters for the test From 5996dd976e1786c4a7afbbb5ce9883d7f21dd0db Mon Sep 17 00:00:00 2001 From: Nithin Shekar Kuruba Date: Wed, 22 Jan 2025 15:05:38 -0800 Subject: [PATCH 2/6] feat: create .java dir and give permissions --- benchmark/Dockerfile | 4 ++++ benchmark/openshift/dc.yaml | 18 ++++++++++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/benchmark/Dockerfile b/benchmark/Dockerfile index 89580182..c23cb3b2 100644 --- a/benchmark/Dockerfile +++ b/benchmark/Dockerfile @@ -17,6 +17,10 @@ RUN rm ${KEYCLOAK_BENCHMARK_VERSION}.tar.gz RUN chmod +x /app/${KEYCLOAK_BENCHMARK_VERSION}/bin/*.sh +RUN mkdir -p ~/.java + +RUN chmod -R 777 ~/.java + WORKDIR /app/${KEYCLOAK_BENCHMARK_VERSION}/bin ENTRYPOINT ["./kcb.sh"] diff --git a/benchmark/openshift/dc.yaml b/benchmark/openshift/dc.yaml index d39a4773..81cf2a67 100644 --- a/benchmark/openshift/dc.yaml +++ b/benchmark/openshift/dc.yaml @@ -9,6 +9,7 @@ objects: accessModes: - ReadWriteMany storageClassName: netapp-file-standard + volumeMode: Filesystem resources: requests: storage: 200Mi @@ -28,7 +29,11 @@ objects: - image: ${IMAGE_REPOSITORY}:${IMAGE_TAG} name: ${NAME} args: - - ${CONFIG} + - --scenario=${SCENARIO} + - --server-url=${SERVER_URL} + - --admin-username=${ADMIN_USERNAME} + - --admin-password=${ADMIN_PASSWORD} + - ${ADDITIONAL_CONFIG} resources: limits: cpu: 2 @@ -54,5 +59,14 @@ parameters: value: ghcr.io/bcgov/sso-benchmark-runner - name: KEYCLOAK_BENCHMARK_VERSION value: keycloak-benchmark-0.15-SNAPSHOT - - name: CONFIG + - name: SCENARIO + description: The scenario to run + default: 'keycloak.scenario.authentication.ClientSecret' + - name: SERVER_URL + description: The URL of the Keycloak server + - name: ADMIN_USERNAME + description: The admin username + - name: ADMIN_PASSWORD + description: The admin password + - name: ADDITIONAL_CONFIG description: Configuration set of parameters for the test From 729e33619f9b3537767e546b82cd43bcdf77374d Mon Sep 17 00:00:00 2001 From: Nithin Shekar Kuruba Date: Wed, 22 Jan 2025 15:52:08 -0800 Subject: [PATCH 3/6] feat: create .java dir and give permissions --- benchmark/Dockerfile | 5 ++--- benchmark/openshift/dc.yaml | 1 + 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/benchmark/Dockerfile b/benchmark/Dockerfile index c23cb3b2..a43dda6f 100644 --- a/benchmark/Dockerfile +++ b/benchmark/Dockerfile @@ -17,9 +17,8 @@ RUN rm ${KEYCLOAK_BENCHMARK_VERSION}.tar.gz RUN chmod +x /app/${KEYCLOAK_BENCHMARK_VERSION}/bin/*.sh -RUN mkdir -p ~/.java - -RUN chmod -R 777 ~/.java +RUN mkdir -p /root/.java/.userPrefs && \ + chmod -R 777 /root/.java WORKDIR /app/${KEYCLOAK_BENCHMARK_VERSION}/bin diff --git a/benchmark/openshift/dc.yaml b/benchmark/openshift/dc.yaml index 81cf2a67..0428e474 100644 --- a/benchmark/openshift/dc.yaml +++ b/benchmark/openshift/dc.yaml @@ -27,6 +27,7 @@ objects: claimName: ${NAME}-pvc containers: - image: ${IMAGE_REPOSITORY}:${IMAGE_TAG} + imagePullPolicy: Always name: ${NAME} args: - --scenario=${SCENARIO} From a768988491eeb0af1d57649b46d82741c5a42606 Mon Sep 17 00:00:00 2001 From: Nithin Shekar Kuruba Date: Wed, 22 Jan 2025 16:05:13 -0800 Subject: [PATCH 4/6] feat: ready for pr --- benchmark/Dockerfile | 3 --- benchmark/Makefile | 8 +++++++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/benchmark/Dockerfile b/benchmark/Dockerfile index a43dda6f..89580182 100644 --- a/benchmark/Dockerfile +++ b/benchmark/Dockerfile @@ -17,9 +17,6 @@ RUN rm ${KEYCLOAK_BENCHMARK_VERSION}.tar.gz RUN chmod +x /app/${KEYCLOAK_BENCHMARK_VERSION}/bin/*.sh -RUN mkdir -p /root/.java/.userPrefs && \ - chmod -R 777 /root/.java - WORKDIR /app/${KEYCLOAK_BENCHMARK_VERSION}/bin ENTRYPOINT ["./kcb.sh"] diff --git a/benchmark/Makefile b/benchmark/Makefile index 68e44331..0f6433dd 100644 --- a/benchmark/Makefile +++ b/benchmark/Makefile @@ -1,10 +1,16 @@ SHELL := /usr/bin/env bash +NAMESPACE := +SCENARIO := keycloak.scenario.authentication.ClientSecret +SERVER_URL := +ADMIN_USERNAME := +ADMIN_PASSWORD := +ADDITIONAL_CONFIG := "" # make NAMESPACE="" .PHONY: run_job run_job: - oc -n $(NAMESPACE) process -f ./openshift/dc.yaml | oc -n $(NAMESPACE) apply -f - + oc -n $(NAMESPACE) process -f ./openshift/dc.yaml -p SCENARIO=$(SCENARIO) -p SERVER_URL=$(SERVER_URL) -p ADMIN_USERNAME=$(ADMIN_USERNAME) -p ADMIN_PASSWORD=$(ADMIN_PASSWORD) -p ADDITIONAL_CONFIG=$(ADDITIONAL_CONFIG)| oc -n $(NAMESPACE) apply -f - .PHONY: cleanup cleanup: From c0784b4e72a3b372103051fd87e2cf31fb230699 Mon Sep 17 00:00:00 2001 From: Nithin Shekar Kuruba Date: Wed, 22 Jan 2025 16:30:43 -0800 Subject: [PATCH 5/6] feat: ready for pr --- benchmark/Makefile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/benchmark/Makefile b/benchmark/Makefile index 0f6433dd..6d6bc1a0 100644 --- a/benchmark/Makefile +++ b/benchmark/Makefile @@ -1,10 +1,13 @@ SHELL := /usr/bin/env bash NAMESPACE := -SCENARIO := keycloak.scenario.authentication.ClientSecret +SCENARIO := keycloak.scenario.authentication.AuthorizationCode SERVER_URL := ADMIN_USERNAME := ADMIN_PASSWORD := -ADDITIONAL_CONFIG := "" + +# make sure scenario is set to the correct value +# test #1 - 34 users per second for 30 minutes (1800 seconds) with 101 users per realm and 101 clients per realm +ADDITIONAL_CONFIG := "--users-per-sec=34 --ramp-up=300 --users-per-realm=101 --measurement=1800 --clients-per-realm=101" # make NAMESPACE="" From f649a13ce6b24625bac21056c44c2223bd738500 Mon Sep 17 00:00:00 2001 From: Nithin Shekar Kuruba Date: Wed, 22 Jan 2025 16:31:25 -0800 Subject: [PATCH 6/6] feat: ready for pr --- .github/workflows/publish-image-benchmark-runner.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publish-image-benchmark-runner.yml b/.github/workflows/publish-image-benchmark-runner.yml index aa8e5ecb..5517a859 100644 --- a/.github/workflows/publish-image-benchmark-runner.yml +++ b/.github/workflows/publish-image-benchmark-runner.yml @@ -5,7 +5,6 @@ on: branches: - main - dev - - SSOTEAM-2187 paths: - 'benchmark/**' - '.github/workflows/publish-image-benchmark-runner.yml'